Box for simple Tor node.

Zenaan Harkness zen at freedbms.net
Mon Oct 21 17:12:46 PDT 2019


On Tue, Oct 22, 2019 at 10:20:35AM +1100, Zenaan Harkness wrote:
> On Mon, Oct 21, 2019 at 06:06:15PM +0000, jim bell wrote:
> >  On Monday, October 21, 2019, 04:00:16 AM PDT, grarpamp <grarpamp at gmail.com> wrote:

> >  To do that, it would be desireable to  make that
> > chaff look as much as possible like real traffic.
> 
> Ahh, I see the thought. Yes, that thought makes sense on first blush,
> but the problem is, if our encryption is so poor that chaff packets
> are distinguishable from wheat, our chaff system is broken.
> 
> And yes, as above, chaff is to fill the gaps, not to create flows or
> streams that are not otherwise needed - the goal is simply to
> disguise traffic, not to create completely arbitrary fill traffic
> (and if the encryption is not broken, all traffic should look
> completely arbitrary - this is a fundamental 'broken' with Tor's non
> chaff filled TCP flows).
> 
> 
> >  A packet sent
> > through all, or a large number of nodes will have a genuine path. 
> 
> Yes, "chaff paths" is the concept here, now I understand. I believe
> that would be counter productive to network utilisation, and as
> coderman points out, for too little gain.
> 
> I can see how chaff paths could possibly make sense in the Tor
> network.
> 
> Also, but more fundamentally, what we are aiming for with chaff fill,
> at least in a packet switched network, is something better than "chaff
> paths":
> 
>  - we want streams to not be distinguishable
>    - this is a known (and fundamental) problem with Tor
> 
>  - chaff packets seeks a functional improvement on this fundamental
>    problem with Tor
> 
>  - the reason Tor is so bad, is that entry and exit nodes are
>    dominated by GPAs, and the "default set up of Tor Browser" for an
>    end user is therefore fundamentally broken
>    - this is why I stress the importance of running your own home
>      node (if you're using Tor at all), and more so, running that as
>      an exit node if you want any reasonable plausible deniability
> 
> Covfefe net hopes to overcome this fundamental Tor (as it stands)
> problem.

On second blush, although I might trust an immediate friend (first
hop), I might effectively set up a circuit through friend B, to C,
where I control the chaff, inserting chaff when I'm not using this
"mini circuit" - in this way B does not know that the circuit from A
to C is partly chaff, or purely data, or purely chaff.

Node C might have something to say about that if I don't utilize this
mini route for too long (that would be a waste of B's generous
bandwidth provision).

We could consider or name this mini route ABC, a chaff route in the
sense that A controls the route, inserting chaff as needed.



> > Assuming the spy bugs one node, he will see traffic come in, and
> > leave for another.  Just like an ordinary instance of traffic.  
> 
> "chaff fill" is a misnomer perhaps leading people's' thoughts astray,
> we should say something like:
> 
> Chaff packets:
> 
>  1) Are, to an onlooker or snooper, indistinguishable from wheat
>     packets, both in their size, and in their timing of delivery, and
>     in all consequential timing for packets returning, or outgoing,
>     from the node that receives a chaff packet.
> 
>  2) Are only ever used as padding to fill gaps, so that stream begin,
>     and stream end are not distinguishable (to the snoop), and also
>     so that stream data, and surrounding chaff packets, are also not
>     distinguishable from one another.
> 
>  (A stream is a packet flow such as a request, and the corresponding
>  response for the content of a web page.)
> 
> 
> > An alternative would be a system where each node spontaneously
> > generates chaff.   Spying on a node would see such spontaneous
> > 'traffic' generations.  Maybe it would be clearer that that was
> > chaff?
> 
> Yes, this is the Covfefe model - chaff packets, to fill the gaps, so
> the snoop cannot tell whether any data or streams are being sent, or
> not, at all.
> 
> 
> > But I'm just throwing out ideas.  I assume that the 'chaff' issue
> > has been professionally detailed in some academic papers.
> 
> Possibly - if someone has a link, I'd be happy to read it, but the
> principle seems to jump out and smack us in the face, but I can
> imagine that there could be some useful academic analysis of chaff
> and network theory - if such exists...
> 


More information about the cypherpunks mailing list