[tor-dev] Bitcoin-paid hidden meek relays?

Jeff Burdges burdges at gnunet.org
Fri Dec 11 18:17:47 UTC 2015

Appears Isis has interesting work that addresses the bridge problem
much more directly than anything in this thread. 

On Fri, 2015-12-11 at 15:52 +0100, Henry de Valence wrote:

> > Taler is an electronic payment system that was built with the goal
> > of supporting taxation.  With Taler, the receiver of any form of
> > payment is known, and the payment information comes attached with
> > some data about what the payment was made for ... governments can
> > use this data to tax businesses and individuals ... making tax
> > evasion and black markets less viable.
> For a user in a country where Tor is blocked, funding Tor bridges is,
> by definition, a black market in that country.
> Could you explain how you see this feature of Taler fitting with the
> threat model bridges are meant to address?  Which governments should
> get
> detailed data on donations to bridges, and *to whom* is "the receiver
> of
> any form of payment" known?

Any anonymity system provides anonymity only within a particular
anonymity set.  A priori, a blind signing based system like Taler
anonymizes the transactions between two anonymity sets, the customers
and the merchants.  Its mint always knows the total amount that each
customer spends and the total income that each merchant receives,  but
not the specific transactions. 

In Taler, we ensure that a customer and a mint can collaborate to
deanonymize the merchant side of a particular transaction, so the
merchants are no longer an anonymity set.  A merchant and mint cannot
 collaborate to deanonymize a customer side of a particular transaction
though, so the customers remain an anonymity set. 

It follows that Taler cannot protect the identity of merchants from the
country where the Taler mint is based.  In the bridges case, a bridge
user and the mint can collaborate to expose the operator of a
particular bridge, which seems harmless, or even beneficial, and
achievable via the CDN anyways. 


p.s. Aside from anonymity sets, one might worry about pseudo-anonymity
of membership in the set of customers or merchants.  In the bridge
case, if say China hacked this meek mint, then they could learn
whatever the mint knows about its customers, but not what bridge that
customer paid for.  A Taler mint funding bridge operators should
ideally pass any user details it must retain through a data diode. 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20151211/9724125c/attachment.sig>

More information about the tor-dev mailing list