Hi everyone, I have taken some time and considered my topic for the Master's Thesis. I have finally decided to write it on integrating high-latency traffic with the Tor low-latency network (see also my initial mail and George's response[1]).
My primary research goal is to determine the impact of a mix network inside Tor, especially on low-latency users of the network. For this, I plan to use shadow [2] with scallion to simulate the Tor network. I then want to integrate Mix features into the network and see how the network reacts to certain attacks, attacking the mix users as well as the non-mix users. A crucial part in this evaluation will be to determine whether the anonymity of regular Tor users might be reduced (for example just by drawing away users from low- to high-latency traffic) or whether it might actually be improved (it could attract more users into the same network). However, for this evaluation/simulation to work, I need to attack my simulation, i.e. become the adversary and measure the effectiveness of my attacks. And for this, I need the actual implementation. So if anyone has access or can direct me to implementations that I can use, I would be glad for your help. It would also help me a lot if you can direct me to papers or articles that have shown specific attacks that are known to work on the current network. Finally, I am currently considering using Mixminion as my basis for a mix network as it seems well designed and addresses a lot of known attacks. I currently do not plan to evaluate its security but instead only the effect its usage has on attacks that work on regular Tor users. However, if anyone can propose a better mix network to base my work on, please let me know. Thanks to everyone for your support. Regards, Florian Rüchel [1] https://lists.torproject.org/pipermail/tor-dev/2014-December/007913.html [2] http://shadow.github.io >> Certificates for HS: I find this topic particularly interesting and have >> followed the discussion. The general concept seems like a great thing to >> achieve and it could actually outperform the regular SSL/CA >> infrastructure stuff as it could remove the need for CAs. Unfortunately, >> this seems something that is not extensive enough to warrant a whole >> thesis. If you guys think otherwise, please let me know. >> >> Tor with mix features: Tor has the explicit goal of being a low-latency >> network. However, there are several protocols where high-latency would >> be acceptable. I liked the idea of high latency HSes >> (https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html). >> I'd like to know what you think about this idea being viable. It would >> have the advantage of being very flexible from just a theoretic >> evaluation down to a real implementation so I could adjust this to my >> time. But only if this is actually desired so it does not need to stay >> theoretic. I think it would be very interesting to evaluate whether this >> can improve or hurt anonymity of low-latency users, as well. > > I agree. Very interesting area. I'm hoping for Tor to move the area > forward during the next one year. We will see. > > Parallel research would be good. Some ideas to move forward: > https://lists.torproject.org/pipermail/tor-dev/2014-November/007859.html > _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev