As a general rule, society has a preference for accountability. For this reason, governments discourage anonymity. Among the exceptions to this rule is citizen communications in resistance to government. In this context, governments in general, and police states in particular, abhor anonymity.
Tor (formerly TOR ("The Onion Router")) is a tool for providing anonymity in the Internet. It uses thousands of contributed routers, communicating using nested encryption, along a randomly selected path, such that when the communication finally appears in the clear, it cannot be traced back to its origin. It raises the general problem of attribution in the Internet to a whole new level. Its uses range from hiding browsing activity from routine state surveillance to hiding criminal or revolutionary communications.
The following news item recently appeared:
--Russian
Government Seeking Technology to Break Tor Anonymity (July 25 & 28, 2014)
The Russian government is offering a 3.9 million rubles (US $109,500) contract
for a technology that can be used to identify Tor users. Tor was initially
developed by the US Naval Research Laboratory and DARPA, but is now developed
by The Tor Project, a non-profit organization. Tor is used by journalists and
others who need to keep their identities hidden for their own safety; it is
also used by criminals for the same purposes. The entrance fee for the
competition is 195,000 rubles (US $5,500).
http://arstechnica.com/security/2014/07/russia-publicly-joins-war-on-tor-privacy-with-111000-bounty/
In my role as a member of the editorial board of SANS Newsbites, I made the observation that:
"In his most recent novel,
Richard Clarke implied that NSA had targeted and broken TOR."
A reader responded in part:
"...more out of curiosity, didn’t the NSA have trouble
cracking TOR, and at best, could only identify ingress and egress points?
As told by Team CYMRU.org, anyway."
Now you have a context for this post. I responded to him as follows:
Thanks for your
note. It allows me to know that the
comment did what I had hoped it would do, i.e., raise questions.
I was deliberately vague and
cited a questionable authority.
My working hypothesis, the
advice I give my clients, is that nation states, at least wealthy ones, can read any message that they want to,
rarely in near real time. However, they cannot read every message that they want to. Incidentally, that is why they store every cryptogram
they see. Decryption is expensive but storage is cheap. The cost of decryption is falling but not nearly as fast as that of storage.
When applied to Tor and anonymity, my
assumption is similar. I assume that
nation states can identify the origin of any message that they want to, again, probably
not in near real time. However, they cannot identify the source of every
message that they want to. Again, that
is why they require acres of storage.
Like breaking ciphers, breaking Tor is expensive. However, given their
resources and determination, it would be foolish to bet one’s life that they
cannot do it. They know the protocol
better than anyone and they own some of the routers.
If you think about it, your
question implies a point in time.
However, my guidance assumes that what they cannot do today, they will
be able to do tomorrow. Cheap storage
buys them time. It took them fifty years
to crack Venona but they never gave up.
As with crypto, the resistance
of Tor to nation states depends in part upon how much it is used. The more they have to deal with, the less
efficient they are. Therefore, one wants
to encourage its use while discouraging anyone from betting their life on it.
The net is that Tor is adequate to provide individual privacy. It is probably adequate for most political discourse, at least in democratic states. It becomes problematic when fomenting revolution or disclosing state secrets in authoritarian, or even wealthy but vindictive, countries.
Posts
No comments:
Post a Comment