Florian RĂ¼chel florian.ruechel.tor@inexplicity.de writes:
Hi everyone,
I have taken some time and considered my topic for the Master's Thesis. I have finally decided to write it on integrating high-latency traffic with the Tor low-latency network (see also my initial mail and George's response[1]).
Hello,
yes it does sound like an interesting research topic.
My primary research goal is to determine the impact of a mix network inside Tor, especially on low-latency users of the network. For this, I plan to use shadow [2] with scallion to simulate the Tor network. I then want to integrate Mix features into the network and see how the network reacts to certain attacks, attacking the mix users as well as the non-mix users. A crucial part in this evaluation will be to determine whether the anonymity of regular Tor users might be reduced (for example just by drawing away users from low- to high-latency traffic) or whether it might actually be improved (it could attract more users into the same network).
Yes, I'm also wondering whether the anonymity of low-latency Tor would increase if we plugged a high-latency network into it, and also the opposite. I'm curious on whether one network will act as cover traffic for the other, and what kind of adversaries that would fool.
On this topic you might also enjoy the paper "Sleeping dogs lie on a bed of onions but wake when mixed" by Paul Syverson: https://petsymposium.org/2011/papers/hotpets11-final10Syverson.pdf
However, for this evaluation/simulation to work, I need to attack my simulation, i.e. become the adversary and measure the effectiveness of my attacks. And for this, I need the actual implementation. So if anyone has access or can direct me to implementations that I can use, I would be glad for your help.
What implementations do you mean?
I'm curious to how you are going to use simulation here. I also imagine that actually integrating mixminion with Tor on a level that would allow simulation will be non-trivial engineering work.
In any case, if you have specific Shadow questions, you might want to speak with Rob Jansen who develops Shadow and who is also interested in hidden services research.
It would also help me a lot if you can direct me to papers or articles that have shown specific attacks that are known to work on the current network.
Finally, I am currently considering using Mixminion as my basis for a mix network as it seems well designed and addresses a lot of known attacks. I currently do not plan to evaluate its security but instead only the effect its usage has on attacks that work on regular Tor users. However, if anyone can propose a better mix network to base my work on, please let me know.
Hm, not sure how exactly the integration will work here, but mixminion sounds like a decent choice maybe. It's also developed by Nick, who is the Tor developer.