

Research problem: measuring the anonymity of the Tor network - Tsiolkovsky
http://blog.torproject.org/blog/research-problem-measuring-safety-tor-network

======
frisco
Tor should raise a fund to host a series of $10-20k prizes for deanonymizing
Tor users. That would drive a huge amount of attention to the code and build
credibility over the long term as prizes are awarded increasingly rarely.

~~~
Locke1689
The problem isn't that the code is insecure it's that the network overlay
structure is fundamentally flawed.

Edit: Well, I guess their code is also insecure, but fixing that will not fix
the second problem.

~~~
borism
could you point out the fundamental flaw, please?

------
xtacy
Tor is decentralised, but not distributed. How would Tor compare to a p2p
anonymising service?

Example: <https://home.zhaw.ch/~rema/projects/morphmix/>

~~~
ohmygodel
P2P anonymization is tricky. Making it scalable means that each member of the
network isn't aware of every other member, and therefore a small malicious set
of peer may be able to "capture" the routes of nodes that only know them or
rely on them to boostrap into the network. The most sophisticated current
research proposals are probably ShadowWalker by Mittal and Borisov
(<https://netfiles.uiuc.edu/mittal2/www/shadowwalker-ccs09.pd>) and Torsk by
McLachlan et al. (www-users.cs.umn.edu/~hopper/torsk-ccs.pdf). They are both
certainly less vulnerable than MorphMix, which anyway is designed for high-
latency communication.

