On Tue, Jul 13, 2010 at 05:30:27PM +0100, Anon Mus wrote: > Paul Syverson wrote: >> Tor doesn't do any batching or delaying. This is just another way you >> could be identified by timing attacks. Tor provides no resistance to >> timing attacks, and so far there are no countermeasures that have >> been identified as working against a passive, much less active, adversary >> without imposing unacceptably high overhead or limitations. > Since Tor's inception (must be getting ion for 10 years now) it has been > getting faster year after year, this is due to network speed and bandwidth > increases, which have been about a 200 fold (e.g. speeds of 100+Kbps max > 2003 to 20+Mbps today). > > OK, there have been some increases in web page byte size but it not more > than 10 fold. > > That means a real speed increase of at least 10 fold. So perhaps Tor > developers should start putting in some "timing attack" protection. It > seems to me that the time is right. What is holding them back? Are they > afraid of global big brother complaining they cannot identify users at > will? Anonymous should mean anonymous, no? >
Even assuming your description of the evolution of Tor network communication processing is correct, I don't understand what increase in network speed (throughput?) or bandwidth have to do with making it more feasible to protect against timing attacks. Faster networks should just make timing attacks more effective, and we know that we were already unable to do anything useful when such attacks were less effective. People should continue to work on this hard research problem. (I myself have a paper on it to be presented in the Privacy Enhancing Technologies Symposium next week, "Preventing Active Timing Attacks in Low-Latency Anonymous Communication ".) But as the blog post I pointed at noted, nobody has yet made a suggestion that clearly improves the situation (even in theory) and would clearly be feasible and practical to deploy on the Tor network as it stands. And just as there is no such thing as a secure system---only systems secure against a given adversary conducting a given class of attack provided that the implementation, deployment and environment satisfy certain assumptions, so to there is no such thing as an anonymous system. In that sense, the answer is no, "anonymous" should not mean anonymous, or rather it depends what _you_ mean by anonymous and a whole bunch of other things that must be stated. HTH, Paul *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/