Hello Florentin Rochet wrote: > Hello, > > > On 2018-03-07 14:31, Aaron Johnson wrote: >> Hello friends, >> >>> 1) The cost of IPs vs. bandwidth is definitely a function of market >>> offers. Your $500/Gbps/month seems quite expensive compared to what >>> can be found on OVH (which is hosting a large number of relays): they >>> ask ~3 euros/IP/month, including unlimited 100 Mbps traffic. If we >>> assume that wgg = 2/3 and a water level at 10Mbps, this means that, >>> if you want to have 1Gbps of guard bandwidth, >>> - the current Tor mechanisms would cost you 3 * 10 * 3/2 = 45 euros/month >>> - the waterfilling mechanism would cost you 3 * 100 = 300 euros/month >> >> The question of what the cheapest attack is can indeed be estimated by >> looking at market prices for the required resources. Your cost >> estimate of 3.72 USD/Gbps/month for bandwidth seems off by two orders >> of magnitude. >> > > Let me merge your second answer here: > >> I see that I misread your cost calculation, and that you estimated $37.20/Gbps/month instead of $3.72/Gbps/month. This still seems low by an order of magnitude. Thus, my argument stands: waterfilling would appear to decrease the cost to an adversary of getting guard probability compared to Tor’s current weighting scheme. > > There is still something wrong. Let's assume the adversary wants to run > 1 Gbps of real guard bandwidth. > > With vanilla Tor, the cheapest (considering only OVH) is: > > VPS SSD 1 (https://www.ovh.com/fr/vps/vps-ssd.xml): You need 10 of them > to reach 1Gbps of bandwidth, but you need 15 of them to actually relay 1 > Gbps in the guard position (due to wgg = 2/3 roughly). This is our > calculation above: 3*10*3/2 = 45 euros/month (or a few more dollars). > > With Waterfilling, we assume above a water level of 10 Mbits, so we need: > > 100 VPS SSD 1 relaying 1Gbps at the guard position, which the cost turns > to be 3*100 = 300 euros/month. > [....] A VPS is a shared resource environment. All VPSes on a single physical server share the same NIC(s). While they do advertise a port speed (like unlimited traffic at 100 mbps, 250 mbps, 1gbps, etc) they actually refer to the theoretical physical NIC speed. Absolutely all of them have something like a 'fair usage policy', which means that if you use more than n % of your port's theoretical max speed during m % of time, they will either: a) throttle your VPS to something they find reasonable, like 5mbps or 10mbps maximum (could be far less); b) suspend your service and force you to get dedicated hardware + dedicated switch port and bandwidth. I can guarantee you will never ever _ever_ run 1gpbs of total real effective bandwidth at the guard position at the cost of 45 euros / month nowhere in the world (doesn't matter if it's Europe, US or whatever). Try getting a 3 euros VPS and you'll see that you won't be able to saturate its port for too long.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev