Re: Bandwidth throttling (was Re: Padding)

[Roger Dingledine <arma@mit.edu>]

On Fri, Jul 05, 2002 at 07:57:54PM -0400, Roger Dingledine wrote:
> Assuming we're pretty good at ordering Bobs based on suspicion, this sort
> of attack is very effective. Can anybody improve on my attacks? Are they
> attacks we're willing to live with?

Two things that I was going to say but didn't:

* If there are many many nodes, then at some point it becomes more
effective to do the "walk along the circuit" attack. This is particularly
the case if the circuit is only 3 or 4 hops long. Basically we want to
look at the ratio between number of exit nodes in the network to expected
number of hops in the path.

* Yvo Desmedt's paper at Ross Anderson's economics workshop. 
http://www.sims.berkeley.edu/resources/affiliates/workshops/econsecurity/econws/33.ps
The summary is "not all nodes are equivalently hard to break into". So
perhaps a better roving adversary model assigns each node a cost, and the
roving adversary has a budget he can spend each timeclick. By choosing
appropriately expensive entry nodes, we might change the adversary's
optimal strategy.

--Roger