Potential attack by associating onymous & anonymous traffic

[Nick Nolan]

An example:
An attacker knows that I use the AIM account malglico. I am doing this 
through Tor (to hide my location or just out of ethusiasm for tsocks). I 
am also using Tor to transmit something else that I do not want to be 
revealed as the sender of.

This attacker is able to observe all or some endpoints to the network. 
They notice that some traffic from malglico is coming from a particular 
Tor exit. At the same time they notice that the sensitive information I 
am transmitting is also exiting from there. They can immediately narrow 
the sender to me or one of the other users exiting from that OR. They 
have my identify, and the 1 over the number of users exiting from that 
OR probability that I sent it. This is considerably better than all 
users on tor who sent message close to that size out.
The simplest solution would be to send all my onymous traffic unproxied, 
   but maybe I want to hide my location. I can't in the current 
implementation. If the Tor daemon were able to group the traffic, ie 
this this and this can be sent down the same circuit, but this must be 
seperated, I would be able to hide my location in some cases and my 
entire identity in others.
Do I have a potential privacy concern here or did I miss something? I've 
only RTFS'd briefly.
Regards,
Nick Nolan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20041224/360e638c/attachment.pgp>