[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #16861 [Tor]: Pad Tor connections to collapse netflow records
#16861: Pad Tor connections to collapse netflow records
-----------------------------+--------------------------
Reporter: mikeperry | Owner: mikeperry
Type: enhancement | Status: needs_review
Priority: normal | Milestone:
Component: Tor | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+--------------------------
Comment (by arma):
Nick asked me to opine on the urgency of this patch. I haven't looked at
the design or patch in detail yet. Here's a slightly-cleaned-up paste of
my answer to him.
Big picture answer: yes, I think we should experiment with padding
approaches, with the goal of stymying some of the potential traffic
analysis attacks out there -- website fingerprinting, end-to-end
correlation, and the things in between. Padding between the guard and the
client is especially appealing because a) it looks like it can provide
pretty good mileage, and also b) I expect that we'd have an easier time
raising more capacity at guards (compared to exits) if we publicize the
reason why we need it.
I think this is a huge research area where we need to get the whole PETS
community thinking about it. We partly contributed to some potential
misunderstandings about the efficacy of end-to-end correlation attacks at
scale, by saying "Assume the correlation attack works perfectly and
instantaneously, I don't know if it does, but it might" and having that
turn into "Everybody knows the correlation attack works perfectly ad
instantaneously".
I've been envisioning even like a grand challenge: "Hey everybody, here
are five attacks, they sure seem hard to resolve, especially all at once,
but let's think about ways to increase the false positives at scale." For
some of them even a small bump in false positive rate would be huge in
practice. It would be neat to get two different designs and then have
people analyze the heck out of them. Ideally even more than two.
I think picking the first one Mike ran across is a fine thing to deploy in
the mean time, but we shouldn't rush to deploy it, or put too much stock
in its being right.
For a little while I was thinking "man, this is just going to cause some
research group to write a paper about how we're morons because look, this
padding thing doesn't help here and here." But then I realized, that's
great! Whatever it takes to get them to write the paper.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16861#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs