Delivery-Date: Tue, 07 Oct 2014 17:35:08 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id DC9751E0F8F;
	Tue,  7 Oct 2014 17:35:05 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 7B07C310B3;
	Tue,  7 Oct 2014 21:35:02 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id F3F36310AB
 for <tor-talk@lists.torproject.org>; Tue,  7 Oct 2014 21:34:58 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id bAIgvMS3D0rS for <tor-talk@lists.torproject.org>;
 Tue,  7 Oct 2014 21:34:58 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net", Issuer "Gandi Standard SSL CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id BC7C7310AA
 for <tor-talk@lists.torproject.org>; Tue,  7 Oct 2014 21:34:58 +0000 (UTC)
Received: from plantcutter.riseup.net (plantcutter-pn.riseup.net [10.0.1.121])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net", Issuer "Gandi Standard SSL CA" (not verified))
 by mx1.riseup.net (Postfix) with ESMTPS id 9EAEB52AEC
 for <tor-talk@lists.torproject.org>; Tue,  7 Oct 2014 14:34:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1412717695; bh=/sfKq63kdC9YfV8RUlMRkL7wjNrPaVcY8V0rWPoLzgg=;
 h=Subject:From:To:Date:In-Reply-To:References:From;
 b=W2Dm/4f8Z5LjRBb+LZ75LuxNJHgTMa1QkdD8ZVceJAjAHfGMFbqGP0kr7Blx64CrP
 8NU+FraV6kzytbL5dxXKb8C7KQL66yAwTeKOHwIErXxj9URcuOOv3+vlF10K7o0aIl
 VtRxzHqVvxurjchcMxiDgT4USewpAEhaFLWvY9n4=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: tedks) with ESMTPSA id 508902255F
Message-ID: <1412717693.30869.31.camel@anglachel>
From: Ted Smith <tedks@riseup.net>
To: tor-talk@lists.torproject.org
Date: Tue, 07 Oct 2014 17:34:53 -0400
In-Reply-To: <CAKDKvux+BNEsbLXGqskGta4NDGaScEFrSkPhG7Y-waXwsmPjaw@mail.gmail.com>
References: <CAD2Ti2-1HZ=j=GYyvDqnVvD1SJs3gt_GT3Ht3VFQeBURSDqxkw@mail.gmail.com>
 <20141007202955.652ce082@meilong>
 <CAKDKvux+BNEsbLXGqskGta4NDGaScEFrSkPhG7Y-waXwsmPjaw@mail.gmail.com>
X-Mailer: Evolution 3.10.4-0ubuntu2 
Mime-Version: 1.0
X-Virus-Scanned: clamav-milter 0.98.4 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] Another Tor is Possible, Kane/Ksec
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============2446009373324710734=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============2446009373324710734==
Content-Type: multipart/signed; micalg="pgp-sha512";
	protocol="application/pgp-signature"; boundary="=-onpAmq3Oy57BT6y4OJ9B"


--=-onpAmq3Oy57BT6y4OJ9B
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Tue, 2014-10-07 at 14:34 -0400, Nick Mathewson wrote:
> On Tue, Oct 7, 2014 at 2:29 PM, =C3=96yvind Saether <oyvinds@everdot.org>=
 wrote:
> >> Revocable anonymity.
> >> http://cryptome.org/2014/10/another-tor.pdf
> >
> > I almost can not believe someone would write a paper describing a way
> > to change Tor in a way which makes it totally insecure.
> >
> > Amadou Moctar Kane of KSecurity in India is free to make his own broken
> > anonymity network and see how many people want to use that piece of
> > garbage.
> >
> > It is sad that someone would waste his time writing such a paper and it
> > is worse that I spent my precious time reading it.
>=20
> What's saddest: You didn't explain why you think it's broken.  So
> other people will have to read it too if they'd like to know whether
> it's any good.

I'm inclined against trusting the author's skill even if his judgment
were sound. Section 4 re-hashes a few old proposals to increase Tor's
anonymity, and adds a an interesting but not really explained
techniques, "mixing" data from Google (this seems to mean "use Google
servers as Tor nodes, but again, it's not really explained).=20

Like others have mentioned, he moves circuit selection from the client
to the directory server, so his scheme is itself broken: a malicious
directory server can simply record the information, and the anonymity is
broken without using secret-sharing.

I wonder, though, if clients could split and publish shared secrets for
routes, along with some proof they actually used the circuit for what
they claim they used it for. You could do this for hidden services
pretty easily, because their circuits can only be used for one thing,
and they have to publish hidden service descriptors to the directories
anyway; they could also publish a list of relays they had sent shared
secrets to. If those relays had a way of proving they had such a
fractional secret, you could get revocable anonymity for hidden services
at least. I expect Mike Hearn would be interested, it dovetails well
with coin taint.


--=20
Sent from Ubuntu

--=-onpAmq3Oy57BT6y4OJ9B
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAABCgAGBQJUNFx9AAoJEKaCJLFA4NfCgVUP/3aTAOQCeppVuoycz7zOZZcH
gg4L3iO54V4aWqspYGtJvnufrb9r4BCCUoYuSDhytnBQPv9SoX9JOdG/Q/o0/fP7
iOv1FesFHdkqJsN61sosw4xRb6WlBOOfbJYOeA5y0q7uCXJEpjBHccD4Q2Th8iYO
JF7zU5Zb3DZgEp1NuYehWQwl+r2Bj3nStUxLnw8nM0FAIrW9Q9A9+bzrrMatz3uY
Arn5b3nfM5hzm08WJAjoPs3MnLlHWoHNNP+P2nUtio1fKluVIAPsXkM3RvkBgISw
6uGAa6Ysimensz9KvcBthmZ2SFxxJ49gUxMtWDGNalTUqe3ARJ0nvdL2FhsP8/fH
TvA609YMEg+F0BLZk08aSz+IpN463HgPIzX2BhlixNdkENe7U+V7o2IWFS57fvAP
EPgan82Te5pp198JbPFgkOTL+wygJQOCIHZXQ+eWTl0eiTE+Bw6lTLEuBRMFfu74
LvHnK5cwG3syUriICX+53FLIIJrajDV8StIL1KNkzNca8BdNI051Vp5uPTx/EfDC
ySFMjyuyphCWB+3ySG0RPu8C/72cpy6JthMHxAC//IjckJAw5oAMXIX7d87Hq+my
3HEtGKovjCr+NwwSxbtwkcqtGGp5uN1fEAmqX86UjxA69kG6XHFEj7hZ5sIG255n
oH77JEorFwvnXrmqw4DS
=aLx3
-----END PGP SIGNATURE-----

--=-onpAmq3Oy57BT6y4OJ9B--


--===============2446009373324710734==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============2446009373324710734==--

