[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is three hops enough? (was Re: Tor client over a SOCKS proxy, and Tor client running through another Tor Circuit)

Hash: RIPEMD160
Nick Mathewson wrote:
> Congratulations; you just invented high-latency mix-nets. :)
> The problem is that nobody can prove that these "jumbling"
> techniques do any good in resisting an attacker until you increase
> the delay to the point where messages take a very long time to
> arrive.  When this happens, you wind up with a very low number of
> users, so you don't get much anonymity anyway.
> You can find out more about the last 25 years of anonymity research
> at http://freehaven.net/anonbib/ .
> yrs,
in the end the only way to give a major boost to the anonymity of tor
is to find some way to get more people running servers, and it is my
opinion that the way to do this is to make clients run a low bandwidth
link which is used to serve low bandwidth low latency streams. this
would increase the anonymity of users by mixing their streams up with
other users, which would have a damaging effect on the ability to do
timing attacks because of the mixing and the uniformity of packets
between servers and servers, and clients and servers. This will not be
practical without some kind of latency classification in the system,
because by and large streams are either high latency high bandwidth or
low latency low bandwidth (connectionless versus interactive streams).
the side effect is that it would probably help further reduce latency
for interactive users and increase anonymity for all clients.

i believe it says in the faq that running a server on a machine used
mainly for running a client helps anonymity because the node
participates in unrelated traffic to the user's traffic. i have been
complaining for quite some time about the arbitrary 20kb/s bottom end
of server bandwidth limiting - the reason being that only connections
with 256kbps upstream or better can do this, and mind you, are being
quite heavily loaded, and connections with 56, 64 and 128kbps upstream
links are excluded from participating unless a secondary program is
used to force the traffic of the server to below 50% of the upstream.

this is a very small modification with very big implications - it
could mean that when installing, the user could be queried about their
upstream bandwidth (or indeed there may be some way to directly
determine this without user interaction) and have half of it assigned
to server traffic as a top-end limit. it is not at all unreasonable to
ask that people using the network give something back, especially when
doing so will increase their anonymity.
Version: GnuPG v1.4.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org