I imagine the anonymity set would be much smaller for these combined transports... fewer people using them.
In my understanding, the anonymity set doesn't apply to use of PTs since this is only at the entry side. The exit side does not know[1] what PT the originator is using, so is unable to use that information to de-anonymise.
[1] at least, in theory should not know, perhaps someone can check there are no side-channels? would be pretty scary if exit could work out that originator is using PTs.
Ximin Luo wrote:
In my understanding, the anonymity set doesn't apply to use of PTs since this is only at the entry side. The exit side does not know[1] what PT the originator is using, so is unable to use that information to de-anonymise.
[1] at least, in theory should not know, perhaps someone can check there are no side-channels? would be pretty scary if exit could work out that originator is using PTs.
Anonymity is still a consideration, even if it's highly unlikely to be impinged upon by pluggable transports. For example, if a network notices someone connect to a known obfsproxy bridge, then they can make an educated guess that the person is using both Tor and obfsproxy. With flashproxy, this is of much less concern given address diversity. With bananaphone, it wouldn't really apply at all as far as I can see.
~Griffin
Yeah I guess if the PT doesn't draw attention and the bridge IP is not known then one's Tor traffic may be somewhat obscured.
What about bananaphone? Do you mean the bananaphone PT? It is trivially detectable... more so than say... a transport like obfs3 who's output looks like pseudo random noise.
On Thu, Jan 16, 2014 at 8:33 PM, Griffin Boyce griffin@cryptolab.net wrote:
Ximin Luo wrote:
In my understanding, the anonymity set doesn't apply to use of PTs since this is only at the entry side. The exit side does not know[1] what PT the originator is using, so is unable to use that information to de-anonymise.
[1] at least, in theory should not know, perhaps someone can check there are no side-channels? would be pretty scary if exit could work out that originator is using PTs.
Anonymity is still a consideration, even if it's highly unlikely to be impinged upon by pluggable transports. For example, if a network notices someone connect to a known obfsproxy bridge, then they can make an educated guess that the person is using both Tor and obfsproxy. With flashproxy, this is of much less concern given address diversity. With bananaphone, it wouldn't really apply at all as far as I can see.
~Griffin
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-
David Stainton -
Griffin Boyce -
Ximin Luo