Anonymity questions

[Michael Holstein]

I've thought about this too (and the BGP routing thing I hadn't heard, 
but I was aware that ATT, et.al. were being NSA-friendly by routing 
international calls through US-based switches) -- but if they do it for 
voice, they do it for data, since to AT&T, it's all really data anyway.

So how about this as a proposed solution:

Rather than encrypt individual TCP streams, allow the TOR nodes (or at 
least the intermediates) to do GRE or IPSEC, and then route multiple 
streams (each themselves encrypted) inside a seperately encrypted tunnel.

This would make it impossible (er...more difficult) for someone to match 
traffic entering with traffic exiting (assuming sufficient padding and 
whatnot to keep traffic fairly constant). Unless you can pick a large 
"burst" out of the other chatter, you'd make it signifigantly harder to 
trackback on an individual stream.

Sort of like a mesh-network of opportunistically created VPNs -- 
creating an encrypted "cloud". I think this is sort of what the Freedom 
network tried to do commercially a few years ago. Another advantage of 
this might be the ability to actually use BGP tables to assist in 
routing, since at this point, you'd have created an encrypted "overlay 
internet". Those tables could then be manipulated with control traffic 
inside the cloud to deal with ensuring traffic is routed through 
multiple countries (or around certian ones).

The other advantage of a GRE/IPsec approach would be the ability to 
carry any type of traffic, not just TCP.

Thoughts?

Michael Holstein CISSP GCIA
Cleveland State University