Re: Anonymity on mobile devices

[Christian Beil <christian.beil@xxxxxx>]

Matthew Thorne schrieb:

> I like the idea of the gateway further not knowing the final product, 
> but more useful would be if you could find some way to reverse the 
> process or add a link so that the gateway wouldn 't know who the 
> origin was. I know that this is just adding more trouble to the 
> processing plate. I would be interested in hearing what kind of hand 
> shake you are thinking about doing if not public key. I know that 
> there are some good other one's, but none that are quite on the same 
> level of security. Or perhaps the device could handle just the one 
> public key exchange with out overloading. If you don't have any good 
> idea's, I have some ideas that could be usefull to you. kind of 
> depends on what specifically you are guarding against though. In 
> effect: What are you trying to hide? Your actions, Your 
> Identity/Location, or some combination of both?
> As to your question:
> Wireless is always going to be a security risk because we have yet to 
> invent perfect encryption. It makes it almost imposible to get rid of 
> risk and there is always risk while your enemies are able to freely 
> collect your private information at will and without your knowledge.
>
> curiosity, what costs the user more than 1 euro each time?....
> or in other words
> what does this  sentence mean...
>
> <2. the OR list is quite big and cost the user more than 1 euro each 
> time>
>
>
> -=Matt=-

The idea was as follows:
A normal Tor client which wants to use the ORs  in the order
[Client <=> A <=> B <=> C <=> RemoteHost]
encrypts onion skin C, wraps onion skin B around C, and finally wraps 
onion skin A around B.
Each OR on the way to the RemoteHost unwraps one skin.
On the way back after C received the reply from the RemoteHost, C wraps 
onion skin C around the reply.
B wraps onion skin B around C, and A wraps onion skin A around B.
Finally the client unwraps all the skins.

The mobile scenario would look like this: 
[MobileClient <=> Gateway <=> A <=> B <=> C <=> RemoteHost]
The MobileClient wraps its request in an onion skin for C and sends this 
cell to the Gateway.
(Before that a handshake between MobileClient and C takes place to 
negotiate a secret key.)
The Gateway wraps skins B and A around the cell and sends it along the 
circuit.
The onion skins are unwrapped at each OR like above.
Also the way back from RemoteHost to the Gateway works as usual.
But the Gateway doesn't have the secret key to unwrap the final onion 
skin from C.
The Gateway sends the cell with the final onion skin C to the MobileClient.
The MobileClient unwraps skin C and finally has the reply.

Actually I wasn't thinking of a different handshake, but just wanted to 
keep the client from doing so many public key operations.
So the MobileClient does only one Diffie-Hellman handshake with onion 
router C.
But if you have some good ideas for other handshake schemes which are 
lighter to process for the MobileClient, I would like to hear them.
We are trying to hide to which services the user connects to, and I 
think also his identity/location.

Getting the list of Onion Routers costs the user 1,88 Euro for example,
if he connects in Germany by GPRS which costs 2 Cent per KB.
And the OR list has a size of 941 KB.
This would be the case if the OR list would be updated completely each 
time you want to connect anonymously.

I hope my remarks are clear.

- Christian