Box for simple Tor node.
Zenaan Harkness
zen at freedbms.net
Mon Oct 21 17:12:46 PDT 2019
On Tue, Oct 22, 2019 at 10:20:35AM +1100, Zenaan Harkness wrote:
> On Mon, Oct 21, 2019 at 06:06:15PM +0000, jim bell wrote:
> > On Monday, October 21, 2019, 04:00:16 AM PDT, grarpamp <grarpamp at gmail.com> wrote:
> > To do that, it would be desireable to make that
> > chaff look as much as possible like real traffic.
>
> Ahh, I see the thought. Yes, that thought makes sense on first blush,
> but the problem is, if our encryption is so poor that chaff packets
> are distinguishable from wheat, our chaff system is broken.
>
> And yes, as above, chaff is to fill the gaps, not to create flows or
> streams that are not otherwise needed - the goal is simply to
> disguise traffic, not to create completely arbitrary fill traffic
> (and if the encryption is not broken, all traffic should look
> completely arbitrary - this is a fundamental 'broken' with Tor's non
> chaff filled TCP flows).
>
>
> > A packet sent
> > through all, or a large number of nodes will have a genuine path.
>
> Yes, "chaff paths" is the concept here, now I understand. I believe
> that would be counter productive to network utilisation, and as
> coderman points out, for too little gain.
>
> I can see how chaff paths could possibly make sense in the Tor
> network.
>
> Also, but more fundamentally, what we are aiming for with chaff fill,
> at least in a packet switched network, is something better than "chaff
> paths":
>
> - we want streams to not be distinguishable
> - this is a known (and fundamental) problem with Tor
>
> - chaff packets seeks a functional improvement on this fundamental
> problem with Tor
>
> - the reason Tor is so bad, is that entry and exit nodes are
> dominated by GPAs, and the "default set up of Tor Browser" for an
> end user is therefore fundamentally broken
> - this is why I stress the importance of running your own home
> node (if you're using Tor at all), and more so, running that as
> an exit node if you want any reasonable plausible deniability
>
> Covfefe net hopes to overcome this fundamental Tor (as it stands)
> problem.
On second blush, although I might trust an immediate friend (first
hop), I might effectively set up a circuit through friend B, to C,
where I control the chaff, inserting chaff when I'm not using this
"mini circuit" - in this way B does not know that the circuit from A
to C is partly chaff, or purely data, or purely chaff.
Node C might have something to say about that if I don't utilize this
mini route for too long (that would be a waste of B's generous
bandwidth provision).
We could consider or name this mini route ABC, a chaff route in the
sense that A controls the route, inserting chaff as needed.
> > Assuming the spy bugs one node, he will see traffic come in, and
> > leave for another. Just like an ordinary instance of traffic.
>
> "chaff fill" is a misnomer perhaps leading people's' thoughts astray,
> we should say something like:
>
> Chaff packets:
>
> 1) Are, to an onlooker or snooper, indistinguishable from wheat
> packets, both in their size, and in their timing of delivery, and
> in all consequential timing for packets returning, or outgoing,
> from the node that receives a chaff packet.
>
> 2) Are only ever used as padding to fill gaps, so that stream begin,
> and stream end are not distinguishable (to the snoop), and also
> so that stream data, and surrounding chaff packets, are also not
> distinguishable from one another.
>
> (A stream is a packet flow such as a request, and the corresponding
> response for the content of a web page.)
>
>
> > An alternative would be a system where each node spontaneously
> > generates chaff. Spying on a node would see such spontaneous
> > 'traffic' generations. Maybe it would be clearer that that was
> > chaff?
>
> Yes, this is the Covfefe model - chaff packets, to fill the gaps, so
> the snoop cannot tell whether any data or streams are being sent, or
> not, at all.
>
>
> > But I'm just throwing out ideas. I assume that the 'chaff' issue
> > has been professionally detailed in some academic papers.
>
> Possibly - if someone has a link, I'd be happy to read it, but the
> principle seems to jump out and smack us in the face, but I can
> imagine that there could be some useful academic analysis of chaff
> and network theory - if such exists...
>
More information about the cypherpunks
mailing list