Delivery-Date: Tue, 17 Feb 2015 14:40:08 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,MISSING_HEADERS,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,
	T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 28CED1E1001
	for <archiver@seul.org>; Tue, 17 Feb 2015 14:40:07 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 5619E31E6D;
	Tue, 17 Feb 2015 19:40:03 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 211F331E68
 for <tor-talk@lists.torproject.org>; Tue, 17 Feb 2015 19:40:00 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 7ot1P4KpjaMj for <tor-talk@lists.torproject.org>;
 Tue, 17 Feb 2015 19:40:00 +0000 (UTC)
Received: from mail-qa0-x236.google.com (mail-qa0-x236.google.com
 [IPv6:2607:f8b0:400d:c00::236])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id EF10B31D4C
 for <tor-talk@lists.torproject.org>; Tue, 17 Feb 2015 19:39:59 +0000 (UTC)
Received: by mail-qa0-f54.google.com with SMTP id x12so27877279qac.13
 for <tor-talk@lists.torproject.org>; Tue, 17 Feb 2015 11:39:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=message-id:date:from:cc:subject:in-reply-to:references:mime-version
 :content-type:content-transfer-encoding;
 bh=ETorwaNFQ3yg7XXibJAQp7gfuGhpmOlPpV48DDM0N3E=;
 b=n9OtaIuh/oY+Ss3GlQHxG/YiDPktUDOU7Dy0abo/q2J9Gk8V5XVGFM6GKCLe1c8yye
 ba7ik/SuLxr/MXXbFynTNmSXB92QWCEU74e1ZhskdGpXv33dR1GeMmQTbmj4dvEtZVG6
 HdYWnQGnDWiG55OMweF1ef+4RrFKHIedDFTrBygyia1VGeea6aRgPnVcq8Vt7mJ/di1H
 k5xXv0f6wzOkLAgdzfFl0SXMQan9/6Fzxawm11z5qYbvKEpEA+Zornb6poDmBjOLViUT
 iacrXg8lmUQwWk2UJf5BcACzD5YFTk22Gv6geHmYWAEYUViNK/O05Orn6gm0sc6mrk0w
 cjkg==
X-Received: by 10.140.87.7 with SMTP id q7mr1443450qgd.67.1424201997610;
 Tue, 17 Feb 2015 11:39:57 -0800 (PST)
Received: from localhost (host97.201-252-112.telecom.net.ar. [201.252.112.97])
 by mx.google.com with ESMTPSA id
 m10sm16502402qat.7.2015.02.17.11.39.56
 for <tor-talk@lists.torproject.org>
 (version=TLSv1 cipher=RC4-SHA bits=128/128);
 Tue, 17 Feb 2015 11:39:57 -0800 (PST)
Message-ID: <54e3990d.4a87e00a.60ac.ffffb112@mx.google.com>
Date: Tue, 17 Feb 2015 16:42:44 -0300
From: Juan <juan.g71@gmail.com>
Cc: tor-talk@lists.torproject.org
In-Reply-To: <20150215112731.GN37920@moria.seul.org>
References: <20150215105508.GA27216@lo.psyced.org>
 <20150215112731.GN37920@moria.seul.org>
X-Mailer: Claws Mail 3.7.10 (GTK+ 2.24.10; i486-slitaz-linux-gnu)
Mime-Version: 1.0
Subject: Re: [tor-talk] Who said it takes hours of latency to fix anonymity?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Sun, 15 Feb 2015 06:27:31 -0500
Roger Dingledine <arma@mit.edu> wrote:

> On Sun, Feb 15, 2015 at 11:55:09AM +0100, carlo von lynX wrote:
> > I'm sorry to disturb with this, but I am being confronted with
> > hearsay about Roger D. having said that it would take latencies
> > in the order of hours to fully make communications impossible
> > to shape and correlate. And that hearsay is being purported as
> > generic for any kind of anonymization network. To me, if it is
> > true, this only makes sense applied to Tor's low latency approach
> > of things. A system that uses shaping-resistant fixed size packets
> > would not need latencies in the order of hours to be provably
> > successfully anonymizing even in the face of a pervasive global
> > attacker, and I presume several papers in anonbib propose viable
> > strategies concerning that. They are just too many to pick one to
> > start from. Am I missing a clue? I am so embarrassed to ask this,
> > I don't even feel like mailing Roger about it. I prefer having 
> > more advanced questions to ask.
> 
> It's actually worse than that -- we have no idea.
> 
> I'd love to have a graph where the x axis is how much additional
> overhead (latency, bandwidth, whatever) we're willing to add, and the
> y axis is how much additional security (anonymity, privacy, whatever)
> we can get.
> 
> Currently we have zero data points for this graph.



	Isn't that interesting? 

	There's a whole 'industry' of 'academics'  getting millions in
	grants for 'researching' stuff and doing 'science', and yet
	they don't provide any useful data. Interesting and cute. 





> 
> The NRL folks have a fun paper on how to turn a defense against
> passive timing attacks into a defense against active timing attacks:
> http://freehaven.net/anonbib/#active-pet2010
> But you have to have a defense against passive timing attacks or their
> paper isn't useful to you yet.
> 
> On the 'bad news' side, check out
> http://freehaven.net/anonbib/#e2e-traffic
> which shows reasonable scenarios against high-latency anonymity
> systems where the anonymity breaks down over time against a passive
> observer.
> 
> Such attacks work especially well against a world where you have
> "users" and you have "mixes", and the users don't participate
> consistently for the entire existence of the system.
> 
> I've always been fond of
> http://freehaven.net/anonbib/#drac-pet2010
> as an example of what you can do if all your users are mixes and no
> users need to send or receive much traffic. But that paper also comes
> with many hidden assumptions, so be careful thinking the next step is
> to just build it.
> 
> On the 'good news' side, consider that with millions of traffic flows,
> maybe you just have to drive the false positives up a little bit, and
> suddenly an attacker with only a partial view of the system can't
> trust his conclusions: see the "More precisely, it's possible that
> correlation attacks don't scale well because" paragraph in
> https://blog.torproject.org/blog/improving-tors-anonymity-changing-guard-parameters
> 
> The PETS conference is where it's at in terms of progress so far. But
> it's been a while since things have moved forward. One next step might
> be to try to rephrase the question into something that somebody can
> answer better.
> 
> --Roger
> 

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

