Anonymity on mobile devices
Christian Beil
christian.beil at web.de
Sat Sep 17 16:02:04 UTC 2005
Hi,
developing on a project which uses Tor, I hope to get some opinions from
you.
I'm working with the mobile business group at my university in Germany.
We are developing a platform for location-based and context-based
applications. We also want to provide security and anonymity to the
users of these locaion- and context-based services. Beside using
pseudonyms, we want to apply an anonymizing service like Tor.
Our tests with some quite fast mobile devices (PDAs) showed that Tor
could not (yet) be applied directly on the client. In the first place
performance of the PDAs is too low for the (many) publice key
operations, and secondly setting up a circuit causes much traffic which
takes long and costs money; e.g. the OR list is quite big.
So we switched to a different architecture: now there is gateway to
which the user connects to and which does all the anonymizing for him.
This means we have a single point of failure, but we only need to
connect securely (TLS,VPN,...) to the gateway.
Additionally we want to enable the user to choose the way of
anonymizing, e.g. using Jap or Tor. Because of this and because we use
the gateway for some other things, we had to design our own protocol
which is similar to Socks, but has some additional parameter for the
anonymity configuration.
So our architecture looks like this: the mobile client connects securely
(by VPN) to the gateway, then it sends a Socks-like connect request
along with the configuration parameters to the gateway, the gateway
sends a request to the chosen anonymity service (e.g. talking socks5 to
Tor on port 9050) and after the connection has been established the
gateway forwards all incoming data.
What do you think of this architecture and of anonymity on mobile
devices in general? There was a system called mCrowds which implemented
Crowd's Jondos on WAP-gateways. Does anyone know it?
Christian
More information about the tor-talk
mailing list