-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 20/11/14 14:21, Nathan of Guardian wrote: >> If we simply use Tor as a low-latency transport for asynchronous >> messaging then we're limited to Tor's threat model, i.e. we >> can't prevent traffic confirmation attacks. If we revive one of >> the remailers or build a new system then we're limited to a small >> number of users, i.e. a small anonymity set. So ideally we'd find >> some way of adding high-latency mix-like features to Tor. > > How much difference in latency are we talking about? Can we just > introduce some sort of randomness or delay into our existing > stacks/protocols?
If we add delays at the application layer then those delays will be the same all along the Tor circuit. So from the point of view of an adversary doing a traffic confirmation attack against Tor, the delays are irrelevant: the adversary sees the same pattern of delays at both ends of the circuit, so the ends are still correlated with each other. To decorrelate the traffic entering Tor from the traffic leaving Tor we need to delay the traffic at each hop. Ideally we'd go further than that and decouple high-latency traffic from circuits, so that traffic could enter Tor on one circuit and leave on another circuit, long after the first circuit was closed. But that's a much harder problem than adding a delay at each hop, I think. >> Done right, this could provide a large anonymity set for the >> high-latency users and improve the traffic analysis resistance of >> Tor for the low-latency users at the same time, by providing a >> pool of latency-insensitive traffic to smooth out the bursty >> low-latency traffic between relays. > > I think this really makes the case, why a native Tor-based > messaging channel/layer/link/substrate should be implemented. Great! Maybe we should move this discussion to the thread on tor-dev that Mansour Moufid started recently? https://lists.torproject.org/pipermail/tor-dev/2014-November/007741.html Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJUbf7EAAoJEBEET9GfxSfMV3MH/RX9p06HaC7Z1yP4XKW23bIL 14H2HvAKXPmTGMP5+HOHK8UmOW3nqlsiCZsX458PaSkrThk/wLrqGij4usbqPvaX PnpEK3q9RijL7syvocsVkdtV8SLIows+l4A9jJsL5w1qd+Pfpch5xc6jtfm6n9X0 hAon3oAIkNtfQpmfw4sVFhn19GxCVFUFJkIYKoi3lHCyNMr4cpBW1zIeI9RDcyMh tpooERBHx/DAXfo/Tc6ZaLhaBu7IZkvATlybKeMM/vDOOu78Hc9Fh0u5a2WM3ITC xYbbxdDesDefffJ527ZS3o+inhwiNXx332o+EUh/Zq4wBkBLVW3bdaSEw1SbCNU= =hizc -----END PGP SIGNATURE----- _______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
