[tor-talk] Matryoshka: Are TOR holes intentional?

benjamin barber barberb at barberb.com
Thu Jun 18 06:36:53 UTC 2015

His project was started in july of 2006, which he seems to have been
spearheading in a family business, to supply dark net services to christian


The guy ran for congress back before the turn of the millennium, so I dont
know if he is brilliant and misunderstood, or if he is a con artist playing
a part.

On Wed, Jun 17, 2015 at 10:59 PM, benjamin barber <barberb at barberb.com>

> http://shofarnexus.com/Download
> On Wed, Jun 17, 2015 at 10:43 PM, benjamin barber <barberb at barberb.com>
> wrote:
>> I didn't have a problem finding Matryoshka networks but not software
>> called "Matryoshka", just as were not using running "onion software",
>> some different software use the Matryoshka network method to communicate.
>> On Wed, Jun 17, 2015 at 9:51 PM, Roger Dingledine <arma at mit.edu> wrote:
>>> On Thu, Jun 18, 2015 at 12:02:45AM -0400, grarpamp wrote:
>>> >  We also need to take a serious look at TOR, and
>>> > without emotional bias, consider if a serious flaw was designed in.
>>> "Traffic analysis is the first hole plugged by Matryoshka, but ignored
>>> by TOR."
>>> I couldn't figure out how to actually fetch this "Matryoshka" software,
>>> but it sure looks like another case of somebody not understanding the
>>> research field, and thinking that solving the traffic confirmation
>>> attack is easy, without actually thinking through the engineering side,
>>> the scaling side, or the statistics side.
>>> For background see e.g.
>>> http://freehaven.net/anonbib/#danezis:pet2004
>>> It makes sense that if you think solving the problem is easy, you
>>> wonder why Tor hasn't solved it.
>>> But even full scale padding, ignoring the practical side of how to get a
>>> Tor network that can afford to waste so much bandwidth, doesn't provide
>>> protection in the face of active attacks where you induce a gap on one
>>> side and then observe the gap on the other side. And it might even be
>>> the case that these gaps happen naturally by themselves, due to network
>>> congestion and so on, so maybe passive observers will be winners even
>>> against a design that does full padding.
>>> Also, to make it really work in practice, all users are going to need
>>> to pad not just while fetching their web page or iso or whatever, but
>>> sufficiently before and after that too, else an attacker can match up
>>> start times and end times:
>>> http://freehaven.net/anonbib/#murdoch-pet2007
>>> This is a great area for further research:
>>> http://freehaven.net/anonbib/#ShWa-Timing06
>>> http://freehaven.net/anonbib/#active-pet2010
>>> tl;dr the whole premise of this person's blog post is flawed, since
>>> their design likely does not work as they think it does.
>>> --Roger
>>> --
>>> tor-talk mailing list - tor-talk at lists.torproject.org
>>> To unsubscribe or change other settings go to
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

More information about the tor-talk mailing list