concurrent circuits for traffic fragmentation

Mansour Moufid mansourmoufid at gmail.com
Fri Jun 4 03:13:41 UTC 2010


Hello,

Regarding the recent publicity, I was hoping to make a few comments. I
apologize in advance if this has been discussed before.

While Tor makes no claims of protecting unencrypted traffic at and
past exit nodes, it should be possible to mitigate the threat of
sniffing to a certain degree by fragmenting traffic. What I mean by
that is that a Tor client should be able to use more than one circuit
in the network at a time. For example, if a PDF file is downloaded
through Tor, half of it could pass through one exit node, and the
other through a second.

There would be the added benefit of increasing bandwidth, since chunks
could be downloaded in parallel. I imagine the simplex method could be
used to quickly determine how many or how big of a chunk to request
through each circuit, based on the cost (delay and throughput) of
each, in order to minimize latency and maximize throughput. The
function mapping chunks to circuits would be difficult to reconstruct
by an (single) outside attacker without real time information.

I imagine the Tor client daemon itself wouldn't need to be modified.
Many Tor daemons could be made to run concurrently and independently,
with traffic delegated by some sort of metadaemon.

I will make an attempt at implementing the latter somehow... Has
anyone tried this before?

Please let me know if I need to elaborate.

-- 
Mansour Moufid



More information about the tor-dev mailing list