add packet shuffling based on Muffler Proxy by Minjae Seo et al
as i understand it, muffler makes traffic patterns look like noise
by splitting packets and distributing them across many connections
(is tor really using one connection per circuit...?)
to a distant observer, this seems rather trivial to implement
because most of the tor architecture remains unchanged...
is there someone working on this?
the Muffler Proxy seems to be closed source...
https://arxiv.org/abs/2504.07543
MUFFLER: Secure Tor Traffic Obfuscation with Dynamic Connection Shuffling and Splitting
Minjae Seo et al
2025-04-12
we introduce MUFFLER, a novel connection-level traffic obfuscation system designed to secure Tor egress traffic. It dynamically maps real connections to a distinct set of virtual connections between the final Tor nodes and targeted services, either public or hidden. This approach creates egress traffic patterns fundamentally different from those at ingress segments without adding intentional padding bytes or timing delays. The mapping of real and virtual connections is adjusted in real-time based on ongoing network conditions, thwarting adversaries’ efforts to detect egress traffic patterns. Extensive evaluations show that MUFFLER mitigates powerful correlation attacks with a TPR of 1% at an FPR of 1% while imposing only a 2.17% bandwidth overhead. Moreover, it achieves up to 27x lower latency overhead than existing solutions and seamlessly integrates with the current Tor architecture.
TPR = true positive rate, FPR = false positive rate
IV. EVALUATION
In this section, we first evaluate the bandwidth and latency overhead associated with MUFFLER compared to existing solutions. Next, we evaluate the effectiveness of MUFFLER in obfuscating Tor traffic against several flow correlation attacks.
A. Prototype Implementation
We have developed a full prototype of the MUFFLER PROXY, leveraging the core functionality of HAProxy [36] and extending it using the Go language. The MUFFLER PROXY consists of client and server components. These components initiate multiple long-lived TLS (or TCP) connections, referred to as base connections, which are utilized to create virtual connections. To facilitate the division of a single base connection into multiple virtual connections, we implemented a set of control commands: create, remove, relay, and keep-alive, as described in Section III-E. Additionally, the MUFFLER Tunnel leverages three types of eBPF programs [37], [38]. These programs are attached to the Tor binary and the MUFFLER PROXY to monitor socket system calls, modify system call arguments, store socket descriptors, and redirect data from source sockets to destination sockets.
such a packet shuffling feature would make tor more like nym
tor already implements cover traffic (padding), but packet shuffling is a missing feature
https://nym.com/blog/nymvpn-v-vpns-v-tor-v-i2p-v-dvpns
Like Tor, I2P protects against local network adversaries. However, also like Tor, it struggles to safeguard anonymity against sophisticated adversaries performing traffic analysis attacks because, unlike the mix network offered by NymVPN, there is no per-packet mixing.
Since cryptographer David Chaum first conceptualized mixnets in the 1980s, the Nym mixnet is the first working mixed network designed for anonymity at scale. It has been meticulously designed to offer unprecedented privacy protections, going even beyond the capabilities of Tor.
With the Nym mixnet, not only is data encrypted, but your patterns of communication are safeguarded too with unique packet shuffling in the inner three nodes. This traffic mixing makes tracing your data next to impossible even for adversaries with a global view of the network.
In mixnet mode, your data takes a secure 5-hop path, with every hop adding a layer of protection. Cover traffic, meanwhile, further disguises communication patterns with empty ‘dummy’ packets that are indistinguishable from normal traffic. The advanced packet shuffling of the three inner nodes ensures packets can’t be correlated based on timing, enhancing privacy and providing unparalleled security against sophisticated traffic analysis attacks.
probably there will never be nym-hidden services, so nym is not usable in many cases