Changes between Version 36 and Version 37 of thesis


Ignore:
Timestamp:
Apr 26, 2011 2:07:39 PM (8 years ago)
Author:
zzz
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • thesis

    v36 v37  
    9898**> 1) It's based on an arbitrary certainty vs. time weighting (tradeoff) you have decided that may not be applicable in all cases. For example, Somebody could  make a list of possible IPs then issue subpoenas to each. You could use your botnet to DDoS each in turn and via a simple intersection attack see if the eepsite goes down or is slowed down. So close may be good enough, or time may be more important.
    9999
    100 **> 2) A full analysis of the tradeoffs of unidirectional vs. bidirectional tunnels is clearly outside the scope of this paper, and has not been done elsewhere.
     100**> 2) A full analysis of the tradeoffs of unidirectional vs. bidirectional tunnels is clearly outside the scope of this paper, and has not been done elsewhere. For example, how does this attack compare to the numerous possible timing attacks published about onion-routed networks? Clearly you don't have the intention of doing that analysis, if it's even possible to do that review effectively.
    101101
    102102**> 3) Tor uses bidirectional tunnels and has had a lot of academic review. I2P uses unidirectional tunnels and has had very little review. Does the lack of a research paper defending unidirectional tunnels mean that it is a poor design choice? I think it just means that it needs more study. Timing attacks and distributed attacks are difficult to defend against in both I2P and Tor. The design intent (see references above) was that unidirectional tunnels are more resistant to timing attacks. Yours is a somewhat different type of timing attack though. Is your attack, innovative as it is, sufficient to label I2P's tunnel architecture (and thus I2P as a whole) a "bad design", and by implication clearly inferior to Tor, or is it just a design alternative that clearly needs further investigation and analysis? There's lots of other reasons I would consider I2P currently inferior to some other projects (small network size, lack of funding, lack of review) but is unidirectional tunnels really a reason?
     103
     104**> 4) In summary, "bad design decision" is clearly (to me anyway, since you have not labeled bidirectional tunnels "bad") shorthand for "unidirectional tunnels are unequivocally inferior to bidirectional tunnels", yet this statement is not supported by the paper, nor do I think it was the intended scope of the project.
    103105
    104106