[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAJVRA1T-jU4Y3MDH7PWcxnJUKqCcLifrFSdUJEEecPYGe7YTvQ@mail.gmail.com>
Date: Thu, 4 Jul 2013 11:48:09 -0700
From: coderman <coderman@...il.com>
To: Georgi Guninski <guninski@...inski.com>,
"full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: cypherpunks celebrate the fourth writing code ...
; )
"Re: [Full-disclosure] tor vulnerabilities?"
On Wed, Jul 3, 2013 at 11:04 AM, coderman <coderman@...il.com> wrote:
> ...
> next generation low latency anonymity networks are a fun area of
> research and suited to interesting attacks. you could help build and
> break them when you're sufficiently sated with vague criticisms...
today's homework: build a low latency, datagram capable, traffic
analysis resistant anonymity network!
bring your books to class, [0]
start by implementing the transport stacks, then continue to
measurement, path selection, directory/control consensus and
distribution and remaining aspects.
apply SCTP for congestion control of transparent proxy traffic. local
classification of traffic allocates by protocol / use fairness
instead of aggregate tcp fairness. like bittorrent or aria2 parallel
traffic treated as distinct low priority unit of traffic, deferring to
higher priority low latency web traffic and messaging.
multi-homing / multi-path endpoints in SCTP would maintain concurrent
connection with distinct endpoints, avoiding predecessor, timing,
denial of service attacks present in reliable, ordered, single stream
transports.
edges would be screwed by correlation, unless they were full fledged
participants consistently. using a UDP based transport with LEDBAT or
other technique to keep broadband upstream unsaturated and unclogged
(no deep queues), allowing all broadband endpoints the ability to
contribute to a large shared network.
[Bonus points: specify practical application level privacy preserving
proxy system for common web protocols to support "exit node" support
for TCP and UDP based protocols.]
ORCHID IPv6 addressing with IPsec tunnels is intended to re-use
existing work, including well tested auth+privacy with datagram
padding in IPsec. SCTP+TLS would fit over top of IPv6 ORCHID endpoints
(using IPsec SAs) to transport signalling/keying and encapsulated
client traffic. part of this would also include lowest priority (lossy
reliable) SRMP type delivery of useful, less immediate information to
nodes. to some extent the ORCHID addresses could be thought of as
hidden service names and also circuit endpoints for a given IPsec
tunnel. apply petnames or gnunet shared nicknames for mapping to
human meaningful identifiers.
this set of:
a. critical signalling and keying traffic
b. high priority, interactive web traffic and messaging
c. lower priority bulk traffic, downloads, streaming media
d. best effort, latent bulk caching and exchange
are the classful shaping groups ordered inside of opaque SFQ outbound
queues at various improved/concurrent stratified dependent link
padding paths of IPsec telescopes carrying intermediate
hop(signalling) and bearer traffic.
combining better prioritization of traffic and consistent consumption
of traffic (deferring low priority packets and using opportunistic
caching strategies for network information respectively) obtains the
best performance out of the SFQ DLP paths with the lowest latency for
priority traffic.
---
0. thing you'll want to read for this project:
"Anonymity Bibliography | Selected Papers in Anonymity"
http://freehaven.net/anonbib/
or by topic http://freehaven.net/anonbib/topic.html
LEDBAT edge management
http://tools.ietf.org/html/draft-ietf-ledbat-congestion-09
SCTP
http://tools.ietf.org/html/rfc4960
IPsec telescopes
http://tools.ietf.org/html/rfc4843
multicast gradients (reliable multi-cast)
http://disi.unitn.it/locigno/preprints/TR-DISI-08-041.pdf
ORCHID overlay addresing
http://tools.ietf.org/html/rfc4410
stochastic fair queuing
http://www2.rdrop.com/~paulmck/scalability/paper/sfq.2002.06.04.pdf
Kernel and stacks in userspace (BSD Anykernel and Rump kernels)
http://www.netbsd.org/docs/rump/index.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists