subject:"Re\: \[tor\-talk\] MTor \(multicast tor\), is it going to be released\?"

Re: [tor-talk] MTor (multicast tor), is it going to be released?

2017-08-23 Thread Paul Syverson

On Wed, Aug 23, 2017 at 03:40:22AM -0400, Roger Dingledine wrote:
> On Mon, Aug 21, 2017 at 11:49:22PM -0700, Yuri wrote:
> > Here is the white paper with MTor design: 
> > https://www.degruyter.com/downloadpdf/j/popets.2015.2016.issue-2/popets-2016-0003/popets-2016-0003.pdf
> > 
> > 
> > So, what is MTor's status?
> 
> It's the standard story -- it's a research paper written by a research
> group to show a concept, and then they moved on.
> 

Right. The primary author had graduated and moved on to other things 
c. a year and a half ago.

> I don't remember the design in detail, but I remember based on the talk
> at PETS thinking that they had really changed the threat model for Tor
> to something much weaker, in exchange for better scalability in some
> situations.

Main differences were (1) a multicast root is selected amongst
(adequate-weight) available middle relays that will mate all
connections to it for that multicast session, (2) that any relay that
is part of a multicast session has a session group identifier (GID),
(3) that if a circuit building request hits a guard or middle relay
already participating in the session, it connects that circuit to its
existing group circuit, and (4) optionally, the set of relays to
select a middle hop from is restricted for deduplication benefit.

Our analysis showed that for small to moderate sized groups on the
existing Tor network, absent a pretty restricted middle-hop set, there
was virtually no deduplication (hence a star, which still saved over
all pairs).  If curious, you can see our security analysis of MTor
against targeting adversaries (also analysis of a group chatting via a
private IRC channel and of people connecting to the same onion
service) here: https://arxiv.org/abs/1706.10292

aloha,
Paul
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MTor (multicast tor), is it going to be released?

2017-08-23 Thread Roger Dingledine

On Mon, Aug 21, 2017 at 11:49:22PM -0700, Yuri wrote:
> Here is the white paper with MTor design: 
> https://www.degruyter.com/downloadpdf/j/popets.2015.2016.issue-2/popets-2016-0003/popets-2016-0003.pdf
> 
> And here is an implementation based on tor-0.2.3.25:
> https://github.com/multicastTor/multicastTor/tree/master/shadow/build/tor
> 
> But ChangeLog doesn't mention it, and there are no mentions of it on
> torproject.org.
> 
> So, what is MTor's status?

It's the standard story -- it's a research paper written by a research
group to show a concept, and then they moved on.

There is some code, but it was enough to do performance graphs, not
anything that they intended actual users to (be able to) use.

I don't remember the design in detail, but I remember based on the talk
at PETS thinking that they had really changed the threat model for Tor
to something much weaker, in exchange for better scalability in some
situations.

So, it is a fine idea to read about, and maybe it will spark some new
ideas when you read it, but it is not an obvious improvement for Tor in
terms of security, and also it was never intended to be an actual patch
that users could use.

All of that said, don't misunderstand me: yay research! If you haven't
read this blog post, check it out:
https://blog.torproject.org/blog/tor-heart-pets-and-privacy-research-community

--Roger

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MTor (multicast tor), is it going to be released?

2017-08-22 Thread Coyo Stormcaller

On Tue, 22 Aug 2017 15:55:37 -0700
Ryan Carboni  wrote:

> If mtor is implemented, I don't see any loss of security over Tor.
> Although many web applications are currently designed for unicast.

MTor sounds like a fascinating concept.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MTor (multicast tor), is it going to be released?

2017-08-22 Thread Ryan Carboni

Weren't people speculating that tens of thousands of tor connections were
used to deanonymize web services like Doxbin?

If mtor is implemented, I don't see any loss of security over Tor.
Although many web applications are currently designed for unicast.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MTor (multicast tor), is it going to be released?

2017-08-22 Thread Yuri


On 08/22/17 00:15, Jacki M wrote:

Tor version 0.2.3.25 is no longer supported and that last comment on the mtor project 
was more than a year ago, Latest commit f50af12 on Aug 17, 2016, so it looks like the 
project is no longer in development and the version of tor it is based on is 
extremely outdated, and not secure. Currently supported builds of tor 
CoreTorReleases



I didn't ask if Tor version 0.2.3.25 was supported. I am interested what 
is the status of MTor.



Yuri

--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MTor (multicast tor), is it going to be released?

2017-08-22 Thread Jacki M

Tor version 0.2.3.25 is no longer supported and that last comment on the mtor 
project was more than a year ago, Latest commit f50af12 on Aug 17, 2016, so it 
looks like the project is no longer in development and the version of tor it is 
based on is extremely outdated, and not secure. Currently supported builds of 
tor CoreTorReleases 

> On Aug 21, 2017, at 11:49 PM, Yuri  wrote:
> 
> Here is the white paper with MTor design: 
> https://www.degruyter.com/downloadpdf/j/popets.2015.2016.issue-2/popets-2016-0003/popets-2016-0003.pdf
> 
> And here is an implementation based on tor-0.2.3.25: 
> https://github.com/multicastTor/multicastTor/tree/master/shadow/build/tor
> 
> 
> But ChangeLog doesn't mention it, and there are no mentions of it on 
> torproject.org.
> 
> 
> So, what is MTor's status?
> 
> 
> Yuri
> 
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MTor (multicast tor), is it going to be released?

Re: [tor-talk] MTor (multicast tor), is it going to be released?

Re: [tor-talk] MTor (multicast tor), is it going to be released?

Re: [tor-talk] MTor (multicast tor), is it going to be released?

Re: [tor-talk] MTor (multicast tor), is it going to be released?

Re: [tor-talk] MTor (multicast tor), is it going to be released?

6 matches

Site Navigation

Mail list logo

Footer information