Once again: Tor timing attacks and a Tor confession

grarpamp grarpamp at gmail.com
Mon Feb 29 20:38:42 PST 2016


On 2/29/16, Zenaan Harkness <zen at freedbms.net> wrote:
> On 2/29/16, Georgi Guninski <guninski at guninski.com> wrote:
>> Is it theoretically possible at all to make low latency anonymity
>> of sufficiently decent quality?
>
> For those able to pay the price of fill traffic, possibly (theoretically).
>
> However even in that case, you will need at least some level of trust
> with your immediate peers (or high level of trust if your immediate
> peer is singular, only 1, from which you access the rest of the
> network).

Maybe you have some validation packets looping around and
coming back to you on other [virtual] path. Maybe peer does not
know traffic from you is from you as an endpoint. Maybe you're
doing nothing and he wastes time.

> Visibly stable fill traffic requires peers that don't collaborate with
> the NSA - e.g., you can imagine how trivial it might be to put in
> "bandwidth signals" if you are an untrustworthy peer - just a slight
> temporary dip at a specific point in time, could be a signal to the
> NSA.

If all nodes are multiply connected and independantly reclocking
and jittering their output packet streams and your data passes
through at least one good node besides yourself, it erases all
the bad signals perturbed up to reaching it.
Encryption also thwarts picking out some given user.

Yet, again, what is trying to be defeated?
- strict GPA  (I only ever said this type)
- traffic manipulation at internet layer
- evil nodes doing whatever

Fill is more obvious applicable to strict GPA.
It gets harder for latter two, for which fill traffic
may not be as simple benefit, and maybe start playing
with packet switching / mixing / spreading / reassembly.

What is adversaries non sunk cost and reach and
odds of seeing given user traffic for each type?

> Example peers:
> - your ISP

You could be multihomed, multi overlayed, multi vpn'd...

> - your neighbours in say a wireless or wired local mesh net

That's potentially a social knowledge / friendly situation.

- [peer] nodes wherever in the overlay network.

> I am not aware of any academic research regarding the benefits and or
> pitfalls of fill traffic.

Paper titles were quoted in this thread, some had such appendix
references. And in tor-talk / tor-dev whenever fill traffic comes up.



More information about the cypherpunks mailing list