[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Traffic shaping attack

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Traffic shaping attack
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Sun, 20 Mar 2016 17:21:17 -0400
Cc: cypherpunks@xxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 20 Mar 2016 17:21:29 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=mRdBWEQBFjWlWmqh+bou9ZlEcWamPEPZMlBZgBMhdKc=; b=GyVFs5YN9gLAZi1aVPyz/H7tQnmNJ+VEEFwSxBm7cxQAfQNqqe7UvbHHAgBCqga4mW fDFY8K81sIHELABoionWpd6r50u9SQh/eEJuPY5AFySy6t9DBqyX/1fncq5VpZuQF+Vj bNW77pS2irIRaOl5JE/xH4G+DYqfafa9T6FXhfBpW+llAQfDes4kl1UmjrlaNjKq8/Ie YXg6yMqoG0Dl+Y9FcUC5THbUL8sdiVG3cKCkn6n0n53iNIZkyiHnsp0qPTylscaXD4LK bIJRpBx79lLzyjrGZchefeN/95Adm8xhhyEHmhoYHiK0a0Vu3NSypNMEbTsxFezWYKU9 frfA==
In-reply-to: <nci43k$3ee$1@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <nci43k$3ee$1@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 3/18/16, Oskar Wendel <o.wendel@xxxxx> wrote:
> Let's set up a service in a way that it will modulate the traffic, so the
> download would look like:

That's active manipulation in / at one endpoint node.

> Then, we monitor traffic flowing into various entry nodes (remember we're
> a global adversary, having direct access to infrastructure around the
> globe) and spot the traffic that matches our pattern.

That's global / regional passive listening, needing be concerned
minimally visibility with just any other G/R IP endpoints without
needing track entire path.

Which, if presumed and likely to be deployed, combine to be nicely
effective, whether finding such clients, or services on Tor, I2P, etc.

Attack could be made much more difficult quite possibly defeated
if all nodes engaged in bucketed reclocked and jittered fill traffic with
each other (possibly along some virtual path distance >=1 hop)
and enforced peering relationships based upon receipt of same
expected and contractually obligated traffic (would you talk to or
retransmit for a node that acted sent packets as you say... fuck no).
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Traffic shaping attack
  - From: grarpamp

References:
- [tor-talk] Traffic shaping attack
  - From: Oskar Wendel

Prev by Author: Re: [tor-talk] Why my tor-assigned IP address differs from that of exit node ?
Next by Author: Re: [tor-talk] Traffic shaping attack
Previous by thread: Re: [tor-talk] Traffic shaping attack
Next by thread: Re: [tor-talk] Traffic shaping attack
Index(es):
- Author
- Thread