From 21013284c9d414cc6d89f3ad33c151acee28277f Mon Sep 17 00:00:00 2001 From: str4d Date: Tue, 22 Sep 2015 03:42:58 +0000 Subject: [PATCH] Improved section on performance and security issues --- docs/anonymity-configuration.rst | 52 +++++++++++++++++++------------- 1 file changed, 31 insertions(+), 21 deletions(-) diff --git a/docs/anonymity-configuration.rst b/docs/anonymity-configuration.rst index 70fca201e..b81d0c6e6 100644 --- a/docs/anonymity-configuration.rst +++ b/docs/anonymity-configuration.rst @@ -298,12 +298,12 @@ complete configuration for server use-case 2 would look like:: -Performance and security issues with Tor Hidden Services -======================================================== +Performance and security issues +=============================== If you are running a server which does not itself need to be -anonymous, should you make it reachable as a Tor Hidden Service or -not? Or should you make it reachable *both* as a Tor Hidden Service +anonymous, should you make it reachable via an anonymizing network or +not? Or should you make it reachable *both* via an anonymizing network and as a publicly traceable TCP/IP server? There are several trade-offs effected by this decision. @@ -311,18 +311,16 @@ There are several trade-offs effected by this decision. NAT/Firewall penetration ------------------------ -Making a server be reachable as a Tor Hidden Service makes it -reachable even if there are NATs or firewalls preventing direct TCP/IP -connections to the server. +Making a server be reachable via Tor or I2P makes it reachable even if there +are NATs or firewalls preventing direct TCP/IP connections to the server. Anonymity --------- -Making a Tahoe-LAFS server accessible *only* via Tor Hidden Services -can be used to guarantee that the Tahoe-LAFS clients use Tor to -connect. This prevents misconfigured clients from accidentally -de-anonymizing themselves by connecting to your server through the -traceable Internet. +Making a Tahoe-LAFS server accessible *only* via Tor or I2P can be used to +guarantee that the Tahoe-LAFS clients use Tor or I2P to connect. This prevents +misconfigured clients from accidentally de-anonymizing themselves by connecting +to your server through the traceable Internet. Also, interaction, through Tor, with a Tor Hidden Service may be more protected from network traffic analysis than interaction, through Tor, @@ -334,13 +332,12 @@ If so we need to link to it. If not, then maybe we should explain more here why Performance ----------- -A client connecting to a Tahoe-LAFS server through Tor incurs -substantially higher latency and sometimes worse throughput than the -same client connecting to the same server over a normal traceable -TCP/IP connection. +A client connecting to a publicly traceable Tahoe-LAFS server through Tor incurs +substantially higher latency and sometimes worse throughput than the same client +connecting to the same server over a normal traceable TCP/IP connection. -A client connecting to a Tahoe-LAFS server which is a Tor Hidden -Service incurs much more latency and probably worse throughput. +A client connecting to a Tahoe-LAFS server which is a Tor Hidden Service or I2P +server incurs much more latency and probably worse throughput. Positive and negative effects on other Tor users ------------------------------------------------ @@ -360,12 +357,25 @@ Both of these effects are doubled if you upload or download files to a Tor Hidden Service, as compared to if you upload or download files over Tor to a publicly traceable TCP/IP server. +Positive and negative effects on other I2P users +------------------------------------------------ +Sending your Tahoe-LAFS traffic over I2P adds cover traffic for other I2P users +who are also transmitting data. So that is good for them -- increasing their +anonymity. It will not directly impair the performance of other I2P users' +interactive sessions, because the I2P network has several congestion control and +quality-of-service features, such as prioritizing smaller packets. -Performance and security issues with I2P -======================================== +However, if many users are sending Tahoe-LAFS traffic over I2P, and do not have +their I2P routers configured to participate in much traffic, then the I2P +network as a whole will suffer degradation. Each Tahoe-LAFS router using I2P has +their own anonymizing tunnels that their data is sent through. On average, one +Tahoe-LAFS node requires 12 other I2P routers to participate in their tunnels. -TBC +It is therefore important that your I2P router is sharing bandwidth with other +routers, so that you can give back as you use I2P. This will never impair the +performance of your Tahoe-LAFS node, because your I2P router will always +prioritize your own traffic.