[Cryptography] Anonymous messaging [was: Email is securable within a coterie]
Ron Leach
ronleach at tesco.net
Sat Dec 7 18:21:37 EST 2013
On 07/12/2013 21:26, Ben Laurie wrote:
>
> You mean anonymity of using TOR is becoming desirable, surely? Because
> everyone is accessing the network.
Yes, in the general sense of accessing any anonymity service
(including remailers, not only TOR). I'd used the word 'network' in
the sense of the 'service' (Tor network, remailer network, etc).
Simply meant that *anonymity* of *accessing* TOR, or the 1st remailer
in a chain, is becoming desirable [because the first server could be a
honeypot and reveals the IP address of the accessor, and IP address
leads to substantially more identifying leakage].
May I add this next clarification, simply because readers of this
public list have varying depths of experience with security and
anonymity, and may not be aware of the underlying issues? TOR and
remailers attempt to solve the problem of anonymous deposition of
messages or website access, by routing randomly through other servers.
The use of multiple links in a TOR or remailer chain was
(historically) assumed to make more difficult any association between
(i) access to the first server, and (ii) the exit node. But either,
or both, of the entry and exit servers of that service may themselves
be honeypots, and, moreover, capable of sharing their traffic data -
even if operated by different entities - thus facilitating
identification of the source of anonymous traffic.
The TOR project, in their documentation, makes this risk very clear.
While it has always been possible for honeypots to masquerade as
genuine severs, as TOR project explains, it is becoming clear that
traffic analysis across different honeypots operated by different
entities is quite possible. This increases substantially the
effectiveness of traffic analysis to identify the sources of anonymous
website accesses or message deposits, etc.
If anonymity is a goal, the anonymity of *use* of such schemes may be
desirable, to try to protect against that type of traffic analysis.
Whereas the use of such services is (relatively) easy to achieve, I
was thinking about whether anonymous access to the first server,
however desirable, might or might not be attainable. As already
mentioned, installing the 1st server on one's own machine might be a
way forward, but at a security loss. The opportunity for random
traffic routing through the remainder of the network is reduced,
perhaps substantially. For example, TOR, as I understand it, only
uses 3 nodes including entry and exit so, when hosting one's own entry
server, one's own traffic would only be randomly routed through the
last 2 servers, instead of through a randomly-selected 3 servers, and
hence might perhaps be more susceptible to traffic analysis.
Back to the topic; yes, I meant access to the anonymising service,
rather than access to the network, in the internet-wide sense, which
as you say everyone is accessing.
regards, Ron
More information about the cryptography
mailing list