Nextgen G* Traffic Analysis Resistant Overlay Networks (re Tor stinks)

Sun Oct 27 17:50:03 PDT 2019

> The problem is the node that was attacked with a latency injection
> attack - he just got attacked, his friends have now dropped him, and
> the Feds just identified whatever it was he was up/downloading

No, ident requires timing attack to propagate
thereby exposing the end-to-end speakers.
Node X, or its path to some other nodes was
attacked, X's relavant peer nodes connected to X
detected that disturbance in X's transmissions,
and refused to forward on anything X sends
(meanwhile the entire overlay is filling and reclock
normalizing everything anyway). You could
cut X's stream off from the left of Y (that Y normally
forwards out its right), Y's CPU either creates fill
to replace X's bw contract and sends that out its
right, or ultimately renegotiates a lower sum
of rates with some of its right peers that accounts
for loss of X on its left, Y is now free to accept
new contract proposals on its left summing up to
the rate that X formerly consumed.

Yes, X got depeered, sucks for X, at least until X reconnects
and starts upholding policed timing traffic fill contracts expected,
but the attack did not succeed in disclosing anyone who was
talking to who end-to-end.

It's entirely plausible and reasonable that in decades post-911 post-Snowden,
G* may now have laughably trivial end-to-end who-to-who traffic analysis
attacks that none of today's overlays are strongly resistant against.
Most of today's overlay networks design-think predates one or both
of those revelations and confirmations, and applies little of the new
crypto and network research that has evolved since either of them.

You need to come up with projects and overlays whose whitepapers
clearly indicate solid resistance measures to G* TA (instead of
disclaiming / dodging / burying / ignoring the topic as is the norm today),
and whose analysis whitepapers by external reviewers cannot find
fault with their approach (certainly at least not to any materially use
case significant odds of success, unlike with todays overlays).

There are probably a variety of design and tech can be applied
towards that. Both for general purpose overlays, and app specific
overlays.

Have fun creating and deploying them :)