undefined | Better HN

0 points18pfsmt8y ago0 comments

I'm curious if you all could implement some sort of "mixing service" so as to minimize metadata?

0 comments

4 comments · 1 top-level

ac4tw8y ago· 3 in thread

18pfsmt, that's an interesting question. Do you have any specific examples you can point us to? When I think about a network drawn atop of say WebRTC connections, it's possible for a message to travel realtime via hops from person A to person B via persons C, D & E even though persons A & B have no direct connection, obfuscating the path and connection information that lawl alluded to with STUN/TURN/ICE servers. A similar situation exists for offline messaging polling between data storage where we could obfuscate that transaction via another user's client (i.e get person C to poll for messages from Person B to Person A offline). I'm not sure if this is what you had imagined or if you were thinking of something else?

lawl8y ago

Not sure if it's helpful for your specific case, but that's pretty much what Tox is doing. They have a DHT and to 'avoid' leaking connection information they implemented onion routing[0]

> Tox generates a temporary public/private key pair used to make connections to peers in the DHT. Onion routing is used to store and locate Tox IDs, to make it more difficult to, for example, associate Alice and Bob together by who they are looking for in the network.

Again, I'm not sure if that'd be all that helpful in a case where e.g. Azure sees all the edits, I think timing attacks are pretty simple when you see the entire network. But then again, I'm not an expert and I also have no clue how your software works, so i don't want to go out on a limb.

[0] https://wiki.tox.chat/users/techfaq

18pfsmtOP8y ago

Yes, that's similar to what I had in mind. Have you all looked at https://en.wikipedia.org/wiki/Zerocoin ? My understanding is that Zerocoin eventually developed their own protocol/ blockchain, but originally they operated a mixing service on top of Bitcoin.

I admit to being out of my element on this, so I may not be phrasing things correctly, but reading through this discussion it seemed like there would be lots of public metadata for a would-be attacker to work with.

ac4tw8y ago

Indeed if one was observing the entire network, they might be able to piece together useful metadata as you both suggest. The kind of thing you might do with a NarusInsight. Tox and Zerocoin have done some interesting work towards this end and it's definitely something for us to consider going forward.

Thank you lawl & 18pfsmt for highlighting protection of metadata vs. content. At this time protecting content seems like the minimum bar by which one should measure, with metadata protection being the ultimate goal without sacrificing performance or convenience.

1 more reply

j / k navigate · click thread line to collapse