[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Anonymity on mobile devices



Matthew Thorne schrieb:

I like the idea of the gateway further not knowing the final product, but more useful would be if you could find some way to reverse the process or add a link so that the gateway wouldn 't know who the origin was. I know that this is just adding more trouble to the processing plate. I would be interested in hearing what kind of hand shake you are thinking about doing if not public key. I know that there are some good other one's, but none that are quite on the same level of security. Or perhaps the device could handle just the one public key exchange with out overloading. If you don't have any good idea's, I have some ideas that could be usefull to you. kind of depends on what specifically you are guarding against though. In effect: What are you trying to hide? Your actions, Your Identity/Location, or some combination of both?
As to your question:
Wireless is always going to be a security risk because we have yet to invent perfect encryption. It makes it almost imposible to get rid of risk and there is always risk while your enemies are able to freely collect your private information at will and without your knowledge.


curiosity, what costs the user more than 1 euro each time?....
or in other words
what does this  sentence mean...

<2. the OR list is quite big and cost the user more than 1 euro each time>


-=Matt=-

The idea was as follows:
A normal Tor client which wants to use the ORs in the order
[Client <=> A <=> B <=> C <=> RemoteHost]
encrypts onion skin C, wraps onion skin B around C, and finally wraps onion skin A around B.
Each OR on the way to the RemoteHost unwraps one skin.
On the way back after C received the reply from the RemoteHost, C wraps onion skin C around the reply.
B wraps onion skin B around C, and A wraps onion skin A around B.
Finally the client unwraps all the skins.


The mobile scenario would look like this: [MobileClient <=> Gateway <=> A <=> B <=> C <=> RemoteHost]
The MobileClient wraps its request in an onion skin for C and sends this cell to the Gateway.
(Before that a handshake between MobileClient and C takes place to negotiate a secret key.)
The Gateway wraps skins B and A around the cell and sends it along the circuit.
The onion skins are unwrapped at each OR like above.
Also the way back from RemoteHost to the Gateway works as usual.
But the Gateway doesn't have the secret key to unwrap the final onion skin from C.
The Gateway sends the cell with the final onion skin C to the MobileClient.
The MobileClient unwraps skin C and finally has the reply.


Actually I wasn't thinking of a different handshake, but just wanted to keep the client from doing so many public key operations.
So the MobileClient does only one Diffie-Hellman handshake with onion router C.
But if you have some good ideas for other handshake schemes which are lighter to process for the MobileClient, I would like to hear them.
We are trying to hide to which services the user connects to, and I think also his identity/location.


Getting the list of Onion Routers costs the user 1,88 Euro for example,
if he connects in Germany by GPRS which costs 2 Cent per KB.
And the OR list has a size of 941 KB.
This would be the case if the OR list would be updated completely each time you want to connect anonymously.


I hope my remarks are clear.

- Christian