[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: chaining JAP and Tor

Hi Ben,

On Thu, Jul 21, 2005 at 08:03:58PM +0000, Ben Clifford wrote:
> Dear Paul,
> Thanks ever so much for spending so much time on your post. I am very new 
> to all this and won't pretend that I understood all of it. But can I just 
> ask you to perhaps put it like this to me:
> You see no advantage (increased level of anonymity) in chaining JAP and 
> Tor. Is chaining them neutral (ie. no increased or decreased anonymity) or 
> detrimental (with chaining them there is less anonymity conferred than if 
> using just one or the other)?

Well I was raising it as a challenge: it would seem this suggestion
has problems, so what envisioned advantage are you suggesting? But if
you are a neophyte, that challenge isn't exactly fair. It may be that
there is a way to build something good out of this suggestion.

  Aside: It is in fact somewhat similar to the hierarchical or
  hydra---respectively two-headed hydra--design that has been part of
  onion routing discussions going back ten years, although I don't
  think any of that is in officially published stuff.  The advantage
  is to have Tor-like hiding of source (and in the two-headed case,
  source and destination) but traffic aggregation advantages by
  running it through larger pipes (possibly in a cascade) in the
  middle (or at one end). If you don't follow what I'm saying just
  ignore this aside.

But, on the face of it I see putting JAP after Tor as hurting (not
just neutral) because you have a more predictable exit point for your
traffic. And unless you abuse Tor, you will be worse than JAP alone
because you cannot have constant behavior clients in a relatively
persistent anonymity set. (That's in theory. I'm not sure I believe
JAP gets you that protection in practice even by itself, but I'm
trying to avoid going into a JAP vs. Tor debate on effective
protection. I'm sure the JAP team would say something quite

Bottom line: For the current systems I think it is worse not neutral
to combine them.

> Of course anonymity is just one factor - maybe speed would come into it as 
> well. But just focusing on anonymity for now.

Running your system through two anonymizing systems rather than one
is not going to help your speed, or was that what you meant?