Re: [tor-dev] Effect of padding on end to end correlation false positive rate

newer
Cryptography's Role in Securing...

older
State of the art in malware owning...

grarpamp

20 Oct 2015 20 Oct '15

8:58 p.m.

On Fri, Oct 16, 2015 at 3:22 PM, s7r wrote:

...

I am describing something like a Sybil attack where the adversary runs relays, gets lucky and is selected in a certain position of a certain

...

Does this change with padding? If yes, how? [1]: https://blog.torproject.org/blog/traffic-correlation-using-netflows

My thought was solely restricted to analysis of network traffic by *passive* adversary... not involving any collusion by actives over circuits they can see inside or pump within any given onion layer, though clocked and checked network fill by all proper nodes would inhibit pumping by actives. I talked on list with someone at briarproject and wherever else on idea of filling the network with traffic vs the passives. Apologize for not making time to review Mike's proposal or develop further talk yet. Someone will review / integrate fill padding of network with regard anonbib, Mike's, etc I'm sure, as it is clearly (to me at least) a weakness of non-filled non-store-and-forward networks vs the passives which we all know and love.

Show replies by date

coderman

20 Oct 20 Oct

10:41 p.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On 10/20/15, grarpamp wrote:...

...

...
[1]: https://blog.torproject.org/blog/traffic-correlation-using-netflows

My thought was solely restricted to analysis of network traffic by *passive* adversary... not involving any collusion by actives over circuits they can see inside or pump within any given onion layer, though clocked and checked network fill by all proper nodes would inhibit pumping by actives. I talked on list with someone at briarproject and wherever else on idea of filling the network with traffic vs the passives. Apologize for not making time to review Mike's proposal or develop further talk yet. Someone will review / integrate fill padding of network with regard anonbib, Mike's, etc I'm sure, as it is clearly (to me at least) a weakness of non-filled non-store-and-forward networks vs the passives which we all know and love.

note that userspace stacks with multi-homed mobility-capable IPv6 ORCHIDv2 addresses can maintain logical connectivity over a set of paths/circuits such that active attacks reduce capacity but are unable to execute the easy confirmation and tagging attacks available in a stream oriented implementation with TCP links over IPv4. in theory... ;P best regards,

Juan

11:09 p.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On Tue, 20 Oct 2015 15:41:43 -0700 coderman wrote:

...

On 10/20/15, grarpamp wrote:...

I've been meaning to ask this for a while...coderman and grarpamp are the same person? (I'm assuming the answer is 'yes')

Mirimir

21 Oct 21 Oct

1:06 a.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On 10/20/2015 05:09 PM, Juan wrote:

...

On Tue, 20 Oct 2015 15:41:43 -0700 coderman wrote:

...
On 10/20/15, grarpamp wrote:...

I've been meaning to ask this for a while...coderman and grarpamp are the same person? (I'm assuming the answer is 'yes')

Hard to say. But I doubt it. On the other hand, you do come off as a sock ;)

Juan

1:26 a.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On Tue, 20 Oct 2015 19:06:42 -0600 Mirimir wrote:

...

On 10/20/2015 05:09 PM, Juan wrote:

...
On Tue, 20 Oct 2015 15:41:43 -0700 coderman wrote:

...
On 10/20/15, grarpamp wrote:...

I've been meaning to ask this for a while...coderman and grarpamp are the same person? (I'm assuming the answer is 'yes')

Hard to say. But I doubt it.

Really? Both use virtually the same robotic, military-like language, full of pseudo technical garbage.

...

On the other hand, you do come off as a sock ;)

Go figure. And I counted you as an ally of sorts. So tell me, whose 'sock'?

Mirimir

1:55 a.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On 10/20/2015 07:26 PM, Juan wrote:

...

On Tue, 20 Oct 2015 19:06:42 -0600 Mirimir wrote:

...
On 10/20/2015 05:09 PM, Juan wrote:

...
On Tue, 20 Oct 2015 15:41:43 -0700 coderman wrote:

...
On 10/20/15, grarpamp wrote:...

I've been meaning to ask this for a while...coderman and grarpamp are the same person? (I'm assuming the answer is 'yes')

Hard to say. But I doubt it.

Really? Both use virtually the same robotic, military-like language, full of pseudo technical garbage.

That's true. But there are many militaries. And although much of their technical allusion is over my head, what I do get makes sense.

...

...
On the other hand, you do come off as a sock ;)

Go figure. And I counted you as an ally of sorts. So tell me, whose 'sock'?

I do consider you an ally, of a sort. And your perspective is valuable. But your unremitting nihilism has been getting to me. And it smells like sock to me. In particular, I also have concerns and reservations about Tor. It's true that the US military funded its development. And it's true that they probably still use it. But maybe think of it this way: we have military-grade anonymity. And in any case, as far as I know, it's the best anonymity tool we've got.

Juan

6:09 a.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On Tue, 20 Oct 2015 19:55:02 -0600 Mirimir wrote:

...

...
Really? Both use virtually the same robotic, military-like language, full of pseudo technical garbage.

That's true. But there are many militaries. And although much of their technical allusion is over my head, what I do get makes sense.

I think they also tend to post at the same time, but that's a pretty casual observation. Anyway, no big deal.

...

...
...
On the other hand, you do come off as a sock ;)

Go figure. And I counted you as an ally of sorts. So tell me, whose 'sock'?

I do consider you an ally, of a sort. And your perspective is valuable. But your unremitting nihilism has been getting to me. And it smells like sock to me.

Oh, I'm pretty nihilistic about anything good ever coming from the US government, both from the 'public' part of it and from the 'private' part like facebook, intel or any other american firm. Granted, the rest of the 'free world' is hardly better. I used to have a more 'mainstream' and bening view of the US 'private' sector. But I know better now. But I'm not nihilitic about everything...yet =P

...

In particular, I also have concerns and reservations about Tor. It's true that the US military funded its development.

I think the proper verb tense is present.

...

And it's true that they probably still use it.

that they use it is clearly stated in torproject.org "who uses tor : military and law enforcement"

...

But maybe think of it this way: we have military-grade anonymity.

You have 'military grade' anonimity depending on who's your adversary (to use their military jargon) If your adversary just happens to be the military who created tor you only have problems. And frankly, do you think the US military would shoot themselves in the foot by creating something that 'aids' 'terrorists' and that they can't subvert? There's no reason for them to do that so it's safe to conclude that they didn't do it.

...

And in any case, as far as I know, it's the best anonymity tool we've got.

Tool for what? If, for instance, you want to publish documents, isn't freenet a better alternative? Freenet is truly p2p (unlike tor), the storage is decentralized (unlike tor) and the developers don't get millions of dollars from the pentagon (as far as I know). Now, I wouldn't actually recomend freenet because I haven't done much homework regarding it, but at least it deserves a mention I think.

Mirimir

7:37 a.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On 10/21/2015 12:09 AM, Juan wrote:

...

On Tue, 20 Oct 2015 19:55:02 -0600 Mirimir wrote:

<SNIP>

...

...
...
...
On the other hand, you do come off as a sock ;)

Go figure. And I counted you as an ally of sorts. So tell me, whose 'sock'?

I do consider you an ally, of a sort. And your perspective is valuable. But your unremitting nihilism has been getting to me. And it smells like sock to me.

Oh, I'm pretty nihilistic about anything good ever coming from the US government, both from the 'public' part of it and from the 'private' part like facebook, intel or any other american firm. Granted, the rest of the 'free world' is hardly better.

I used to have a more 'mainstream' and bening view of the US 'private' sector. But I know better now.

But I'm not nihilitic about everything...yet =P

Me neither. Sometimes, though ...

...

...
In particular, I also have concerns and reservations about Tor. It's true that the US military funded its development.

I think the proper verb tense is present.

True.

...

...
And it's true that they probably still use it.

that they use it is clearly stated in torproject.org

"who uses tor : military and law enforcement"

Well, that's what the website says. I have no way to verify that ;)

...

...
But maybe think of it this way: we have military-grade anonymity.

You have 'military grade' anonimity depending on who's your adversary (to use their military jargon)

True.

...

If your adversary just happens to be the military who created tor you only have problems.

Tor is open-source, and collaborative. Arguably, anyone with requisite skills and resources can subvert it. But it is true that the Five Eyes have the best resources for traffic analysis.

...

And frankly, do you think the US military would shoot themselves in the foot by creating something that 'aids' 'terrorists' and that they can't subvert? There's no reason for them to do that so it's safe to conclude that they didn't do it.

It's hard to say. Only idiots use tools with backdoors.

...

...
And in any case, as far as I know, it's the best anonymity tool we've got.

Tool for what? If, for instance, you want to publish documents, isn't freenet a better alternative?

I don't believe that either Freenet or I2P are large enough to provide strong anonymity. And both (along with most P2P systems) require that nodes be discoverable. That complicates using them with VPNs and Tor. It might be possible to run Freenet nodes as onion services. That works well enough for Tahoe-LAFS. I've been meaning to test that. Also IPFS.

...

Freenet is truly p2p (unlike tor), the storage is decentralized (unlike tor) and the developers don't get millions of dollars from the pentagon (as far as I know).

Well, adversaries can use malicious P2P nodes. It's true that Freenet is about the same size as Tor (http://www.asksteved.com/stats/ vs https://metrics.torproject.org/networksize.html). But with Tor, what's relevant is the number of possible circuits. With ~1700 entry guards, ~1000 exit relays and ~2300 non-entry/non-exit relays, about four billion distinct circuits are possible.

...

Now, I wouldn't actually recomend freenet because I haven't done much homework regarding it, but at least it deserves a mention I think.

Yes, it does. But neither it nor I2P provide anonymous access to the general Internet.

Juan

22 Oct 22 Oct

7:46 p.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On Wed, 21 Oct 2015 01:37:54 -0600 Mirimir wrote:

...

On 10/21/2015 12:09 AM, Juan wrote:

...

Tor is open-source, and collaborative. Arguably, anyone with requisite skills and resources can subvert it. But it is true that the Five Eyes have the best resources for traffic analysis.

That's the thing. So maybe 'subvert' wasn't the best choice of word here, but the idea is that if you take into account anglo-american surveillance, then tor doesn't perform as advertised. Using passive analysis they can undermine the tor network without actually 'subverting' a single coma in the code. (plus, they prolly can make analysis more efficient by tampering with traffic, again without touching the code)

...

...
And frankly, do you think the US military would shoot themselves in the foot by creating something that 'aids' 'terrorists' and that they can't subvert? There's no reason for them to do that so it's safe to conclude that they didn't do it.

It's hard to say. Only idiots use tools with backdoors.

That really depends on the nature of the backdoor. It's certainly risky to backdoor something, but it's less risky if the people who create the backdoor (say the nsa) are the same and only people who have the resources to access it. And the 'backdoor' may be simply a less-than-ideal system...like tor.

...

...
Freenet is truly p2p (unlike tor), the storage is decentralized (unlike tor) and the developers don't get millions of dollars from the pentagon (as far as I know).

Well, adversaries can use malicious P2P nodes. It's true that Freenet is about the same size as Tor (http://www.asksteved.com/stats/ vs https://metrics.torproject.org/networksize.html). But with Tor, what's relevant is the number of possible circuits. With ~1700 entry guards, ~1000 exit relays and ~2300 non-entry/non-exit relays, about four billion distinct circuits are possible.

But faster relays are used more frequently no? Anyway, my point was that as far as publishing documents go freenet looks like a a better and more serious design than tor.

...

...
Now, I wouldn't actually recomend freenet because I haven't done much homework regarding it, but at least it deserves a mention I think.

Yes, it does. But neither it nor I2P provide anonymous access to the general Internet.

Mirimir

23 Oct 23 Oct

9:24 a.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

On 10/22/2015 01:46 PM, Juan wrote:

...

On Wed, 21 Oct 2015 01:37:54 -0600 Mirimir wrote:

...
On 10/21/2015 12:09 AM, Juan wrote:

...
Tor is open-source, and collaborative. Arguably, anyone with requisite skills and resources can subvert it. But it is true that the Five Eyes have the best resources for traffic analysis.

That's the thing. So maybe 'subvert' wasn't the best choice of word here, but the idea is that if you take into account anglo-american surveillance, then tor doesn't perform as advertised.

The Tor Project doesn't claim that Tor protects against targeted attack by global adversaries. I could go on at length. But instead, please see https://www.ivpn.net/privacy-guides/adversaries-and-anonymity-systems-the-ba....

...

Using passive analysis they can undermine the tor network without actually 'subverting' a single coma in the code.

(plus, they prolly can make analysis more efficient by tampering with traffic, again without touching the code)

I don't doubt that.

...

...
...
And frankly, do you think the US military would shoot themselves in the foot by creating something that 'aids' 'terrorists' and that they can't subvert? There's no reason for them to do that so it's safe to conclude that they didn't do it.

It's hard to say. Only idiots use tools with backdoors.

That really depends on the nature of the backdoor. It's certainly risky to backdoor something, but it's less risky if the people who create the backdoor (say the nsa) are the same and only people who have the resources to access it. And the 'backdoor' may be simply a less-than-ideal system...like tor.

It's possible.

...

...
...
Freenet is truly p2p (unlike tor), the storage is decentralized (unlike tor) and the developers don't get millions of dollars from the pentagon (as far as I know).

Well, adversaries can use malicious P2P nodes. It's true that Freenet is about the same size as Tor (http://www.asksteved.com/stats/ vs https://metrics.torproject.org/networksize.html). But with Tor, what's relevant is the number of possible circuits. With ~1700 entry guards, ~1000 exit relays and ~2300 non-entry/non-exit relays, about four billion distinct circuits are possible.

But faster relays are used more frequently no?

Anyway, my point was that as far as publishing documents go freenet looks like a a better and more serious design than tor.

Maybe, but different goals. Me, I like Dissent. See Feigenbaum and Ford (2015) Seeking Anonymity in an Internet Panopticon. Communications of the ACM 58:10, 58-69. Preprint at http://arxiv.org/abs/1312.5307. <SNIP>

dan＠geer.org

12:19 a.m.

New subject: [tor-dev] Effect of padding on end to end correlation false positive rate

While considering whether A & B are alternate personas of the same person, you might like this paper "De-anonymizing Programmers via Code Stylometry" www.princeton.edu/~aylinc/papers/caliskan-islam_deanonymizing.pdf as seen at the 2015 USENIX Security Symposium. --dan

3255

Age (days ago)

3258

Last active (days ago)

List overview

Download

10 comments

5 participants

participants (5)

coderman
dan＠geer.org
grarpamp
Juan
Mirimir