Re: [tor-talk] MTor (multicast tor), is it going to be released?

[Roger Dingledine]

On Mon, Aug 21, 2017 at 11:49:22PM -0700, Yuri wrote:
> Here is the white paper with MTor design: 
> https://www.degruyter.com/downloadpdf/j/popets.2015.2016.issue-2/popets-2016-0003/popets-2016-0003.pdf
> 
> And here is an implementation based on tor-0.2.3.25:
> https://github.com/multicastTor/multicastTor/tree/master/shadow/build/tor
> 
> But ChangeLog doesn't mention it, and there are no mentions of it on
> torproject.org.
> 
> So, what is MTor's status?

It's the standard story -- it's a research paper written by a research
group to show a concept, and then they moved on.

There is some code, but it was enough to do performance graphs, not
anything that they intended actual users to (be able to) use.

I don't remember the design in detail, but I remember based on the talk
at PETS thinking that they had really changed the threat model for Tor
to something much weaker, in exchange for better scalability in some
situations.

So, it is a fine idea to read about, and maybe it will spark some new
ideas when you read it, but it is not an obvious improvement for Tor in
terms of security, and also it was never intended to be an actual patch
that users could use.

All of that said, don't misunderstand me: yay research! If you haven't
read this blog post, check it out:
https://blog.torproject.org/blog/tor-heart-pets-and-privacy-research-community

--Roger

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MTor (multicast tor), is it going to be released?

[Paul Syverson]

On Wed, Aug 23, 2017 at 03:40:22AM -0400, Roger Dingledine wrote:
> On Mon, Aug 21, 2017 at 11:49:22PM -0700, Yuri wrote:
> > Here is the white paper with MTor design: 
> > https://www.degruyter.com/downloadpdf/j/popets.2015.2016.issue-2/popets-2016-0003/popets-2016-0003.pdf
> > 
> > 
> > So, what is MTor's status?
> 
> It's the standard story -- it's a research paper written by a research
> group to show a concept, and then they moved on.
> 

Right. The primary author had graduated and moved on to other things 
c. a year and a half ago.


> I don't remember the design in detail, but I remember based on the talk
> at PETS thinking that they had really changed the threat model for Tor
> to something much weaker, in exchange for better scalability in some
> situations.

Main differences were (1) a multicast root is selected amongst
(adequate-weight) available middle relays that will mate all
connections to it for that multicast session, (2) that any relay that
is part of a multicast session has a session group identifier (GID),
(3) that if a circuit building request hits a guard or middle relay
already participating in the session, it connects that circuit to its
existing group circuit, and (4) optionally, the set of relays to
select a middle hop from is restricted for deduplication benefit.

Our analysis showed that for small to moderate sized groups on the
existing Tor network, absent a pretty restricted middle-hop set, there
was virtually no deduplication (hence a star, which still saved over
all pairs).  If curious, you can see our security analysis of MTor
against targeting adversaries (also analysis of a group chatting via a
private IRC channel and of people connecting to the same onion
service) here: https://arxiv.org/abs/1706.10292

aloha,
Paul
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk