[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Matryoshka: Are TOR holes intentional?
On Wed, Jun 17, 2015 at 10:43 PM, benjamin barber <barberb@xxxxxxxxxxx>
> I didn't have a problem finding Matryoshka networks but not software
> called "Matryoshka", just as were not using running "onion software",
> some different software use the Matryoshka network method to communicate.
> On Wed, Jun 17, 2015 at 9:51 PM, Roger Dingledine <arma@xxxxxxx> wrote:
>> On Thu, Jun 18, 2015 at 12:02:45AM -0400, grarpamp wrote:
>> > We also need to take a serious look at TOR, and
>> > without emotional bias, consider if a serious flaw was designed in.
>> "Traffic analysis is the first hole plugged by Matryoshka, but ignored
>> by TOR."
>> I couldn't figure out how to actually fetch this "Matryoshka" software,
>> but it sure looks like another case of somebody not understanding the
>> research field, and thinking that solving the traffic confirmation
>> attack is easy, without actually thinking through the engineering side,
>> the scaling side, or the statistics side.
>> For background see e.g.
>> It makes sense that if you think solving the problem is easy, you
>> wonder why Tor hasn't solved it.
>> But even full scale padding, ignoring the practical side of how to get a
>> Tor network that can afford to waste so much bandwidth, doesn't provide
>> protection in the face of active attacks where you induce a gap on one
>> side and then observe the gap on the other side. And it might even be
>> the case that these gaps happen naturally by themselves, due to network
>> congestion and so on, so maybe passive observers will be winners even
>> against a design that does full padding.
>> Also, to make it really work in practice, all users are going to need
>> to pad not just while fetching their web page or iso or whatever, but
>> sufficiently before and after that too, else an attacker can match up
>> start times and end times:
>> This is a great area for further research:
>> tl;dr the whole premise of this person's blog post is flawed, since
>> their design likely does not work as they think it does.
>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>> To unsubscribe or change other settings go to
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to