Tor Stinks re Traffic Analysis and Sybil (as do other networks)

Peter Fairbrother peter at tsto.co.uk
Mon Nov 25 16:58:09 PST 2019 

On 23/11/2019 23:23, Punk-Stasi 2.0 wrote:

> 	My guess is that the main reason for them to get as many users as they can is to justify funding.

Initially the main reason was to increase traffic, in order to make 
traffic analysis harder. Really.

I was around when the idea was first being discussed - Roger, Lucky, 
Paul (in a smaller role than often stated), Len, Nick, a few others - 
Matt dropped in occasionally, Ian and Caspar gave their 2c worth. For 
some reason George and Andrei (mixmaster/mixminion math gurus) weren't 
much involved.

Justifying funding is just a nice side-effect.


On 25/11/2019 11:03, grarpamp wrote:
 >> any low-latency web onion router - could not defeat The Man
 >
 > This seems yet to be lacking proof and perhaps
 > cannot actually be said without it.

I thought I wrote that quite carefully, but perhaps I should rephrase 
it: "Any practical likely-to-be-successful low-latency web onion router 
cannot defeat The Man."

While a proof of that is not available, I do not know how to do it - do 
you? Please tell.

That was certainly the general conclusion of the crypto 
privacy/anonymity community at the time TOR was developed. My conclusion 
also, and I haven't seen anything since to make me change my mind.


Low latency means that only a few seconds of traffic need be considered. 
Web means that users have lots of traffic repeats in time-defined 
patterns. These make traffic analysis resistance hard.

Adding dummy cover traffic does not help until you use impractical 
levels of cover traffic, it is better to spend limited spare traffic 
resources on padding to make files the same size, even though this will 
not defeat The Man it does make his job harder.

Dithering timing doesn't really help much against The Man's computing 
resources, at least until you get to something that is not low latency.

ps by The Man I mean someone like NSA with widespread access to raw 
traffic and considerable computing resources.




It should be noted that NSA do not say they can break TOR in practice, 
and afaik there is no evidence that they have. In all the "Dark Web" 
busts I have read about there has been no evidence presented as part of 
a general break in TOR. Maybe they can't (or just don't) break it.

Of course, if they have broken TOR that is optimal for NSA - don't tell 
anyone it is broken, so people keep using it. Remember Coventry/Enigma 
(which never happened, but it is a good story).

Never Say Anything.


Peter Fairbrother

More information about the cypherpunks mailing list