[liberationtech] Anonymity Smackdown: NSA vs. Tor
Eugen Leitl
eugen@leitl.org
Wed Aug 7 01:18:12 PDT 2013
----- Forwarded message from Roger Dingledine <arma@mit.edu> -----
Date: Wed, 7 Aug 2013 03:05:35 -0400
From: Roger Dingledine <arma@mit.edu>
To: liberationtech <liberationtech@mailman.stanford.edu>
Subject: Re: [liberationtech] Anonymity Smackdown: NSA vs. Tor
User-Agent: Mutt/1.5.20 (2009-06-14)
Reply-To: liberationtech <liberationtech@lists.stanford.edu>
On Tue, Aug 06, 2013 at 10:43:39PM -0500, Kyle Maxwell wrote:
> The key, obviously, is the primary assertion that the NSA runs "lots"
> of Tor nodes. I've seen this assertion before, and while it's
> certainly a reasonable assumption, I don't know if anybody outside the
> NSA actually has hard evidence for that.
I remember having this discussion with Bruce Schneier long ago, when
he was about to add the phrase "of *course* NSA runs Tor relays" to a
blog post.
Consider two scenarios. In scenario one, NSA doesn't run any Tor
relays, but they have done deals with AT&T and other networks to be
able to passively monitor those networks -- including the (honest,
well-intentioned) Tor relays that run on those networks. They're able to
monitor some fraction of the Tor network capacity -- whether that's 1%
or 10% or 30% is a fine question, and depends on both Internet topology
and also what deals they've done.
In scenario two, they do that plus also run some relays. They have to
deal with all the red tape of deploying and operating real-world things
on the Internet, and the risk that they'll do it wrong, somebody will
notice, etc. And the benefit is maybe a few percent increase in what
they can watch.
Why would they choose scenario two? Scenario one seems like it would be
working out pretty well for them. And if it's not, their resources would
be better spent fixing that, since it leads to better surveillance of
everything else they care about too.
See
https://lists.torproject.org/pipermail/tor-talk/2013-July/028851.html
for a related discussion.
Oh, and this argument should also lead you to ask "ok, but what
about <smaller country that hasn't yet been reported to have a huge
Internet surveillance program>? Shouldn't they run relays?" Maybe they
should. Maybe we should hope they all do, which could make the network
more diverse assuming they don't share well with each other.
> Assuming that assertion holds, the architectural criticisms start to
> matter more: 3 hops, 1024 bit RSA keys, etc.
Somebody should tell Robert about the recent (Tor 0.2.4.x) shift to much
stronger circuit handshakes and link encryption:
https://gitweb.torproject.org/tor.git/blob/refs/tags/tor-0.2.4.15-rc:/ChangeLog#l678
https://gitweb.torproject.org/tor.git/blob/refs/tags/tor-0.2.4.15-rc:/ChangeLog#l700
And for the "Multiple apps share the same underlying Tor egress" concern,
he should learn about the stream isolation features added in Tor 0.2.3.x:
https://gitweb.torproject.org/tor.git/blob/refs/tags/tor-0.2.4.15-rc:/ChangeLog#l3981
All of this said, I don't want anybody to conclude that Tor is
perfect. Many of the attacks from my 25c3 "security and anonymity
vulnerabilities in Tor" talk remain hard research questions:
https://media.torproject.org/video/
--Roger
--
Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
More information about the cypherpunks
mailing list