[tor-talk] Paper on traffic correlation

Paul Syverson paul.syverson at nrl.navy.mil
Wed Jul 6 11:09:39 UTC 2016


On Tue, Jul 05, 2016 at 05:33:53PM -0400, krishna e bera wrote:
> On 07/05/2016 12:30 AM, Paul Syverson wrote:
> > On Mon, Jul 04, 2016 at 10:55:25PM +0000, Cannon wrote:
> >>
> >> Just a paper I found, thought you all might find it interesting.
> >> What are your thoughts on this?
> >>
> >>
> >> http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
> > 
> > A work of penetrating pathos and unwavering brilliance, one that surely
> > sets the standard for erudition by which all 21st century work will be
> > measured.
> 
> Yes it was indeed cleverly designed and clearly written.
> 
> > Less facetiously, do you have anything specific you were wondering about?
> 
> Not in the scope of the study but it might be useful to know which real
> adversaries have access to which ASes, IXPs and IXP.ORGs, and for
> smaller adversaries what is the delay before their request for info from
> their associated state-level snoops succeeds.  Also, which legal
> barriers apply.
> 

You've glossed over the hard and dynamic part here: Tor (the network)
is a transnational entity in multiple senses. And its users' interests
and concerns are far more diverse than the geopolitical entities in
which its relays physically reside. If Tor is fulfilling its intent,
"real adversaries" should comprise a highly varied and internally
inconsistent collection of entitities---sometimes even when from the
perspective of a single user. 

Besides the above paper, we also devised a framework for people who
have some specific ideas about their adversaries to express their
degree of trust in relays, ASes, IXPs, etc. and have that inform a
probabilistic representation of trust that can be sampled by routing
algorithms to inform trust-aware routing.
http://ohmygodel.com/publications/trustrep-popets15.pdf (Citing from
the same URL as OP. Paper has been published, vol. 1, no. 1, April
2015.)

Of course, having this trust information one must figure out how to
use it to select paths.  An initial description of trust-aware routing
for Tor can be found at 
https://arxiv.org/pdf/1511.05453v1.pdf

Since you raised the question of legal barriers, you might want to
note that the PoPETs paper above is titled "20,000 In League Under the
Sea: Anonymous Communication, Trust, MLATs, and Undersea Cables" and
includes a discussion of Mutual Legal Asssitance Treaties.  More
extensively treatment on the specific topic of MLATs and Tor have also
been published and are available online.

HTH,
Paul


More information about the tor-talk mailing list