Delivery-Date: Thu, 18 Jun 2015 01:43:37 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 3DC421E13C7;
	Thu, 18 Jun 2015 01:43:35 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 71BEA35D9E;
	Thu, 18 Jun 2015 05:43:30 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 12E3F35B86
 for <tor-talk@lists.torproject.org>; Thu, 18 Jun 2015 05:43:27 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id rUqksaDVkS9l for <tor-talk@lists.torproject.org>;
 Thu, 18 Jun 2015 05:43:26 +0000 (UTC)
Received: from mail-oi0-x22d.google.com (mail-oi0-x22d.google.com
 [IPv6:2607:f8b0:4003:c06::22d])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id DB60235B6C
 for <tor-talk@lists.torproject.org>; Thu, 18 Jun 2015 05:43:26 +0000 (UTC)
Received: by oiax193 with SMTP id x193so50086070oia.2
 for <tor-talk@lists.torproject.org>; Wed, 17 Jun 2015 22:43:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:date:message-id:subject
 :from:to:content-type;
 bh=M82ccoIdHMfemYP37lKk+rDIR4111DucAaSPcnR+WbY=;
 b=VbFPJlGTib/MTcnYLtzdvUBsEVjoQ5SUHhY/nntmnjITuuvW8PSIoOdE2slhs9E5nk
 4EYfMV5sDqvX5KqGzYJviYtuFzCkXJ2r8mR87UkK/R/Shkztu0+vlNM5m7hBW8cUxeT7
 A9tyMseG8woTkOkl/BPHV+xHtX3tEzXk/aeDgqtSOLYjKwfZMWcxe0p7L2Z+n1ePEPIt
 656kXU8fd4+oXgut8M2XdPT5goImHPjsggDH+4LAJ4YLTUwSEDB9Gw/jJJIx/DkxJUJa
 sHt7HsgfsrJMHHvJ2CDA7/77CbZpvy7M8R6t9kfggzV9EAocfVWCMKmWuJzxS/Q0Bfct
 4yhg==
MIME-Version: 1.0
X-Received: by 10.182.48.231 with SMTP id p7mr7631037obn.19.1434606204396;
 Wed, 17 Jun 2015 22:43:24 -0700 (PDT)
Received: by 10.182.49.193 with HTTP; Wed, 17 Jun 2015 22:43:24 -0700 (PDT)
In-Reply-To: <20150618045108.GE7957@moria.seul.org>
References: <CAD2Ti2-xVw_W2YDqkdQHmcHyKBDQjfT5jvc-8m3EAU8UkqxrUA@mail.gmail.com>
 <20150618045108.GE7957@moria.seul.org>
Date: Wed, 17 Jun 2015 22:43:24 -0700
X-Google-Sender-Auth: wyD3SDG-hgt4ogLHmVBA2G0pSkE
Message-ID: <CAMTdTS-0j1Efpfg=2aMynD-rvQyu9nQjmRcRF-Ziq=ZV4q97Jw@mail.gmail.com>
From: benjamin barber <barberb@barberb.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

I didn't have a problem finding Matryoshka networks but not software called
"Matryoshka", just as were not using running "onion software", some
different software use the Matryoshka network method to communicate.


On Wed, Jun 17, 2015 at 9:51 PM, Roger Dingledine <arma@mit.edu> wrote:

> On Thu, Jun 18, 2015 at 12:02:45AM -0400, grarpamp wrote:
> >  We also need to take a serious look at TOR, and
> > without emotional bias, consider if a serious flaw was designed in.
>
> "Traffic analysis is the first hole plugged by Matryoshka, but ignored
> by TOR."
>
> I couldn't figure out how to actually fetch this "Matryoshka" software,
> but it sure looks like another case of somebody not understanding the
> research field, and thinking that solving the traffic confirmation
> attack is easy, without actually thinking through the engineering side,
> the scaling side, or the statistics side.
>
> For background see e.g.
> http://freehaven.net/anonbib/#danezis:pet2004
>
> It makes sense that if you think solving the problem is easy, you
> wonder why Tor hasn't solved it.
>
> But even full scale padding, ignoring the practical side of how to get a
> Tor network that can afford to waste so much bandwidth, doesn't provide
> protection in the face of active attacks where you induce a gap on one
> side and then observe the gap on the other side. And it might even be
> the case that these gaps happen naturally by themselves, due to network
> congestion and so on, so maybe passive observers will be winners even
> against a design that does full padding.
>
> Also, to make it really work in practice, all users are going to need
> to pad not just while fetching their web page or iso or whatever, but
> sufficiently before and after that too, else an attacker can match up
> start times and end times:
> http://freehaven.net/anonbib/#murdoch-pet2007
>
> This is a great area for further research:
> http://freehaven.net/anonbib/#ShWa-Timing06
> http://freehaven.net/anonbib/#active-pet2010
>
> tl;dr the whole premise of this person's blog post is flawed, since
> their design likely does not work as they think it does.
>
> --Roger
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

