[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Matryoshka: Are TOR holes intentional?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
From: Alan Hiew <alanhiew@xxxxxxxxxxxxxxx>
Date: Sat, 20 Jun 2015 03:48:35 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 19 Jun 2015 23:58:02 -0400
In-reply-to: <20150618045108.GE7957@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti2-xVw_W2YDqkdQHmcHyKBDQjfT5jvc-8m3EAU8UkqxrUA@xxxxxxxxxxxxxx> <20150618045108.GE7957@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Ð Thu, 18 Jun 2015 00:51:08 -0400
Roger Dingledine <arma@xxxxxxx>:

> It makes sense that if you think solving the problem is easy, you
> wonder why Tor hasn't solved it.
> 
> But even full scale padding, ignoring the practical side of how to
> get a Tor network that can afford to waste so much bandwidth, doesn't
> provide protection in the face of active attacks where you induce a
> gap on one side and then observe the gap on the other side. And it
> might even be the case that these gaps happen naturally by
> themselves, due to network congestion and so on, so maybe passive
> observers will be winners even against a design that does full
> padding.

And splitting and merging of encrypted TCP packets at random positions
are possible solution, with addition random number (several tens max) of
random bytes to each packet? Or this has already realized in pluggable
transports but I don't know?

As I understand, attacks of this type based on comparing of logs/dumps
at both ends of TOR chain: user's local ISP and distant server (may be
with specially created trapping web site). Even if content of these
packets can't be decrypted, comparing of number, lenghts and times of
packets make it possible to establish the fact of connection. Even user
had been loading several pages from different sites simultaneously, its
possible to evolve packets by its lengths because each TOR node in
chain decrease lenght of packet by fixed number of bytes when
decrypting a layer. Isn't it?

Alan Hiew
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: grarpamp
- Re: [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: Roger Dingledine

Prev by Author: Re: [tor-talk] Clear net and Tor site on the same server
Next by Author: Re: [tor-talk] Invaded by disconnect.me
Previous by thread: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Next by thread: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Index(es):
- Author
- Thread