Tor, the pentagon's cyberweapon

Karl gmkarl at gmail.com
Wed Oct 14 20:03:11 PDT 2020 

On Wed, Oct 14, 2020, 10:48 PM Peter Fairbrother <peter at tsto.co.uk> wrote:

> On 14/10/2020 23:59, Karl wrote:
> >
> >
> > On Wed, Oct 14, 2020, 6:34 PM Peter Fairbrother wrote:
>
> >     To put some BOTE numbers on that, suppose you want to provide for 1
> >     million concurrent users. You have about 150 TB per month user
> traffic
> >     to play with (500 x 1TB, ~3 hops), 150 MB per month per user, or 450
> >     Baud.
> >
> >
> > Could you explain your math here?  How did 500TB/3 (am I wrong?) become
> > 150MB?
>
> There are 500 raspberry pi's, each on the end of a 1TB/month link.
> That's 500 TB/month total traffic, but dividing by 3 we get
> approximately 150 TB/month user traffic.
>

How about more routers if there are more users?


> With a million users at any time that's 150TB user traffic per month:
> divided by 1 million users that's 150MB per user per month.
>
> As they are concurrent users (the total number of users is higher, but
> at any time 1 million users are using the service) that is 150 million
> bytes per month per user divided by 2,592,000 seconds per month, which
> is 58 bytes per second per user or 463.32 baud.
>
>
>
> Looked at another way, if people always used an anonymity service the
> hops would multiply their traffic by say 5 times (3 times as in TOR is
> not enough). Covertraffic and file size


I'm curious why you believe it to be not enough (two seems good enough to
my quick guesses if traffic is constant, but I can't think worth beans);
I'm happy to look at a reference.

padding traffic would at least
> double that, so we would need at least 10 times the normal traffic the
> users created.
>

I propose constant rate: cover traffic reduces as legitimate traffic
increases.  Would this work, do you think?


> And you ned a lot of traffic through your anonymisation network to get
> decent anonymity, you need a large anonymity set.
>
> Web traffic is expensive - making it at least ten times more expensive
> is not on, especially if nine tenths of it has to be paid for by someone
> else.
>
> That's not counting the servers etc - getting a pi to handle 386 kB/s
> [1] of anonymity traffic is not trivial, I don't even think it is possible.
>

Mmm might need good bare metal algorithms.  Easier to use the client device
which has more CPU.


> [...]
>
> > Enforcing TLS is much more reasonable nowadays.  (You could add a plugin
> > to use http tricks to hide file sizes.). Not what I would focus on once
> > it gets nonsimple.
>
> A good proportion of TOR traffic will be protected by TLS anyway,
> especially those sites which you might not want other people to know you
> are accessing.
>
> Visible file sizes are the main anonymity weakness in TOR.
>
> If you suspect someone you compare the file sizes of the traffic through
> their system with traffic through the exit nodes.
>

Wouldn't using chaff to make your transfer rate relatively constant close
almost all of this anonymity attack surface?


> In the UK at least it is legally fairly easy for the cops to demand that
> info (and most ISPs are legally required to obtain and store that data
> anyway) - getting everyone's traffic info where the cops have no suspect
> is a little harder, but not impossible.
>
> Of course the ordinary cops don't use that power, and the people who do
> use it don't want it known that they can do it, so you will find that
> they make up stories about reused passwords and the like being the
> source of their information.
>
>
> Peter Fairbrother
>
> [1] 1TB/month divided by 2,592,000s/month
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5323 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20201014/35ff7015/attachment.txt>

More information about the cypherpunks mailing list