[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] New Astoria Tor client is said to be better than plain Tor



On Fri, May 22, 2015 at 9:40 PM, Yuri <yuri@xxxxxxxxx> wrote:

> On 05/22/2015 14:26, Rishab Nithyanand wrote:
>
>> Our evaluation shows that it does quite well to avoid asymmetric
>> correlation attacks, but the performance is a bit off from Tor (metric:
>> page load times for Alexa Top 100 from 10 countries).
>>
>
> But such attacks exploit bursts of traffic with higher-than-average
> byterate, or frequent changes of the traffic intensity. Would an option
> limiting bandwidth of the tor connection also make it more secure in the
> similar way?
>
>
Potentially. The way I see it, there are two approaches one might take to
avoid the problem of correlation attacks.

(1) Build circuits that avoid the possibility of ASes that may perform
correlation.

(2) Control traffic flows from exits to destinations so that even though
attempts of correlation are possible, they are hard/impossible to perform
with any reasonable accuracy.

We took the former approach. This is not to say that the latter is not
possible.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk