On Mon, Aug 20, 2012 at 10:33:29AM +0300, Maxim Kammerer wrote:
As you can see, sniffing just 25 Class-C networks (or 42 individual nodes) lets an adversary correlate ~25% of (non-.onion) circuits.
I think your numbers may not be right (there are a lot of other subtleties to the calculation), but your point is still generally correct. The Tor network doesn't have enough diversity relative to an ideal Tor network we could imagine. Worse, the Internet itself doesn't have as much diversity as we'd like either. http://freehaven.net/anonbib/#feamster:wpes2004 http://freehaven.net/anonbib/#DBLP:conf:ccs:EdmanS09 http://freehaven.net/anonbib/#oakland2012-lastor all examine AS-level path diversity. See also http://freehaven.net/anonbib/#murdoch-pet2007 for another worrying concern about bottlenecks besides ASes. I also worry about the bottleneck created by trans-ocean cables. For more details calculating diversity, see https://blog.torproject.org/blog/research-problem-measuring-safety-tor-netwo... https://trac.torproject.org/projects/tor/ticket/6232 https://trac.torproject.org/projects/tor/ticket/6443 https://trac.torproject.org/projects/tor/attachment/ticket/6443/exit-probabi... https://trac.torproject.org/projects/tor/ticket/6460 Help appreciated on those tickets!
All of these servers are in US/CA or EU jurisdiction, so even an unsophisticated LE operation can issue ~20 wiretapping orders at ISP level
Really? Across jurisdictions? And for 'all traffic of those relays'? I don't want to downplay the risk too far, but I think you overestimate "unsophisticated law enforcement operations".
(many of these networks are operated by same hosting providers), and immediately deanonymize ~25% of Tor traffic. So far for anonymity!
Well, do you have an alternative design that scales adequately to 6 or 7 figures of users, provides roughly-real-time browsing and other TCP connections, works on the Internet that we have, and has better traffic confirmation resistance? Or said another way, how well do other usable low-latency anonymity systems hold up to ongoing wiretaps at 25 arbitrary network locations? I believe the answer is 'mostly less well than Tor'. tagnaq pointed to my response to a similar question on the tor-relays list: https://lists.torproject.org/pipermail/tor-relays/2012-July/001436.html talking about the tradeoff between "make it faster but more concentrated" vs "make it less fast but less concentrated". https://metrics.torproject.org/performance.html?graph=torperf&start=2009-06-01&end=2012-08-21&filesize=1mb#torperf It would be interesting to see your stats on as AS level rather than a /24 netblock level. But the challenge really is that we need to know what networks the traffic flows traverse upstream -- e.g. how pervasive a surveiller of Tor traffic could Deutsch Telekom be? This topic goes back to my earlier blog post: https://blog.torproject.org/blog/research-problem-measuring-safety-tor-netwo... I think we still do a pretty good job explaining the risks and limitations of using a system like Tor, e.g. in each Tor talk. Tor used to print a warning message on start, to explain that it isn't perfect. But a) no Windows users saw it, and b) it backfired in surprising ways, like having journalists write "Tor recommends that you use something else for now, since they're not ready yet": https://trac.torproject.org/projects/tor/ticket/2474
Thanks for presenting the code too! --Roger _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE