Hidden service persistent connections (Traffic Analysis)

jamesd at echeque.com jamesd at echeque.com
Mon May 20 18:41:25 PDT 2019

Any sort of live interaction, like that provided by Tor, is going to be 
traceable, but most of this stuff does not really need live interaction. 
  It could be provided by something that works like email.

To prevent traceability, needs a big pile of stuff sitting on the nodes, 
rather than the nodes retransmitting immediately.

To defeat traffic analysis, needs data mingling.  Any large object needs 
to be encrypted, chopped into small blocks, each identified by it hash, 
the blocks sent with an outer layer of encryption into a great big pile 
somewhere with the outer layer of encryption pulled off, and you then 
some considerable time later, fish them out of the great big pile.

This, of course, requires that you trust the operator of the great big 
pile, who knows where an opaque block came from and where it is going 
to, so you need multiple piles, and stuff gets distributed from pile to 

For automated interactions, like the dark web selling cocaine, you would 
send a request, and much later a form would be in your inbox, like email 
with emails running javascript in a sandbox.  When you eventually got 
around to working your through your inbox, you would fill out the form, 
hit send, and eventually get a possibly automated response.

Last I heard, javascript in email was not properly sandboxed, and 
represents a massive security hole.

More information about the cypherpunks mailing list