Dishonest Tor relay math question - tor-talk is to lazy
Peter Fairbrother
peter at tsto.co.uk
Mon Oct 11 01:06:30 PDT 2021
On 11/10/2021 04:59, Punk-BatSoup-Stasi 2.0 wrote:
> On Mon, 11 Oct 2021 03:18:15 +0000
> PrivacyArms <privacyarms at protonmail.com> wrote:
>
>> Thanks. I will read the linked paper, but Tor uses connection padding. Maybe your information is out of date?
>
>
> Nah. Tor uses some kind of limited padding,
It's designed so that routers which are configured to report per-flow
totals on an entry node's traffic will aggregate more packets into the
reported per-flow session totals.
Marginally effective in the short term if the attacker is using per-flow
logging data, but less effective against long-term correlation attacks
and near-useless if the traffic data used isn't aggregated, as might be
collected by GCHQ or (I'd expect) NSA in a packet-logging rather than
per-flow-logging configuration.
Afaik all backbone routers can be configured for packet or per-flow
logging. Per-flow logging is used by ISPs to improve service and
per-flow log storage is cheaper than packet-log log storage, so it is
used more.
But I expect the big boys, NSA, GCHQ etc, can get packet logs whenever
they want them. Especially if it's only for a goodly proportion of the
few thousand Tor entry and exit nodes.
Against the elephant? Tor's padding is totally useless.
Peter Fairbrother
More information about the cypherpunks
mailing list