[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Circuits still shared?
Thus spake Roger Dingledine (arma@xxxxxxx):
> Yep.
>
> > Are there any plans to disable this circuit sharing mechanism via a
> > config option?
>
> No, because a new circuit for every TCP connection is too expensive. For
> example, you would open a new circuit for every little 1x1 pixel on the
> cnn frontpage. This means it would dramatically slow down Tor for users,
> and worse, the public key ops required for making these circuits would
> overpower the CPUs of our volunteer servers.
>
> But we've got a new tool for resolving this, if you want to start
> experimenting. You can write a Tor controller that intercepts each stream
> request and decides, for each destination, which circuit to use.
>
> http://tor.eff.org/cvs/tor/doc/control-spec.txt
> http://tor.eff.org/cvs/control/doc/howto.txt
>
> And see Geoff's Blossom project for an example:
> http://afs.eecs.harvard.edu/~goodell/blossom/
>
> It may be best to first think hard about the tradeoffs of various
> approaches to dividing streams over circuits, since optimizing for your
> anonymity vs somebody else's donated CPU sounds like a pretty tough
> graph to nail down. Let us know when you have some designs and we'll
> start thinking about how to analyze and compare them.
So the naive best-effort-first approach would be to send all
connections to the same host (or maybe even second level domain)
through the same circuit. Each time a new domain is encountered, a
different circuit is chosen, preferably a clean one if available. If
no clean circuits are left, then perhaps the user could be notified
that Tor is now fully "nym-dirty" and would have the option of
specifying to reset their circuits via the control you proposed in
the next post. Otherwise the control ap would continue rotating
through the circuits.
What do you think about the load of this approach? Is the load based
on the number of circuits the client generates at a given time? Does
doubling the number of circuits in the tor client double CPU usage at
the servers? Or is there some other factor here?
It would obviously be easier to keep the user from running out of
circuits if the circuit pool size was increased to their average
number of domains visited in a 10 minute interval.
As I have a bad habbit of thinking I will have time to do something
when in fact I do not (day jobs.. ugh), I should probably say that
right now I probably don't have time to implement this, but if I
notice it often enough where it gets annoying and worrysome, maybe I
will have a go at it.
From playing with the control port over telnet, it does look like it
should be simple enough that I should be able to do a perl prototype
on a saturday afternoon or something though.
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs