[messaging] Ronion anonymous routing protocol framework

carlo von lynX lynX at i.know.you.are.psyced.org
Wed Oct 18 07:39:00 PDT 2017


On Fri, Oct 13, 2017 at 12:50:34PM +0200, Jeff Burdges wrote:
> Tor only provides cryptographic unlinkability between packets, but does
> not protect against traffic analysis. 
> 
> As a rule, anonymity systems proposed by academics attempt to protect
> against traffic analysis too, but such schemes must pay for this
> protection with both higher bandwidth, usually through cover traffic,
> and increased latency. 

The trick is to make the cover traffic actually useful for
end-users.. ideally by making *all* of their everyday
operations a part of the cover traffic. That also implies
that it makes sense to aim for one and only one anonymizing
protocol stack that should integrate all future and past
internet applications, and to make properties like latency
and depth of anonymization configurable by the applications,
so that the routing layer can treat a secret conversation
differently from a bulk video stream. Still, the video
stream you watch while you chat can be enough to protect
your metadata better. GNUnet provides file sharing for
that purpose. secushare is working to add multicast pubsubs
and social networking, so you can indeed be watching a
stream or have chitchat about the weather be going on in
the background that produces cover for the actual private
stuff.

> Arguably, you cannot protect against traffic analysis at all in a
> circuit based system like Tor anyways.  And Tor does not do cover
> traffic or delays for this reason.  

It's the POSIX socket that most Internet applications
expect that is by design subjectible to traffic shaping.
If we redesign applications to only submit complete
packets, we're a step closer. One more reason it makes
sense to redo apps on top of GNUnet. In theory, Tor
could offer a packet-oriented API instead of SOCKS5,
but the safety of it would still suffer from the fact
that almost everyone uses Tor for HTTP and other TCP
stuff. Those protocols are no longer fit for future.

Yes, I know, Jeff has gnunet.org in his address, so I'm
not telling these things to Jeff...  ;)  ... but I
sensed that they still deserve being said, every now
and then. Also I'm curious if there's any flaw in it.


-- 
  E-mail is public! Talk to me in private using encryption:
         http://loupsycedyglgamf.onion/LynX/
          irc://loupsycedyglgamf.onion:67/lynX
         https://psyced.org:34443/LynX/


More information about the Messaging mailing list