http://shofarnexus.com/Download
On Wed, Jun 17, 2015 at 10:43 PM, benjamin barber <barb...@barberb.com> wrote: > I didn't have a problem finding Matryoshka networks but not software > called "Matryoshka", just as were not using running "onion software", > some different software use the Matryoshka network method to communicate. > > > On Wed, Jun 17, 2015 at 9:51 PM, Roger Dingledine <a...@mit.edu> wrote: > >> On Thu, Jun 18, 2015 at 12:02:45AM -0400, grarpamp wrote: >> > We also need to take a serious look at TOR, and >> > without emotional bias, consider if a serious flaw was designed in. >> >> "Traffic analysis is the first hole plugged by Matryoshka, but ignored >> by TOR." >> >> I couldn't figure out how to actually fetch this "Matryoshka" software, >> but it sure looks like another case of somebody not understanding the >> research field, and thinking that solving the traffic confirmation >> attack is easy, without actually thinking through the engineering side, >> the scaling side, or the statistics side. >> >> For background see e.g. >> http://freehaven.net/anonbib/#danezis:pet2004 >> >> It makes sense that if you think solving the problem is easy, you >> wonder why Tor hasn't solved it. >> >> But even full scale padding, ignoring the practical side of how to get a >> Tor network that can afford to waste so much bandwidth, doesn't provide >> protection in the face of active attacks where you induce a gap on one >> side and then observe the gap on the other side. And it might even be >> the case that these gaps happen naturally by themselves, due to network >> congestion and so on, so maybe passive observers will be winners even >> against a design that does full padding. >> >> Also, to make it really work in practice, all users are going to need >> to pad not just while fetching their web page or iso or whatever, but >> sufficiently before and after that too, else an attacker can match up >> start times and end times: >> http://freehaven.net/anonbib/#murdoch-pet2007 >> >> This is a great area for further research: >> http://freehaven.net/anonbib/#ShWa-Timing06 >> http://freehaven.net/anonbib/#active-pet2010 >> >> tl;dr the whole premise of this person's blog post is flawed, since >> their design likely does not work as they think it does. >> >> --Roger >> >> -- >> tor-talk mailing list - tor-talk@lists.torproject.org >> To unsubscribe or change other settings go to >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> > > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk