[tor-talk] A possible solution to traffic correlation attacks,
Paul Syverson
paul.syverson at nrl.navy.mil
Sun Jun 5 22:43:42 UTC 2016
On Sun, Jun 05, 2016 at 05:20:24PM -0400, Allen wrote:
> >
> > So randomizing the times that traffic enters the network and exits the
> > network wouldn't work? Like it enters a note and 30 ms after received or
> > another random delay couldn't it exit. It would be harder to correlate the
> > traffic right?
>
>
> IMO, the packets would probably need to be randomly delayed at each node,
> not just entering and exiting the network. A mathematical model would be
> needed to determine the necessary amount of delay (I doubt 30 ms would be
> enough). The delay could be chosen by the originating node, so it could
> chose the privacy vs latency tradeoff.
You guys might want to look at the stop-and-go mix paper (Kesdogan et al. 1998)
and the alpha mixing paper (Dingledine et al. 2006) at freehaven.net/anonbib/
Other topics touched on in this thread include defensive dropping
"Timing Attacks in Low-Latency Mix-Based Systems" Levine et al. 2004,
also at anonbib.
There are many research papers that have explored aspects of these ideas.
>
> It might also be beneficial to have two channels to each exit node, with
> each channel used in only one direction, i.e., outbound packets travel one
> route, while inbound packets travel a different route.
For this you might look at
"Preventing Active Timing Attacks in Low-Latency Anonymous Communication"
Johnson et al. 2010, also on anonbib
aloha,
Paul
More information about the tor-talk
mailing list