somebody should write this paper too.
Roger Dingledine commited on 2008-04-26 22:34:31
Zeige 1 geänderte Dateien mit 11 Einfügungen und 0 Löschungen.
- en/volunteer.wml f8c0f277f..1542bc353
| ... | ... |
@@ -1117,6 +1117,17 @@ href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#BlockingResistan |
| 1117 | 1117 |
entry</a> on this, and then read the <a |
| 1118 | 1118 |
href="http://freehaven.net/anonbib/topic.html#Communications_20Censorship">censorship |
| 1119 | 1119 |
resistance section of anonbib</a>.</li> |
| 1120 |
+<li>Our censorship-resistance goals include preventing |
|
| 1121 |
+an attacker who's looking at Tor traffic on the wire from <a |
|
| 1122 |
+href="https://www.torproject.org/svn/trunk/doc/design-paper/blocking.html#sec:network-fingerprint">distinguishing |
|
| 1123 |
+it from normal SSL traffic</a>. Obviously we can't achieve perfect |
|
| 1124 |
+steganography and still remain usable, but for a first step we'd like to |
|
| 1125 |
+block any attacks that can win by observing only a few packets. One of |
|
| 1126 |
+the remaining attacks we haven't examined much is that Tor cells are 512 |
|
| 1127 |
+bytes, so the traffic on the wire may well be a multiple of 512 bytes. |
|
| 1128 |
+How much does the batching and overhead in TLS records blur this on the |
|
| 1129 |
+wire? Do different buffer flushing strategies in Tor affect this? Could |
|
| 1130 |
+a bit of padding help a lot, or is this an attack we must accept?</li> |
|
| 1120 | 1131 |
<li>Tor circuits are built one hop at a time, so in theory we have the |
| 1121 | 1132 |
ability to make some streams exit from the second hop, some from the |
| 1122 | 1133 |
third, and so on. This seems nice because it breaks up the set of exiting |
| 1123 | 1134 |