[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor seems to have a huge security risk--please prove me wrong!

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor seems to have a huge security risk--please prove me wrong!
From: Roger Dingledine <arma@xxxxxxx>
Date: Sat, 28 Aug 2010 14:51:35 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 28 Aug 2010 14:51:40 -0400
In-reply-to: <20100828152041.GB69330@xxxxxxxxxxxxxxxxxx>
References: <N1-BVy3kL_WOf@xxxxxxxxxxxxx> <20100828152041.GB69330@xxxxxxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On Sat, Aug 28, 2010 at 11:20:41AM -0400, Paul Syverson wrote:
> What you describe is known in the literature as website fingerprinting
> attacks,
[snip]
> Roughly, while Tor is not invulnerable to such an attack, it fairs
> pretty well, much better than other systems that this and earlier
> papers examined mostly because the uniform size cells that Tor moves
> all data with adds lots of noise.

Maybe. Or maybe not. This is an open research area that continues to
worry me.

I keep talking to professors and grad students who have started a paper
showing that website fingerprinting works on Tor, and after a while they
stop working on the paper because they can't get good results either way
(they can't show that it works well, and they also can't show that it
doesn't work well).

The real question I want to see answered is not "does it work" -- I bet
it can work in some narrow situations even if it doesn't work well in
the general case. Rather, I want to know how to make it work less well.
But we need to have a better handle on how well it works before we can
answer that harder question.

For those who want more background, you can read more at item #1 on
https://www.torproject.org/research.html.en#Ideas
(I hoped to transition
https://www.torproject.org/volunteer.html.en#Research over to that new
page, but haven't gotten around to finishing)

or see my 25c3 talk from 2008:
http://events.ccc.de/congress/2008/Fahrplan/events/2977.en.html
http://media.torproject.org/video/25c3-2977-en-security_and_anonymity_vulnerabilities_in_tor.mp4

--Roger

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Follow-Ups:
- Re: Tor seems to have a huge security risk--please prove me wrong!
  - From: Mike Perry
- Re: Tor seems to have a huge security risk--please prove me wrong!
  - From: Paul Syverson

References:
- Tor seems to have a huge security risk--please prove me wrong!
  - From: hikki
- Re: Tor seems to have a huge security risk--please prove me wrong!
  - From: Paul Syverson

Prev by Author: Re: ?fter upgrading a stable Tor-version to alfa Tor-version fingerprint of node was changed? (was $keyid of my server)
Next by Author: Re: What are these entries in my connections tab (using Vidalia GUI)?
Previous by thread: Re: Tor seems to have a huge security risk--please prove me wrong!
Next by thread: Re: Tor seems to have a huge security risk--please prove me wrong!
Index(es):
- Author
- Thread