| Hello Katharina, Sounds like a great project. I have a couple of suggestions: 1. Consider how to use mixing to anonymize Torâs name resolution system. Currently, clients connect to onion service by first resolving the onion address (e.g. xyzblah.onion) to a descriptor using a distributed hash table. That hash table can easily be infiltrated by an adversary running relays, and if the adversary also controls a clientâs guard they can deanonymize the client during the lookup. This is the attack that the CMU/CERT researchers performed [0] as well as Biryukov et al. [1]. Onion-service descriptors are very small, and so it seems to me that mixing could be applied here to defeat deanonymization. 2. Read the alpha-mixing paper [2], which first described how high-latency and low-latency traffic might be mixed together. Good luck! Aaron [1] Alex Biryukov, Ivan Pustogarov, Fabrice Thill, Ralf-Philipp Weinmann; "Content and popularity analysis of Tor hidden servicesâ; IEEE 34th International Conference on Distributed Computing Systems Workshops; 2014; <http://arxiv.org/abs/1308.6768>. [2] Roger Dingledine, Andrei Serjantov, and Paul Syverson; "Blending Different Latency Traffic with Alpha-Mixingâ; In the Proceedings of the Sixth Workshop on Privacy Enhancing Technologies (PET 2006); 2006; <http://freehaven.net/doc/alpha-mixing/alpha-mixing.pdf>.
|
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev