On 08/31/2014 02:22 PM, Juan wrote: > On Fri, 29 Aug 2014 18:59:19 -0600 Mirimir <[email protected]> > wrote:
<SNIP> >> Even the NSA, with global intercepts, is apparently not doing >> full-network traffic correlation among Tor relays. > > And you know that how, exactly? I said "apparently not" because there's been no mention so far in the Snowden stuff, and also because it's a very hard problem. But I have no more hard evidence than you do. I keep emailing [email protected] but I haven't ever received a reply ;) >From "Tor Metrics: Users"[0], I get that there are typically about two million simultaneous Tor users. If each has three active circuits, there are about six million concurrent circuits. Tracing a particular Tor circuit would entail correlating traffic from one intercept (presumably starting with an exit relay, or an entry guard) with several million traffic intercepts from at most a few thousand other relays. That would be trivial for a global adversary, given the intercepts. By "full-network traffic correlation", I meant cross correlating in real time all of the several million concurrent traffic intercepts from all Tor relays. That would yield a database of conversations, with such data fields as user IP, entry guard ID, exit ID and destination site. That would arguably involve on the order of 10^13 comparisons for each snapshot, with snapshots perhaps every few minutes. Can the NSA manage that? Shall we take a poll? [0] https://metrics.torproject.org/users.html <SNIP> -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
