[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Low-Cost Traffic Analysis of Tor

To: or-talk@xxxxxxxxxxxxx
Subject: Low-Cost Traffic Analysis of Tor
From: "Steven J. Murdoch" <tortalk+Steven.Murdoch@xxxxxxxxxxxx>
Date: Tue, 15 Mar 2005 00:10:58 +0000
Cc: George.Danezis@xxxxxxxxxxxx
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Mon, 14 Mar 2005 19:11:35 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.1i

One of the advantages of Tor is that it is sufficiently open and
widely deployed enough to run "real-world" anonymity experiments. Last
year, myself and George Danezis performed traffic analysis on Tor to
test the attack potential of weaker adversaries. This paper has now
been accepted for a conference, the 2005 IEEE Symposium on Security
and Privacy (Oakland). It isn't a full and general attack on Tor as
the basic attack only gives path information, not the address of the
originator, but we think it does provide some interesting results.

The paper can be found here (PDF 364K):
 http://www.cl.cam.ac.uk/users/sjm217/papers/oakland05torta.pdf

Abstract:
 Tor is the second generation Onion Router, supporting the anonymous
 transport of TCP streams over the Internet. Its low latency makes it
 very suitable for common tasks, such as web browsing, but insecure
 against traffic analysis attacks by a global passive adversary. We
 present new traffic analysis techniques that allow adversaries with
 only a partial view of the network to infer which nodes are being
 used to relay the anonymous streams and therefore greatly reduce the
 anonymity provided by Tor. Furthermore, we show that otherwise
 unrelated streams can be linked back to the same initiator. Our
 attack is feasible for the adversary anticipated by the Tor
 designers. Our theoretical attacks are backed up by experiments
 performed on the deployed, albeit experimental, Tor network. Our
 techniques should also be applicable to any low latency anonymous
 network. These attacks highlight the relationship between the field
 of traffic analysis and more traditional computer security issues,
 such as covert channel analysis. Our research also highlights that
 the inability to directly observe network links does not prevent an
 attacker from performing traffic analysis: the adversary can use the
 anonymising network as an oracle to infer the traffic load on remote
 nodes in order to perform traffic analysis.

Hope this is of interest,
Steven J. Murdoch.

-- 
w: http://www.cl.cam.ac.uk/users/sjm217/

Attachment: pgpaBtagrWrGW.pgp
Description: PGP signature

Follow-Ups:
- Re: Low-Cost Traffic Analysis of Tor
  - From: Mike Perry
- Re: Low-Cost Traffic Analysis of Tor [QoS Solution?]
  - From: Mike Perry

Prev by Author: h07onion shut down by isp
Next by Author: Re: Low-Cost Traffic Analysis of Tor
Previous by thread: Re: Setting up TOR
Next by thread: Re: Low-Cost Traffic Analysis of Tor
Index(es):
- Author
- Thread