[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays
From: George Kadianakis <desnacked@xxxxxxxxxx>
Date: Tue, 09 Dec 2014 18:22:39 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 09 Dec 2014 13:22:57 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1418149361; bh=xRA9x9iJjm4+W5sSI62M1wem4Spqr5NlN/YaU1iipMs=; h=From:To:Subject:In-Reply-To:References:Date:From; b=C6J6qyjRBxv5/wwhixm2Bluwagy7BNOIChZbF+NWC0EaolXOxzLhwjqRwUD+6QK3c LuS8DbSY0eizn1Ut4CsjduwHodD8yNR55HHZZFe5xnGX5t0ySXqRvGJMAcbmDg+2PZ aSEgBr/KfC2GU998SwoN4AJimFR35tH90S356FT8=
In-reply-to: <CB690905-7F10-41FD-B037-E5E1CE66C62F@xxxxxxxxxxxx> (A. Johnson's message of "Tue, 9 Dec 2014 10:54:28 -0500")
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <8761e3uqoc.fsf@xxxxxxxxxx> <877fy2rnbz.fsf@xxxxxxxxxx> <CB690905-7F10-41FD-B037-E5E1CE66C62F@xxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Microsoft Outlook Express 6.00.2900.5843

"A. Johnson" <aaron.m.johnson@xxxxxxxxxxxx> writes:

> Hi George,
>

Hello!

> I recommend a change to the way that these statistics are
> obfuscated. The problem is that new noise is used every day, and from
> the distribution of the reported bins, the exact location within the
> bin (assuming the stat stats constant) can be reported.
>

Assuming that the underlying value is constant and since our Laplace
distribution is public, the adversary can observe which bin is
reported each time and get a probability distribution for the
underlying value.

This indeed seems plausible under the powerful assumption that the
underlying stat is constant.

> So instead of this
>
>>                   +--------------+    +--------------------+
>>   actual value -> |additive noise| -> |round-up obfuscation| -> public statistic
>>                   +--------------+    +ââââââââââ+
>
> I recommend that you flip the order, so that it is like this
>                   +--------------+    +--------------------+
>   actual value -> |round-up obfuscation| -> |additive noise| -> public statistic
>                   +--------------+    +ââââââââââ+
>
> âAdditive noiseâ in the context of bins is actually just a distribution over bins. You can think of it in two ways:
>   1. Add Laplace noise to the bin center, and then report the bin of the resulting number.

Hm, you mean something like this, right?

                   +--------------+    +--------------------+    +--------------+
   actual value -> |   binning    | -> |  addditive noise   | -> |   binning    | -> public statistic
                   +--------------+    +ââââââââââ----------+    +--------------+

where the additive noise is applied to the center of the first bin?

I can see how this is better, since the underlying value gets
immediately smoothed by binning. However, it does give me a weird
hacky feeling...

Is this construction something that has been used before?

Thanks for the feedback!

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays
  - From: A. Johnson

References:
- Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays
  - From: George Kadianakis
- Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays
  - From: A. Johnson

Prev by Author: Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays
Next by Author: Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays
Previous by thread: Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays
Next by thread: Re: [tor-dev] Proposal draft: Better hidden service stats from Tor relays
Index(es):
- Author
- Thread