Delivery-Date: Wed, 18 Jun 2014 22:11:46 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by moria.seul.org (Postfix) with ESMTPS id F39CA1E0E06
	for <archiver@seul.org>; Wed, 18 Jun 2014 22:11:43 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 29B812E88C;
	Thu, 19 Jun 2014 02:11:42 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id AA5103012A
 for <tor-talk@lists.torproject.org>; Thu, 19 Jun 2014 01:56:57 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id JcK3EiJB-o3m for <tor-talk@lists.torproject.org>;
 Thu, 19 Jun 2014 01:56:57 +0000 (UTC)
Received: from mail-ie0-x22e.google.com (mail-ie0-x22e.google.com
 [IPv6:2607:f8b0:4001:c03::22e])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 8B69A2FCC4
 for <tor-talk@lists.torproject.org>; Thu, 19 Jun 2014 01:56:57 +0000 (UTC)
Received: by mail-ie0-f174.google.com with SMTP id lx4so1421840iec.5
 for <tor-talk@lists.torproject.org>; Wed, 18 Jun 2014 18:56:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=cyblings.on.ca; s=google;
 h=message-id:date:from:user-agent:mime-version:to:subject:references
 :in-reply-to:content-type;
 bh=VI0m3GsvYzTaxQdB0RD86f9B+/rKpU502OO4AJMZLXI=;
 b=IOodJzS4hBWvdY23oDzA/jTX/xMpDTnMBV4z+O/Ft57NxsFbbVN7v1UP/enG2UR7E7
 1UgIcyOWz7lwJHT7VoGaNKTXKnQ7j9jwF/jgktz3TjAzwSuYuHoLVaYglaiAxs5jpOrb
 SXpKZ/6Iva+YXZl08VIKQHn1K8V4ByeaaHNCE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
 :subject:references:in-reply-to:content-type;
 bh=VI0m3GsvYzTaxQdB0RD86f9B+/rKpU502OO4AJMZLXI=;
 b=Fb7VdaxPr57JO1PJ/rRFMud5mb4Dv2TVLbQoAnKrqGqRg/uOrZ/vR2mAVhq9cOW9gM
 y/PPk74GMYY43eJMbn8m3IOTNhsZuXH4L3IPX3T/BWFgBeNrlCz/otT/FgsNTFfiC5zU
 A3vkfMiE6plAfHSE53Zgzz0bra8R+6ZN6HY1Jq3EsH5Ix6t05wNzGDzLwvAjJ/lpdhw6
 sAFGScpOuse9/JZ+Tw64m4R+aOQ9s9+BZ00pOZCyzzy26gHYCrQ2lqq0wkVzp2BzLtL+
 Mey2mze9Fz59VGbZD+af7FENTCl/RtB7nPIoJMIAMHvl983KmHKVQvMDRHP5G2oX9YyA
 I+fA==
X-Gm-Message-State: ALoCoQl/21Ts5HY0QAVfJcIJnbeBxk4jUuRrmvX6LyIvl69qATLYKgEdgluqMWLHtfGHkjlQ+yAM
X-Received: by 10.42.198.69 with SMTP id en5mr2326346icb.66.1403143014759;
 Wed, 18 Jun 2014 18:56:54 -0700 (PDT)
Received: from [192.168.1.2] (69-196-152-198.dsl.teksavvy.com.
 [69.196.152.198])
 by mx.google.com with ESMTPSA id v9sm2820143igd.14.2014.06.18.18.56.52
 for <tor-talk@lists.torproject.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Wed, 18 Jun 2014 18:56:53 -0700 (PDT)
Message-ID: <53A24354.10206@cyblings.on.ca>
Date: Wed, 18 Jun 2014 21:56:36 -0400
From: krishna e bera <keb@cyblings.on.ca>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <20140618110456.GH2495@loar>
In-Reply-To: <20140618110456.GH2495@loar>
X-Enigmail-Version: 1.6
Subject: [tor-talk] =?windows-1252?q?PrivEx_and_HS=2C__Re=3A__Tor_Weekly_N?=
 =?windows-1252?q?ews_=97_June_18th=2C_2014_-?=
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============7425116730106732866=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7425116730106732866==
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="EtFIkxT4rmNiDmKEogISW9cUvGHvlAC5w"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--EtFIkxT4rmNiDmKEogISW9cUvGHvlAC5w
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

On 14-06-18 07:04 AM, Lunar wrote:
> Collecting statistics from Tor exits in a privacy-sensitive manner
> ------------------------------------------------------------------
>=20
> Optimizing the Tor network to better support the most common use-cases
> could make a real difference to its perceived usability. Unfortunately,=

> Tor is an anonymity network. Understanding what the most common
> use-cases are, in a way that does not endanger its users, is far from
> being a trivial problem.
>=20
> There have been some cases of inconsiderate spying on Tor network users=

> in the past [4]. This is one of the motivations for the Tor Project to
> provide and research properly anonymized statistics through the
> Metrics [5] and CollecTor [6] portals.
>=20
> Tariq Elahi, George Danezis, and Ian Goldberg are working on new
> solutions to tackle the problem of collecting statistics from Tor exits=

> in a privacy-sensitive manner. Tariq announced [7] the PrivEx system,
> which =93preserves the security and privacy properties of anonymous
> communication networks, even in the face of adversaries that can
> compromise data collection nodes or coerce operators to reveal
> cryptographic secrets and keys=94.
>=20
> The introduction of the detailed tech report [8] gives a general
> description of the solution: =93PrivEx collects aggregated statistics t=
o
> provide insights about user behaviour trends by recording aggregate
> usage of the anonymity network. To further reduce the risk of
> inadvertent disclosures, it collects only information about destination=
s
> that appear in a list of known censored websites. The aggregate
> statistics are themselves collected and collated in a privacy-friendly
> manner using secure multiparty computation primitives, enhanced and
> tuned to resist a variety of compulsion attacks and compromises.
> Finally, the granularity of the statistics is reduced [=85] to foil
> correlation attacks.=94
>=20
> PrivEx=92s threat model is described in section 3, and matches the curr=
ent
> mode of operation of the Tor network, relying on a set of mostly honest=

> collectors while being able to cope with a limited number of malicious
> nodes. Two variants are described: one =93is secure in the
> honest-but-curious setting but can be disrupted by a misbehaving actor=94=

> while =93the other is secure in the covert adversary setting in that
> misbehaving servers can be identified=94, but is more computationally
> expensive.
>=20
> Tariq mentions that implementations of the two variants of PrivEx
> described in the tech report have been created and should soon be
> released to the community. The researchers expect to =93start by rollin=
g
> out our own PrivEx-enabled exits in the Tor network and begin collectin=
g
> destination visit statistics=94 around the =93June-August timeframe=94.=

> Section 6 contains an analysis of the overhead in both CPU and bandwidt=
h
> of the two PrivEx variants, and the requirements seem reasonable.
>=20
> Given how much privacy matters to the Tor community and to all network
> users, the researchers wants =93a measure of confidence that collecting=

> data with PrivEx is inherently good and is being done in a responsible
> and intelligent manner=94. They are therefore asking the =93community a=
t
> large=94 to review the design of the proposal, and its implementation o=
nce
> released.
>=20
> If no fundamental flaws are discovered in the process, the Tor communit=
y
> might finally be able to enjoy better network statistics in the
> not-too-distant future.
>=20
>   [4]: http://www.ifca.ai/pub/fc11/wecsr11/soghoian.pdf
>   [5]: https://metrics.torproject.org/
>   [6]: https://collector.torproject.org/
>   [7]: https://lists.torproject.org/pipermail/tor-dev/2014-June/006999.=
html
>   [8]: http://cacr.uwaterloo.ca/techreports/2014/cacr2014-08.pdf

If one wanted to collect statistics on Hidden Service usage as well,
which nodes could be instrumented?  (Requests for .onions don't go via
Exit nodes.  Https://www.torproject.org/docs/hidden-services.html.en )

Perhaps the Introduction Point node - whenever there is a request for a
rendezvous, it could increment a counter for that HS (aka destination
address).  Unlike the Rendezvous Point it wouldnt have the ability to be
corrupted into leaking any other data about the connection such as
timing and volume.




--EtFIkxT4rmNiDmKEogISW9cUvGHvlAC5w
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEVAwUBU6JDW/p3cia4tegJAQIZIwf/Q0OdF09TyY74FZO4wa+iqvJzxF9tAF/V
UmDypOaciZpUb740NnNriBl0DQpsCnaclHBk4ZEr/J2TfsxdJ1GBEuXxIzAJbLQr
Skztd2BYqWlqyuTS3M9arSy46EZH80bBrV/xUsIRnKEGZYfsEk2qdyR0yMJyRj1d
33X3/S2EAzppSdZC/XWV8UzKyBYj8qFuaFRWOqqQ0oFmngWL7xaQGn938XSj1leQ
FHl5N7x7juA8NWswsEyDQSZngFeVmJL4JMBFoP/Urz7K+0rLMf/dcc9Rw2Vdmn+/
BupLnnzFLQeNq6usGLDEwc5jac2qgqMlCn24QVibSzIly3rg8xxHVA==
=e2hr
-----END PGP SIGNATURE-----

--EtFIkxT4rmNiDmKEogISW9cUvGHvlAC5w--

--===============7425116730106732866==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============7425116730106732866==--

