Paradoxical bandwidth 'law' with anonymizing systems?
David Honig
honig at alum.mit.edu
Wed Apr 15 09:06:13 PDT 1998
I was reading a paper on Onion routing, and the following occurred to me:
The FEWER people using the system, the SLOWER the system can react.
Otherwise, it leaks temporal information as a block moves from
router to router.
Longer explanation:
Onion routing provides real-time anonymized connections. (Compare
to "mixmaster" email anonymizers which do not provide real-time
connections).
If you are trying to avoid timing attacks in such a system,
then the fewer the people using the system,
the longer the routers have to wait, it seems to me. Otherwise, say if you
were the only user of the system, the fact that packets ("Onions")
are being sent from router to router is easy to track.
If a lot of connections are being processed, the connections from
router to router are difficult to trace, so the routers needn't
be concerned with imposing delays to impede time-based traffic analysis.
A possible workaround would be to place some of the routers
in time zones which would be active. That way, even 4AM users
would get temporally anonymized by the busy routers in other zones.
I suppose this is similar to the anonymity-by-groups (e.g., using
a simple proxy) concept, where your 'group' is other users of
Onion routers. But you can't be anonymous if you're the only one
using the chain of routers, right?
------------------------------------------------------------
David Honig Orbit Technology
honig at otc.net Intaanetto Jigyoubu
Steel : Meatspace :: Encryption : Virtual space
More information about the cypherpunks-legacy
mailing list