[tor-talk] A possible solution to traffic correlation attacks,
notfriendly at riseup.net
notfriendly at riseup.net
Mon Jun 6 01:31:01 UTC 2016
On 2016-06-05 18:43, Paul Syverson wrote:
> On Sun, Jun 05, 2016 at 05:20:24PM -0400, Allen wrote:
>> >
>> > So randomizing the times that traffic enters the network and exits the
>> > network wouldn't work? Like it enters a note and 30 ms after received or
>> > another random delay couldn't it exit. It would be harder to correlate the
>> > traffic right?
>>
>>
>> IMO, the packets would probably need to be randomly delayed at each
>> node,
>> not just entering and exiting the network. A mathematical model would
>> be
>> needed to determine the necessary amount of delay (I doubt 30 ms would
>> be
>> enough). The delay could be chosen by the originating node, so it
>> could
>> chose the privacy vs latency tradeoff.
>
> You guys might want to look at the stop-and-go mix paper (Kesdogan et
> al. 1998)
> and the alpha mixing paper (Dingledine et al. 2006) at
> freehaven.net/anonbib/
> Other topics touched on in this thread include defensive dropping
> "Timing Attacks in Low-Latency Mix-Based Systems" Levine et al. 2004,
> also at anonbib.
> There are many research papers that have explored aspects of these
> ideas.
>
>>
>> It might also be beneficial to have two channels to each exit node,
>> with
>> each channel used in only one direction, i.e., outbound packets travel
>> one
>> route, while inbound packets travel a different route.
>
> For this you might look at
> "Preventing Active Timing Attacks in Low-Latency Anonymous
> Communication"
> Johnson et al. 2010, also on anonbib
>
> aloha,
> Paul
I just downloaded the PDF and will read it later tonight.
More information about the tor-talk
mailing list