Dishonest Tor relay math question - tor-talk is to lazy
PrivacyArms
privacyarms at protonmail.com
Sat Oct 9 14:17:25 PDT 2021
What I want to know is the percentage risk of x malicious nodes to deanonymize a user by controlling the full circuit.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, October 8, 2021 7:35 AM, grarpamp <grarpamp at gmail.com> wrote:
> > How can I calculate how much impact X honest Tor relays have?
> > Is it better to calculate with bandwidth consumed (250Gbps), despite the
> > number of relays (~7000)?
> > Basically, I want to get the mathematical equation to this statement:
> > I run X Tor relays at Y Mb/s each and by doing so I secure Z % of the Tor
> > network!
> > Starting thoughts:
> >
> > - Each “normal” route has three nodes involved: Guard, Middle, Exit
> > - I am aware of guard pinning and vanguard protection for middle relay
> > pinning
> >
> > - Maybe it is easier to assume an infinite usage time of the network to
> > eliminate guard and vanguard pinning
> >
> > - I guess the best is to assume a scenario with 1%, 5%, 10%, etc. dishonest
> > relays
> >
> >
> > My take on this:
> > Tor has approximately 7000 relays.
> > If I consider a number of 5% malicious relays, this would be: 350
> > My calculation:
> > (1/(7000/350))(1/(7000/349))(1/(7000/348))
> > = 0.000123931
> > = 0.0123931%
>
> > 1. Is my approach correct?
>
> Generically, assuming you're only running the
> exit use case, not the HS onion case.
>
> You'll probably want to consider some adjustments...
>
> - There's not 7k exits, only ~1k, but it's a ratio term
> so then it only matters if you're expecting different
> densities of bad/good across each of the guard/mid/exit roles.
>
> - There's not 7k guards, only ... .
> - tor only uses family, /nn cidr blocks, etc once in a circuit...
> effect is not 7k nodes, but G groups made up of 1-N nodes.
> Read torspec, scrape consensus, determine the resultant
> number G that tor actually gives itself to choose from.
>
> - Some nodes are down, sleeping, busy, filtered, etc.
> - Not all exits serve the clearnet ports you want.
> - Circuits expire, nodes rotate, etc.
>
> > 2. Not every relay has the same bandwidth. How could I change the
> > calculation to make it more realistic?
> >
>
> Read torspec, scrape consensus, determine how tor is
> allocating clients across its bandwidth gravity well, etc.
> See also...
> https://metrics.torproject.org/
>
> > 3. How can I add the effect of guard fixation?
> > 4. How can I include the effect of mid-node fixation by the vanguard?
>
> You didn't really define exactly what attack ("dishonesty")
> you're trying to model, so these settings could render you
> anywhere from safe, to having no effect and thus still being
> subject to the exploit.
>
> See also...
> https://anonbib.freehaven.net/
> https://git.torproject.org/torspec/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - privacyarms at protonmail.com - 0x6ECBFF11.asc
Type: application/pgp-keys
Size: 3278 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20211009/709ba4d0/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 855 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20211009/709ba4d0/attachment.sig>
More information about the cypherpunks
mailing list