Honest nodes are one key to the anonymity provided by any mixnet, low latency or otherwise. And, performance versus anonymity has always been a trade-off mixnets have to make. As an overly simplistic example, the larger the number of nodes we hop through in a chain of remailers, the less likely our message will actually make it through the chain, but the more likely it will hop through at least some honest nodes and thus be “anonymized” to some degree. As I understand them, low latency mixnets make strong concessions with regards to anonymity in return for performance.
Anyway, I enjoyed this paper. Not so much because it broke new theoretical ground, but rather, because it broke new practical ground by helping to quantify the tradeoff between anonymity and performance in a real-world low latency mixnet (Tor), and by pulling P2P reputation concepts into the mix to help with issues of honesty.
Our basic attack stems from the use of preferential routing mechanisms that provide low-latency, high-throughput performance suitable for interactive applications. However, preferential routing without sufficient resource verification is dangerous, as an attacker can compromise the anonymity of a large amount of the communication channels through the network.
Good stuff. Oh, and the Tor authors wrote a clear response to the paper.
We are aware of these kinds of potential attacks – but such a bandwidth overstatement attack, to be successful, would leave fingerprints all over the Tor directories. We have never seen such an attack “in the wild,” and we think it no more likely that this paper would make such an attack easier or more likely than it was a few years ago when another version of it was documented.
In other words, right now, Tor uses the vigilance of people to ward off this type of attack. Such an approach might not scale well, but it works at the moment.
While there is often logic thrown about that the larger the number of nodes in a mixnet, the stronger the anonymity, such logic often leaves out one key point, the honesty of the nodes. There is a reason remailer networks have traditionally been very small and (at least partially) maintained by some “trusted” nyms. Such honesty problems are not trivial to solve.
So, the real questions here revolve around how well Tor can be made to scale while still achieving its anonymity goals and remaining usable. Increasing popularity not only attracts the attention of more adversaries, but it also means the Tor network itself must grow. With such strong honesty requirements for certain nodes in the network, this growth could pose some particularly interesting problems. (Of course, I am biased in that I always seem to find questions of reputation interesting.)
Now, go read the references in this post, as my take is probably inaccurate. Perhaps read some old cypherpunk archives while you are at it.