[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: possible security hole(unsure)(really minor)

To: or-talk@xxxxxxxxxxxxx
Subject: Re: possible security hole(unsure)(really minor)
From: "Watson Ladd" <watsonbladd@xxxxxxxxx>
Date: Sat, 15 Apr 2006 22:11:28 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Sat, 15 Apr 2006 22:11:35 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=dq72nJGmO/SrK5FTuhtUEaDF2w+AdpurIeH1861AOB5SDzt1y9idIeY+oG2KiXNFLgJvrhsXKr3tNh9kToGDBLRHhdB284ZOYTMS1bFK/RUoR74fbQjc77mPbnt2qsnAGFr8J4TfVD7JZ+8r4hJc4D1aNHi5fN+yzdRHnNIeH70=
In-reply-to: <20060412192638.GE8389@itd.nrl.navy.mil>
References: <f7a41de00604121206i4db8a048h6d4c9eacdf70c511@mail.gmail.com> <20060412192638.GE8389@itd.nrl.navy.mil>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

I think a lot of people are using an out-of-date or incomplete spec.
is there a site with all the specs?


On 4/12/06, Paul Syverson <syverson@xxxxxxxxxxxxxxxx> wrote:
> On Wed, Apr 12, 2006 at 03:06:24PM -0400, Watson Ladd wrote:
> > Its possible that a client picks two servers that don't currently have a
> > connection or have a connection with no other traffic between them to form a
> > hop. This results in complete lossage as only one client is sending data
> > through the connection, eliminating the security of that hop against timing
> > attacks. Do I have this wrong or is this a real issue?
>
> Both. Tor does not get security from mixing of traffic at a node but
> from the low probability that there is no attacker observing both
> endpoints of a Tor connection. While some trivial attacks are thwarted
> by the presence of other traffic through the same node, for the most
> part timing attacks can easily separate it. This was expected and
> described in the Tor design paper, and indicated in simulation
> elsewhere.  It has now been empirically shown for at least for hidden-server
> connections on the Tor network, cf.,
> http://www.onion-router.net/Publications.html#locating-hidden-servers
>
> Note that the latest versions of Tor are not vulnerable to the described
> attacks because of countermeasures implemented earlier this year.
>
> Relatedly, see last year's "Low-Cost Traffic Analysis of Tor"
> available at http://freehaven.net/anonbib/
>
> The attacks in that paper only identify the Tor node endpoints not the
> client, and only when a client visits a hostile web site. And the
> attacks were conducted when the network was less than a tenth its
> current size; it is an open question if they would scale to the
> current network.  Nonetheless, these two papers illustrate that one
> should not be thinking of Tor as a sort of mixnet, as it is often
> described, because that conveys an impression of mix-based security
> that Tor does not provide.
>
>
> -Paul
>
>


--
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

Follow-Ups:
- Re: possible security hole(unsure)(really minor)
  - From: Roger Dingledine

References:
- possible security hole(unsure)(really minor)
  - From: Watson Ladd
- Re: possible security hole(unsure)(really minor)
  - From: Paul Syverson

Prev by Author: MQV?
Next by Author: Re: FreeCap and a Tor server â good combination?
Previous by thread: Re: possible security hole(unsure)(really minor)
Next by thread: Re: possible security hole(unsure)(really minor)
Index(es):
- Author
- Thread