[tor-talk] Could BACKLIT be implemented by Tor

Roger Dingledine arma at mit.edu
Sun Jan 22 09:41:02 UTC 2012


On Fri, Jan 20, 2012 at 08:48:38PM +0100, Sebastian G. <bastik.tor> wrote:
> Could BACKLIT be implemented by Tor to protect it's users from traffic
> analysis by traffic watermarking?
> http://freehaven.net/anonbib/papers/backlit-acsac11.pdf

It could be implemented by Tor. There's a lot of research remaining
though. The first hurdle would be how to approximate all the knowledge
that the detector gets in their paper when you don't get to be root or
watch the raw packets. The second would be trying to reproduce their
results on a non toy network.

I'd be curious to learn what sort of efficiency it can get, and at what
performance cost, especially as the arms race continues (i.e. when the
next traffic watermarking paper comes out claiming that backlit can't
find it).

See also https://www.torproject.org/getinvolved/research.html.en

However, even if it were implemented by Tor, it would not actually
do what you hope. That is, it would not protect its users from
traffic analysis. That's because *passive* traffic confirmation
attacks, without any need for active mucking with the flows,
already work great through Tor, and there are no known fixes.

See https://blog.torproject.org/blog/one-cell-enough for background here.

Then see http://freehaven.net/anonbib/#active-pet2010

--Roger



More information about the tor-talk mailing list