Matthew Toseland wrote: >> We're using a reliable transport between nodes, so the only things that >> should cause a timeout are overloaded, crashed or faulty nodes. > > Not true. Very long paths can also cause this.
Ah, good point. >> The closest-location-so-far tells an attacker something about the path a >> request has followed - among other things, it allows the attacker to >> rule out certain nodes the request definitely hasn't passed through. But >> how would we quantify that in terms of the size of the initiator's >> anonymity set or the probability that a given node is the initiator, for >> example? > > Well, how does the attacker rule out previous nodes? Any node that's closer to the target than the closest-location-so-far has never seen the request, otherwise the closest-location-so-far wouldn't have its current value. > How many can he rule out? That's kind of the point: I can't work out how to quantify how much the attacker can learn, which means it's possible that a clever attacker can learn a lot. Whereas with a weighted coin (despite its other disadvantages) at least we know how much the attacker can learn. Cheers, Michael
