Tor: Research

Read these papers (especially the ones in boxes) to get up to speed on anonymous communication systems.

We need people to attack the system, quantify defenses, etc. For example:

• Website volume fingerprinting attacks (Back et al, Hintz). Defenses include a large cell size, defensive dropping, etc. How well does each approach work?
• The end-to-end traffic confirmation attack. We need to study long-range dummies more, along with traffic shaping. How much traffic of what sort of distribution is needed before the adversary is confident he has won?
• It's not that hard to DoS Tor servers or dirservers. Are puzzles the right answer? What other practical approaches are there?
• What sensitive info squeaks by privoxy? Are other html scrubbers better?