Tor, the pentagon's cyberweapon

Peter Fairbrother peter at tsto.co.uk
Wed Oct 14 19:48:45 PDT 2020 

On 14/10/2020 23:59, Karl wrote:
> 
> 
> On Wed, Oct 14, 2020, 6:34 PM Peter Fairbrother wrote:

>     To put some BOTE numbers on that, suppose you want to provide for 1
>     million concurrent users. You have about 150 TB per month user traffic
>     to play with (500 x 1TB, ~3 hops), 150 MB per month per user, or 450
>     Baud.
> 
> 
> Could you explain your math here?  How did 500TB/3 (am I wrong?) become 
> 150MB?

There are 500 raspberry pi's, each on the end of a 1TB/month link. 
That's 500 TB/month total traffic, but dividing by 3 we get 
approximately 150 TB/month user traffic.

With a million users at any time that's 150TB user traffic per month: 
divided by 1 million users that's 150MB per user per month.

As they are concurrent users (the total number of users is higher, but 
at any time 1 million users are using the service) that is 150 million 
bytes per month per user divided by 2,592,000 seconds per month, which 
is 58 bytes per second per user or 463.32 baud.



Looked at another way, if people always used an anonymity service the 
hops would multiply their traffic by say 5 times (3 times as in TOR is 
not enough). Covertraffic and file size padding traffic would at least 
double that, so we would need at least 10 times the normal traffic the 
users created.

And you ned a lot of traffic through your anonymisation network to get 
decent anonymity, you need a large anonymity set.

Web traffic is expensive - making it at least ten times more expensive 
is not on, especially if nine tenths of it has to be paid for by someone 
else.

That's not counting the servers etc - getting a pi to handle 386 kB/s 
[1] of anonymity traffic is not trivial, I don't even think it is possible.

[...]

> Enforcing TLS is much more reasonable nowadays.  (You could add a plugin 
> to use http tricks to hide file sizes.). Not what I would focus on once 
> it gets nonsimple.

A good proportion of TOR traffic will be protected by TLS anyway, 
especially those sites which you might not want other people to know you 
are accessing.

Visible file sizes are the main anonymity weakness in TOR.

If you suspect someone you compare the file sizes of the traffic through 
their system with traffic through the exit nodes.

In the UK at least it is legally fairly easy for the cops to demand that 
info (and most ISPs are legally required to obtain and store that data 
anyway) - getting everyone's traffic info where the cops have no suspect 
is a little harder, but not impossible.

Of course the ordinary cops don't use that power, and the people who do 
use it don't want it known that they can do it, so you will find that 
they make up stories about reused passwords and the like being the 
source of their information.


Peter Fairbrother

[1] 1TB/month divided by 2,592,000s/month

More information about the cypherpunks mailing list