Tor: A JAP Replacement 266
kid_wonder writes "Wired is running an article describing an answer to this previous /. story. Packets are sent through a network of randomly selected servers each of which knows only its predecessor and successor. Packets are unwrapped by a symmetric encryption key at each server that peels off one layer and reveals instructions for the next downstream node. As a 'connection-based low-latency anonymous communication system,' Tor seems to be the answer to JAP to allow anonymous networking activities of all kinds."
Comment removed (Score:5, Informative)
Been around for awhile... (Score:5, Informative)
Such systems right now have too high a latency and too much overhead (such as a peer sending "noise" into the network when not having the need to send any real data, just to deter packet analysis) that they aren't terribly practical... for now. So you most likely won't see the technology bundled in the next KaZaA, BitTorrent, etc., but we'll see what the future holds.
- sm
Re:Freenet? (Score:4, Informative)
Re:Freenet vs onion routing (Score:5, Informative)
In onion routing the client picks N nodes from the list of servers and encrypts using each servers public key. Then sends the data to the first server. In onion routing each packet of data contains the entire routing list, though it is encrypted in such a way that each node can only tell what the next node is.
Each Freenet nodes caches data blocks based on demand. When a request arrives looking for a data block Freenet forwards the request to a node that has similar information until the correct block is found. Each freenet node only knows about the next and previous nodes, and the route is determined by the key you are searching for.
Re:Freenet vs onion routing (Score:3, Informative)
Nothing new (Score:3, Informative)
Re:hmmm (Score:5, Informative)
Re:Why would the government fund something... (Score:2, Informative)
"The man needs your cover traffic just as much as you need the man for his cover traffic.."
Re:Freenet? (Score:5, Informative)
Re:Is the route preselected? (Score:4, Informative)
Correct. The sender wraps the whole onion, and each router removes one layer.
Is there some way of optimizing a path through a given number of nodes without keeping huge amounts of information about latency on every two nodes, or is this just bouncing the packet around for a while for anonymity and accepting the added latency?
It's more like the latter. Optimizing for performance tends to be at odds with anonymity.
Do you mean this? (Score:2, Informative)
Re:hmmm (Score:5, Informative)
I believe the encryption is layered on from the start, and peeling occurs at each transfer, not peel/crypt/peel/crypt/etc.
I was surprised to see no one posted this earlier; the author of Tor gave a very good presentation at DEFCON last week, and I'll have to get out my CD with his presentation on it, but it's different from Freenet in a few ways. For one, apparently Freenet isn't totally free.
As a side-note, the author is still working on a method to accept/sign-up/recruit primary [trusted] nodes.
Re:Freenet? (Score:4, Informative)
Not in the same form.
Freenet allows posting of data, which does travel through multiple nodes, much like this one. It also allows retrieval of data. However, the two are separate operations. You don't establish a connection between the publisher of data and the reciever, which means Freenet tends to be unsuitable for things that require even remotely interactive latency. I think Tor might wind up being a bit high for, say, SSH, but it could easily be just fine for instant messaging -- two people that don't know each other by anything but pseudonyms and cannot trace each other can conduct conversations.
Re:Freenet? (Score:3, Informative)
It's not a climate that encourages kiddy porn. We all have persistent identities (note: to those that think anonymity precludes this, think about it. Anonymity is the inability to link such a nickname to the real person), and no one wants to tarnish them.
And by the way, assuming that my guess is correct and that you're in Canada, you're invited should you ever want to try it out. 20 minute install, and pings to the farthest reaches are 500ms.