[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor -> VPN Clarification



On Fri, Jan 30, 2015 at 07:15:30PM -0700, Mirimir wrote:
> On 01/30/2015 06:48 PM, grarpamp wrote:
> > On Fri, Jan 30, 2015 at 7:54 PM, Mirimir <mirimir@xxxxxxxxxx> wrote:
> >> JonDoNym / JAP
> > 
> > I'm seeing references to this tool pop up recently in various
> > places. Keep in mind the controversie from years ago
> > and read the label on the tin carefully. That's not to say
> > it's not fit for use once you understand its fitness.
> > https://en.wikipedia.org/wiki/Java_Anon_Proxy
> 
> That is a concern. And although they've arguably addressed it through
> diversification in multiple jurisdictions, they're upfront about
> focusing on business-class pseudonymity.
> 
> In anonymity space, they are far closer to VPNs than to Tor, I think.
> Also, their mixes are fixed. So as with VPNs, there's a one-to-one
> mapping of entry and exit IPs. Furthermore, their userbase is much
> smaller than for Tor and popular VPN services.

That's right. They are using mixes not onion routers. It's a different
architecture with a different threat model. Tor's security is largely
based on having a large and diverse enough set of entry and exit
points to the network that it is hard for a practical advesary to
watch (and possibly disrupt to create a timing signal) both ends of a
connection at once. An adversary that can do so however is assumed to
be able to correlate source and destination. JAP's security is based
on the mix concept, wherein the adversary is assumed able to see both
sides of a connection (which would break anonymity for Tor), but the
timing properties of connections are such that it is difficult to say
which of the concurrent connections on the client side of the mix
correlates with which connection on the destination side.  Creating a
fixed path of mixes (known as a mix cascade) run by different
operators means that there is not a single mix that knows that
correlation. JAP, unlike Tor, is meant to remain secure even if an
adversary can see connections on both sides. To be successful at this
a low-latency cascade like JAP must maintain a constant (or adequately
large) anonymity set of the same persistent clients concurrently and
must use padding and other techniques to prevent natural or induced
patterns from giving away the correlation.

aloha,
Paul
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk