Delivery-Date: Fri, 12 Dec 2014 11:13:52 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 63C0E1E019F;
	Fri, 12 Dec 2014 11:13:50 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0FBEB320DF;
	Fri, 12 Dec 2014 16:13:46 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 93A9831EE8
 for <tor-talk@lists.torproject.org>; Fri, 12 Dec 2014 16:13:42 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 0hLywGCGFY5x for <tor-talk@lists.torproject.org>;
 Fri, 12 Dec 2014 16:13:42 +0000 (UTC)
Received: from mail-ie0-x230.google.com (mail-ie0-x230.google.com
 [IPv6:2607:f8b0:4001:c03::230])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 766E431E8C
 for <tor-talk@lists.torproject.org>; Fri, 12 Dec 2014 16:13:39 +0000 (UTC)
Received: by mail-ie0-f176.google.com with SMTP id tr6so7134886ieb.21
 for <tor-talk@lists.torproject.org>; Fri, 12 Dec 2014 08:13:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:from:date:message-id:subject:to:content-type;
 bh=1/UB4wMX7C3ko7c6QyBwrQY8MqQVD2ROTES6rrhf2f0=;
 b=lN5bQTqL5piMP53WIat4MFcVkdR3OpL4qvem4PYGb7yNNy2G9HwuFR7X9htRI47D8K
 yi47xQ0TTU/L2qC/KxTIct9irTlMDKRyaHd2z4RdSeGKJX2qwQUGG4FvadqmKSO/5ELb
 R/ZqoLc/WGE8nQicDr6VLXITmuNpz88GfzzYloqbgfCxp6BGJMpshY6QwuSGo0mzc7OV
 DzKxIGahukPyfQtQOFzS7BlAlootKsZWkQQ87lJXsLaLfkS4YFczFVQ0BHf3qNyHTDit
 h0WWFKX+eqQjUmO6EHQwh6kED7OuK4Gew4/rZRTjJ8pg3+/WGOPYqRgtDf3JuWKyH5Vx
 ymuA==
X-Received: by 10.107.149.13 with SMTP id x13mr15734469iod.35.1418400817199;
 Fri, 12 Dec 2014 08:13:37 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.174.155 with HTTP; Fri, 12 Dec 2014 08:13:16 -0800 (PST)
From: Abhishek Singh <abhishek.singh.kumar@gmail.com>
Date: Fri, 12 Dec 2014 17:13:16 +0100
Message-ID: <CANm7j6P1tHmOQh3Ye2Kgv-pe82tazOZtjV8oGFRQQyA1SZ+qDw@mail.gmail.com>
To: tor-talk@lists.torproject.org
Subject: [tor-talk] Network properties of a social graph formed by relay
	operators
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi to all,

I wonder if a social network formed by the operators of the Tor relay nodes is
beneficial in Tor for sybil-defense. I have some questions regarding such a
mechanism. I have described the context first and it is followed by the
questions that I have in this regard.

The number of relay nodes an attacker can introduce in Tor is based on the
distinct IP addresses it can obtain. Obtaining these has become easier as there
are large number of cloud service providers willing to provide these (other
options are botnet or a resourceful adversary). Attackers have exploited this
to perform a combination of traffic analysis attack and sybil attack to
deanonymize clients' actions. Couple of examples include: 1) the attack
described by Biryukov et al. in IEEE SP 2013, and 2) the RELAY_EARLY attack
observed earlier this year.

Merits of a sybil-defense mechanism which is based on social networks has been
debated in academia and I wonder if such a mechanism will be beneficial for
Tor. In this scheme a node in the social graph represents the relay operator
and an edge between two nodes nodes represents the mutual trust between the
respective relay operators. The node can be represented by pseudonym of its
operator. A relay operator can register its edges with the Tor authorities. Tor
authorities (and clients) can analyze the social graph to detect sybil
identities and then limit the use of such identities.

Existing social network based sybil defense mechanism (such as SybilLimit)
assume a small cut between the honest region and the sybil region of the
network. Typically, these are evaluated over dense social graphs (higher
average degree) such as Facebook social graph.

Following are the questions about the feasibility of the mechanism and the
network properties of the resulting social graph:

1. Would relay operators disclose their edges to other relay operators in this
social graph to others? Or, are there privacy and other concerns which makes
such disclosures infeasible?

2. Do relay operators know each other or communicate with among themselves? It
may be the case that will be some relay operators who do not have edge to any
other relay operator. However, this technique will be helpful as long as there
is a large enough connected component in the social graph.

3. As establishing an edge in this graph is more difficult because of privacy
reasons, would it exhibit network properties similar to other social graphs
(say Facebook social graph)? Or, would it be less denser (lower avg. degree,
lower connectivity, higher path lengths) than these social graphs? If the graph
is sparse, then existing techniques may not work optimally.

4. As the social graph composed of relay operators does not exist yet, are
there any other social graphs which are close approximation for it? And, are
such social graphs available for doing further network analysis?

Thanks,
Abhishek
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

