On Wed, Sep 23, 2015 at 06:26:47AM +0000, Yawning Angel wrote:
On Wed, 23 Sep 2015 06:18:58 +0000 Virgil Griffith i@virgil.gr wrote:
- Would the number of exit nodes constitute exactly 1/3 of all Tor
nodes? Would the total exit node bandwidth constitute 1/3 of all Tor bandwidth?
No. There needs to be more interior bandwidth than externally facing bandwidth since not all Tor traffic traverses through an Exit (Directory queries, anything to do with HSes).
The total Exit bandwidth required is always <= the total amount of Guard
- Bridge bandwidth, but I do not have HS utilization or Directory query
overhead figures to give an accurate representation of how much less.
On the flip side, in *my* idealized Tor network, all of the relays are exit relays.
If only 1/3 of all Tor relays are exit relays, then the diversity of possible exit points is much lower than if you could exit from all the relays. That lack of diversity would mean that it's easier for a relay adversary to operate or compromise relays to attack traffic, and it's easier for a network adversary to see more of the network than we'd like.
(In an idealized Tor network, the claim about the network adversary might not actually be true. If you have exit relays in just the right locations, and capacity is infinite compared to demand, then the network adversary will learn the same amount whether the other relays are exit relays are not. But I think it is a stronger assumption to assume that we have exactly the right distribution of exit relay locations -- especially because "the right distribution" is a function of which adversary you're considering, and once you consider k adversaries at once, no single distribution will be optimal for all of them.)
--Roger