Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tor: A JAP Replacement

Posted by CowboyNeal on from the trust-no-one dept.

kid_wonder writes "Wired is running an article describing an answer to this previous /. story. Packets are sent through a network of randomly selected servers each of which knows only its predecessor and successor. Packets are unwrapped by a symmetric encryption key at each server that peels off one layer and reveals instructions for the next downstream node. As a 'connection-based low-latency anonymous communication system,' Tor seems to be the answer to JAP to allow anonymous networking activities of all kinds."

3 of 266 comments (clear)

  1. You missed some points. by Positive+Charge · · Score: 5, Interesting

    (I know because I submitted this article too.)

    1. The Navy is bankrolling the development, presumably to allow government employees to surf around without leaving ".gov" and ".mil" ip addresses in logs.

    2. JAP supposedly has a German Government implanted backdoor that this one shouldn't because it's open source.

    I think that the US Government is bankrolling it to piss off the Chinese.

  2. Anonymous mailer technology by KillerCow · · Score: 5, Interesting

    This sounds like a reinsertion of all the technology that has gone into anonymous mailers over the years (see MixMaster.) I hope that they aren't re-inventing everything and repeating the same mistakes. The existing technology should be mostly portable from the application layer to the session or layer.

    I was at a presentation by the guy behind MixMaster and was impressed by all the thought that has gone into the various generations of the application. They even had it generating fake messages so you can't do traffic analysis.

  3. Onion Routing by dachshund · · Score: 5, Interesting
    Onion Routing has been around for several years. Tor is an effort to make the original protocol more practical. It replaces several nice features from OR, specifically the notion of "reply onions", which allowed message recipients to route replies back to the sender without learning the sender's identity. Instead, TOR recommends a form of "rendezvous point" where receivers send messages to be routed back to the sender. It's not as elegant, and the security is not necessarily as strong, though it is more practical.

    It's important to note that there are some statistical attacks on both of these systems, and none of them are very secure for long communication sessions when group membership churns, as in a peer-to-peer network.