Hello everyone!
During this year's Google Summer of Code I[0] will be working on reducing the Round-Trip-Time (RTT) for preemptively built circuits.[1] My mentors are Mike and Aaron.
A brief summary of the project: RTTs of circuits can be measured by violating the exit policy of the exit node and the resulting error can be timed in a measuring client. It is assumed that the RTTs are Fréchet-distributed which could be used to reject a preemptively built circuit if its RTT is below a certain threshold value. A basic algorithm will be implemented to gather the required data for further statistical analysis which should help answering open questions like: • Are the RTTs Fréchet-distributed? • Does this strategy make new attacks feasible? • How many probes per circuit are needed to do reasonable estimations? • How much additional load is added to the network? • What is an appropriate cut-off percentile? • Does the strategy work in terms of anonymity and performance? • Does the RTT vary for destination ports? (This might be the case for destination ports that occur rarely in exit policies.) • Does this strategy also work if guard nodes are congested?
Best, Robert
[0] "ra_" on OFTC [1] http://www.google-melange.com/gsoc/project/google/gsoc2013/ra_/19001
On Fri, Jun 07, 2013 at 07:38:44PM +0200, ra wrote:
Hello everyone!
During this year's Google Summer of Code I[0] will be working on reducing the Round-Trip-Time (RTT) for preemptively built circuits.[1] My mentors are Mike and Aaron.
A brief summary of the project: RTTs of circuits can be measured by violating the exit policy of the exit node and the resulting error can be timed in a measuring client. It is assumed that the RTTs are Fréchet-distributed which could be used to reject a preemptively built circuit if its RTT is below a certain threshold value. A basic algorithm will be implemented to gather the required data for further statistical analysis which should help answering open questions like: • Are the RTTs Fréchet-distributed? • Does this strategy make new attacks feasible? • How many probes per circuit are needed to do reasonable estimations? • How much additional load is added to the network? • What is an appropriate cut-off percentile? • Does the strategy work in terms of anonymity and performance? • Does the RTT vary for destination ports? (This might be the case for destination ports that occur rarely in exit policies.) • Does this strategy also work if guard nodes are congested?
Best, Robert
[0] "ra_" on OFTC [1] http://www.google-melange.com/gsoc/project/google/gsoc2013/ra_/19001
Robert,
If I'm understanding the above correctly, this sounds related to our congestion-aware path selection work: http://www.cypherpunks.ca/~iang/pubs/Congestion_Aware_FC12.pdf http://www.cacr.math.uwaterloo.ca/techreports/2011/cacr2011-20.pdf
It's not exactly the same, but I just wanted to ensure you were aware of it.
[Cc: Tao Wang, the lead author on that paper.]
Thanks,
- Ian
-
Ian Goldberg -
ra