Idea proposal of a "Fake-Workstation"

Hi everyone,

As probably the weakest part of anonymity on Tor is traffic analysis, i.e. traffic size or timing correlation, I have been thinking about this topic recently. So, I wanted to share my current ideas and I believe we can brain storm with interested people and create tools and usage ideas.

Some related document links about traffic analysis:
Users Get Routed: Traffic Correlation on Tor
Towards Efficient Traffic-analysis Resistant Anonymity Networks
Inferring users’ online activities through traffic analysis

Some of my ideas:

  • Traffic analysis should become harder as the number and type of connections increase, for example torrent or web downloading, chatting, browsing at the same time should benefit each other activity against traffic analysis. It may also be bad for anonymity depending on the threat model, but our main topic is traffic analysis.

  • Using a VPN should benefit the user against traffic analysis, assuming not all traffic consists of Tor. For example regular web browsing, torrent downloading over VPN could be beneficial for the concurrent connections of Tor over VPN. Nested chains of VPN or Tor is another topic.

  • To achieve better anonymity, user needs more connections and connection types, preferably planned for each nested chain separately.

For example:
browser traffic over VPN
Tor traffic over VPN
Torrent traffic over VPN
i2p/freenet/… traffic over VPN
Torrent traffic over i2p over VPN
Whonix traffic over VPN
Torrent traffic over Whonix over VPN (just an example)

  • Some possible features:

By default, lots of different type of connections using low bandwidth, which would especially protect regular Tor Browser traffic, both in terms of traffic size and timing.

Traffic creation at random times

Traffic size selection or limits

Cronjob tasks, download tasks etc.

  • Some suggestions:
    I believe rather than wasting traffic we / the user could support other projects while at the same time protecting Tor connections. For example, when using a VPN, running other anonymizers like i2p and freenet at the background would continously create traffic which would benefit those networks and the user at the same time. Whether VPN is used or not maybe we could do similar things in this “Fake-Workstation” without harming Tor network. For example torrents might be good as a cover traffic, but it’s bad for Tor. Is i2p or freenet over Tor a good idea? What about downloading/seeding torrents over i2p over Tor?

Since Whonix is probably the only complete system dedicated to “real” anonymity, I believe there may be people interested in researching this topic further and share ideas.

My ultimate goal here is the creation of a minimal “Fake-Workstation” which would include several tools to create cover traffic, not necessarily fake traffic but using any means to protect users’ any other activities. This is a broad topic and it could be useful to have such a system in other places too, like routers, etc. Perhaps we could create tools that other systems, organizations or people could benefit / collaborate in future.

Are there any research papers on cover traffic / padding?

The Tor Project made a rather devastating statement about the usefulness of it.


See also:

(seraph for “cover traffic”)

I think it would be best to start a discussion about this on the tor-talk mailing list first to see if this has a chance to really improve things.