Matthew Toseland wrote: > "Local" = direct peer. If we use one tunnel per local pseudo-identity, it > might work, but there is still a very high chance that the node sending the > request is the originator.
Right, but that's also the case at the moment: if requests travel n hops on average then there's a 1/n chance that the previous hop is the initiator. I don't see how you can get away from that without onion routing. > OTOH if we use more than one tunnel, either local > collusion or rerouting may make life *much* easier for the attacker. Yes, we should keep the number of linkable tunnels to a minimum. > Makes it easier to track down the origin node for a swarm of requests once it > reaches the request stage. Maybe that's not such a big deal. If tunnels do their job then it doesn't matter if an attacker can find the last node in the tunnel. > For performance most users would likely want the node to use multiple tunnels > for a single splitfile, and arguably this is a security issue: if the > attacker receives the tunnel, and doesn't like its contents, he can > trickle-feed it as an effective DoS. Users who value performance over anonymity could use multiple tunnels per splitfile and/or shorter tunnels. I'm just saying that for maximum anonymity, the tunnels should be long enough that any node could be the initiator, and the number of linkable tunnels should be minimised (eg one tunnel per Frost ID per session rather than one per message). > For > premix routing, any effective attack requires that the tunnel exit node is > owned by the attacker, and usually at least one node prior to that also. True, I'm not suggesting that tunnels are as strong as premix routing, but on the other hand they don't require revealing the topology or distributing (and agreeing on) public keys for every node in the cell. Cheers, Michael
