Appears Isis has interesting work that addresses the bridge problem much more directly than anything in this thread.
On Fri, 2015-12-11 at 15:52 +0100, Henry de Valence wrote:
Taler is an electronic payment system that was built with the goal of supporting taxation. With Taler, the receiver of any form of payment is known, and the payment information comes attached with some data about what the payment was made for ... governments can use this data to tax businesses and individuals ... making tax evasion and black markets less viable.
For a user in a country where Tor is blocked, funding Tor bridges is, by definition, a black market in that country.
Could you explain how you see this feature of Taler fitting with the threat model bridges are meant to address? Which governments should get detailed data on donations to bridges, and *to whom* is "the receiver of any form of payment" known?
Any anonymity system provides anonymity only within a particular anonymity set. A priori, a blind signing based system like Taler anonymizes the transactions between two anonymity sets, the customers and the merchants. Its mint always knows the total amount that each customer spends and the total income that each merchant receives, but not the specific transactions.
In Taler, we ensure that a customer and a mint can collaborate to deanonymize the merchant side of a particular transaction, so the merchants are no longer an anonymity set. A merchant and mint cannot collaborate to deanonymize a customer side of a particular transaction though, so the customers remain an anonymity set.
It follows that Taler cannot protect the identity of merchants from the country where the Taler mint is based. In the bridges case, a bridge user and the mint can collaborate to expose the operator of a particular bridge, which seems harmless, or even beneficial, and achievable via the CDN anyways.
Jeff
p.s. Aside from anonymity sets, one might worry about pseudo-anonymity of membership in the set of customers or merchants. In the bridge case, if say China hacked this meek mint, then they could learn whatever the mint knows about its customers, but not what bridge that customer paid for. A Taler mint funding bridge operators should ideally pass any user details it must retain through a data diode.