Tor Stinks re Traffic Analysis and Sybil (as do other networks)

Zenaan Harkness zen at freedbms.net
Mon Nov 25 15:12:47 PST 2019 

On Mon, Nov 25, 2019 at 07:11:48PM +0000, jim bell wrote:
>  I can think of what might be a disproof of this:   https://en.wikipedia.org/wiki/Dining_cryptographers_problem     
> 
> >> any low-latency web onion router - could not defeat The Man
> 
> >This seems yet to be lacking proof and perhaps
> cannot actually be said without it.
> A message (or a dummy) could be automatically sent to a large number ("N") recipients, who are instructed to return an answer (or a dummy) within a random or pseudorandom time less than a specific value.  This system would still be "low latency", although perhaps not particularly efficient.
> Also, as for:
> >Chaff might be really only "expensive" if
> >1) Monetary, user chose to pay for it under metered plan,
> Some internet services (1 gbit/second Centurylink) are already unlimited-data, or at least the limit (1 terabyte/month?) is sufficiently high so that it is irrelevant.  The latter is about 386,000 bytes per second.  


~400KiB/s is fine for many uses.

Some will still want to work outside this envelope - say 4MiB/s for a
day, then 10KiB/s for the rest of the month.

And in this case any "interesting" bulk data up/download must of
course have occurred within that 1 day window, so the privacy/ hiding
characteristics of this link set up may not be overly useful "in
certain circumstances", but it is counter productive to not
facilitate whatever connection modes users might ultimately find
useful and/ or in their interest to use.

(I hope I'm just stating the obvious here.)



>              Jim Bell
> 
>     On Monday, November 25, 2019, 09:52:44 AM PST, Steven Schear <schear.steve at gmail.com> wrote:  
>  
>  I'm convinced there are too many security issues for high privacy communication over networks that eventually utilize or terminate on commercial facilities. Only specially designed, ptp, wireless comms using OTP or other trusted keying, combined with appropriate tradecraft are likely to be effective against nation state resources. Recall WW IIs wireless warriors. 
> On Mon, Nov 25, 2019, 11:04 AM grarpamp <grarpamp at gmail.com> wrote:
> 
> >       by 'low latency' they mean two things :
> >
> >       1) 'efficient' use of data transmission capacity, i.e. whether chaff is
> > sent(expensive)  or not.
> 
> Chaff might be really only "expensive" if
> 1) Monetary, user chose to pay for it under metered plan,
> 
> or refuses to buildout free p2p, guerilla, mesh networks.
> 2) Bandwidth, if chaff does not get out of the way upon
> demand by wheat for carriage.
> 3) Footshoot, user attempted to feed a higher committed
> rate to their CPU or internet than either can handle.
> 
> >       2) actual low latency. In order to prevent timing attacks, packets need to
> > be reclocked, which means adding delay, which results in higher 'latency'.
> 
> While reclocking is likely necessary part of TA defence,
> many CPUs and NICs can handle line rate processing,
> and the committed rate to an overlay network can be
> set below both the physical link speed, and the rate
> bought from the ISP within which the overlay rides.
> User or overlay can create its own processing headroom
> by choosing a lesser rate.
> Also, depending on nature of input, reclocking may not
> necessarily imply additional average delay, as packets
> and gaps between them might be simply normalized.
> randomized and or distributed within the same overall sum.
> Sure maybe due to variety of hardware making up an
> actual overlay network and users paths in it, and other
> processing demands, latency may be higher than
> non chaff network, but maybe not by enough to actually
> preclude use of low latency apps such as voice chat, IRC, etc.
> 
> 
> > any low-latency web onion router - could not defeat The Man
> 
> This seems yet to be lacking proof and perhaps
> cannot actually be said without it.
>

More information about the cypherpunks mailing list