Changes between Initial Version and Version 1 of Ticket #28921, comment 9


Ignore:
Timestamp:
Dec 31, 2018, 2:53:04 PM (9 months ago)
Author:
wagon
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #28921, comment 9

    initial v1  
    3333
    3434> This is incorrect. Eavesdropping on a guard simply tells you that someone is using tor. Not where they're going. Deanonymization, say via a correlation attack, requires monitoring both your entry *and* exit traffic.
    35 I look at this from simple theoretical point of view. Anonymity is indistinguishability of somebody (particular user) on so-called "anonymity set" (all tor users). If nothing is known about you except of "your are tor user" you get the best anonymity achievable in Tor network.
     35I look at this from simple theoretical point of view. Anonymity is indistinguishability of somebody (particular user) on so-called "anonymity set" (all tor users) for some outside observer. If this observer knows nothing about you except of "your are tor user" you get the best anonymity achievable in Tor network.
    3636
    37 If you start logging to trac with a particular user name, you are no longer (ideally) anonymous, but pseudonymous. It means anybody can see what you are doing in Tor network, but nobody knows who you are. Pseudonymous users are less anonymous.
     37If you start logging to trac with a particular user name, you are no longer (ideally) anonymous for this observer, but pseudonymous. It means anybody can see what you are doing in Tor network, but nobody knows who you are. Pseudonymous users are less anonymous.
    3838
    39 Then, if somebody knows even more information about you or your network connection, your "anonymity set" reduces more. When nothing is known about you except your habit to use tor, you are one in 2 millions, so the anonymity set is big which makes it hard to geolocate you. If your guard is known, for powerful adversary your anonymity set is reduced to the number of tor users who selected particular guard node. It is about 1 thousand users. As you see, by disclosing your guard you reduce your anonymity set 2000 times which makes targeted correlation attacks simpler.
     39Then, if this observer knows even more information about you or your network connection, your "anonymity set" is reduced more. When nothing is known about you except your habit to use tor, you are one in 2 millions, so the anonymity set is big which makes it hard to geolocate you. If your guard is known, for powerful adversary your anonymity set is reduced to the number of tor users who selected particular guard node. It is about 1 thousand users. As you see, by disclosing your guard you reduce your anonymity set 2000 times which makes targeted correlation attacks simpler.
    4040
    41 To get basic idea what is anonymity in network, look at definitions used for [[https://en.wikipedia.org/wiki/Mix_network|Chaum mixes]] and see how they [[https://www.freehaven.net/anonbib/|were developed further in Tor routing protocol]]. First  Tor papers with Roger and Nick should be easy for you to read.
     41To get basic idea what is anonymity in network, look at definitions used for [[https://en.wikipedia.org/wiki/Mix_network|Chaum mixes]] and see how they [[https://www.freehaven.net/anonbib/|were developed further in Tor routing protocol]]. First  Tor papers with Roger, Paul, and Nick should be easy for you to read.