[tor-talk] End-to-end correlation for fun and profit

Maxim Kammerer mk at dee.su
Tue Aug 21 18:57:15 UTC 2012


On Tue, Aug 21, 2012 at 8:27 PM, Eugen Leitl <eugen at leitl.org> wrote:
>> 10 11.50%
>
> So, in other words, you'd hav to have 10 Tor routers on the same
> network.  That's like me having 10 Tor nodes on my home network and
> not setting the NodeFamily directive in torrc.  Somebody playing games
> aside, I can see this happening for nodes that are spun up in VPS
> environments, like the EC2 or Linode.

No, it means that if you intercept traffic from 10 top-bandwidth Tor
routers with some characteristics (Guard + Exit, basically) at what's
probably the nearest hardware switch (seems true for the nodes listed
in my original message), then the probability of both entry and exit
nodes being one of these routers is close to 11.5%. I just multiplied
bandwidth-weighted probabilities for entry and exit nodes. The routers
don't have to be on the same network. Enforcing different-family
circuit nodes skews the probabilities, but not by much, so I didn't
bother to account for that.

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte


More information about the tor-talk mailing list