LINUX.ORG.RU
ФорумTalks

HORNET

 ,


0

4

HORNET — «High-speed Onion Routing at the Network Layer» © (PDF): свежая статья про высокоскоростной аналог анонимной сети Tor.
Описание протокола и анализ безопасности.

Для Ъ: может передавать данные со скоростью до 93 гигабит в секунду.

Tor — всё? :)

★★★★★

at the Network Layer

Наконец-то можно будет гнать не только TCP-трафик?

SystemD-hater
()
Ответ на: комментарий от quickquest

Когда будут его реализоввывать, тогда и вылезут грабли. Посмотрим чего от этих 93 Gbps останется.

ncrmnt ★★★★★
()

Меня посещают мысли, что это уже далеко не новый проект.

Deathstalker ★★★★★
()

название-то пусть сменят. Хорнет - популярная сеть знакомств для геев, приложение для android/iOS. Дабы не было путаницы.

aegi ★★★
()

However, like other low-latency schemes, we do not solve confirmation attacks based on the analysis of flow dynamics and active packet tagging.

Without compromising end hosts, an adversary cannot learn any information from the data payload except for its length and timing among sequences of packets.

Flow-dynamics-based end-to-end correlation

In general it is difficult even for high latency mix networks to resist such powerful adversaries. Low-latency anonymity systems are particularly prone to these types of attacks. HORNET cannot protect against them, but as mentioned above, the use of packet obfuscation makes these attacks more expensive and allows for potential additional measures to be taken (e.g., padding), either by upper layer protocols or by extensions of HORNET. Mass surveillance based on end-to-end confirmation attacks requires an adversary to monitor a large fraction of the nodes of the network and to store and process all intercepted traffic, so it falls outside our attacker model.

Payload tagging or tampering

HORNET does not use per-hop MACs on the payload of data packets for efficiency and because the destination would not be able to compute such MACs. The lack of integrity protection allows an adversary to tag payloads. Admittedly, by using tagging in conjunction with replay attacks, the adversary is able to improve the effectiveness of confirmation attacks. However, the end-to-end MACs protect the integrity of the data, making such attacks (at a large scale) detectable.

edigaryev ★★★★★
()

In this paper, we address the question of “what minimal mechanism can we use to frustrate pervasive surveillance?

Ясно.

edigaryev ★★★★★
()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.