Tor: A JAP Replacement

kid_wonder writes "Wired is running an article describing an answer to this previous /. story. Packets are sent through a network of randomly selected servers each of which knows only its predecessor and successor. Packets are unwrapped by a symmetric encryption key at each server that peels off one layer and reveals instructions for the next downstream node. As a 'connection-based low-latency anonymous communication system,' Tor seems to be the answer to JAP to allow anonymous networking activities of all kinds."

Re:Freenet?

[MoonBuggy]

That's exactly what I thought (and I believe that we're right). What's interesting here though is that it claims to be low-latency, a quality rarely associated with Freenet and probably the primary reason that Freenet remains largely used by people who need/want _extreme_ anonymity rather than your average movie downloader wanting to avoid one of those nasty lawsuits.

Been around for awhile...

[shadowmatter]

Schemes like this to make p2p anonymous have been around for awhile. The problem is that such systems have very high end-to-end latency, so in practice it's not really ideal for a constantly evolving network -- like peer-to-peer. A scheme similar to this, using mixes, is Tarzan. From its ACM paper:

Tarzan is a peer-to-peer anonymous IP network overlay. Because it provides IP service, Tarzan is general-purpose and transparent to applications. Organized as a decentralized peer-to-peer overlay, Tarzan is fault-tolerant, highly scalable, and easy to manage.Tarzan achieves its anonymity with layered encryption and multi-hop routing, much like a Chaumian mix. A message initiator chooses a path of peers pseudo-randomly through a restricted topology in a way that adversaries cannot easily influence.

Such systems right now have too high a latency and too much overhead (such as a peer sending "noise" into the network when not having the need to send any real data, just to deter packet analysis) that they aren't terribly practical... for now. So you most likely won't see the technology bundled in the next KaZaA, BitTorrent, etc., but we'll see what the future holds.

- sm

Re:Freenet vs onion routing

[complete+loony]

Onion routing does just that, it is a method for picking an anonymous route. Freenet is a distributed database.
In onion routing the client picks N nodes from the list of servers and encrypts using each servers public key. Then sends the data to the first server. In onion routing each packet of data contains the entire routing list, though it is encrypted in such a way that each node can only tell what the next node is.
Each Freenet nodes caches data blocks based on demand. When a request arrives looking for a data block Freenet forwards the request to a node that has similar information until the correct block is found. Each freenet node only knows about the next and previous nodes, and the route is determined by the key you are searching for.

Re:hmmm

[jhoffoss]

Tor achieves low latency because tunnels are created during connection setup, and that same tunnel is utilized for the life of the connection.

I believe the encryption is layered on from the start, and peeling occurs at each transfer, not peel/crypt/peel/crypt/etc.

I was surprised to see no one posted this earlier; the author of Tor gave a very good presentation at DEFCON last week, and I'll have to get out my CD with his presentation on it, but it's different from Freenet in a few ways. For one, apparently Freenet isn't totally free.

As a side-note, the author is still working on a method to accept/sign-up/recruit primary [trusted] nodes.