[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The use of malicious botnets to disrupt The Onion Router



On Sun, Feb 03, 2008 at 05:14:20PM +0000, Michael Rogers wrote:
> Andrew wrote:
> >Is there anyone who could give a (somewhat professional) assessment of 
> >how a web-of-trust feature would impact on anonymity? How about tor's 
> >overall performance?
> 
> George Danezis has looked at using sparse expander graphs for mix 
> networks [1]: each node has a small number of neighbours but can reach 
> any other node in a small number of hops, so if the circuit is long 
> enough the entry node can't narrow down the list of possible exit nodes 
> or vice versa. Unlike Tor, the small number of neighbours per node makes 
> it possible to provide cover traffic.
> 
> It's not clear whether social networks are good expanders [2][3], but 
> Shishir Nagaraja has looked at using social networks for mix networks 
> [4]; the LiveJournal social network appears to be suitable, although you 
> have to use more cover traffic than you would in an ideal expander graph.
> 

Those are all nice starting points. Roger also has some research in
this area that goes as far as anything to date in looking at the
issues. It may have been mentioned on this list or not ready for the
public (can't recall which). I've been talking to George and others
about this... In other words, there are people who know Tor quite well
who recognize the issues and are thinking about this area along with
others. People should please continue to discuss. The only thing I
wanted to point out is that this has at least as much of hard basic
problems to solve before its fully ready as say, switching to UDP or
some of the other basic issues, probably more.  (Cf. the challenges
paper http://www.onion-router.net/Publications.html#challenges where
some of the difficulties are raised.)  But there are already some
smart people looking at it (and me too). So I'm not holding my breath,
but I'm hopeful.

aloha,
Paul