Circuits still shared?

ADB firefox-gen at walala.org
Mon Feb 13 03:24:05 UTC 2006


Wouldn't concurrent connections actually be of benefit to security, at 
least in circumstances where the attacker doesn't know the traffic of 
the entire network as a whole, or at least not of what's going on at the 
requesting client end? Also, are there any plans to implement a 'dummy 
ping' system like Jap uses, where a packet will be sent every X or <X< 
seconds, just to enhance entropy during times of low or no traffic? 
Also, just for reference, do you know of any docs that compare Jap and 
Tor in terms of what their methods are and how secure they are against 
various attacks?

Thanks,
Andrew

Roger Dingledine wrote:
> On Sun, Feb 12, 2006 at 03:56:12AM -0600, Mike Perry wrote:
>   
>> Are multiple TCP connections still multiplexed across a single Tor
>> circuit?
>>     
>
> Yes.
>
>   
>> It would seem to me that this should be a serious compromise
>> to anonymity. Frequently I am browsing sites that know who I am (or
>> using AIM, etc) concurrent to accessing those that I'd prefer not to
>> know me.
>>     
>
> Right.
>
>   
>> >From reading the FAQ entry
>> http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#RemainingAttacks
>> it sounds like I am at risk for an exit server correlating the two
>> traffic streams.
>>     
>
> Yep.
>
>   
>> Are there any plans to disable this circuit sharing mechanism via a
>> config option?
>>     
>
> No, because a new circuit for every TCP connection is too expensive. For
> example, you would open a new circuit for every little 1x1 pixel on the
> cnn frontpage. This means it would dramatically slow down Tor for users,
> and worse, the public key ops required for making these circuits would
> overpower the CPUs of our volunteer servers.
>
> But we've got a new tool for resolving this, if you want to start
> experimenting. You can write a Tor controller that intercepts each stream
> request and decides, for each destination, which circuit to use.
>
> http://tor.eff.org/cvs/tor/doc/control-spec.txt
> http://tor.eff.org/cvs/control/doc/howto.txt
>
> And see Geoff's Blossom project for an example:
> http://afs.eecs.harvard.edu/~goodell/blossom/
>
> It may be best to first think hard about the tradeoffs of various
> approaches to dividing streams over circuits, since optimizing for your
> anonymity vs somebody else's donated CPU sounds like a pretty tough
> graph to nail down. Let us know when you have some designs and we'll
> start thinking about how to analyze and compare them.
>
> --Roger
>
>
>
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20060212/da2ff322/attachment.htm>


More information about the tor-talk mailing list