[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Attacking the GPA-simulation scenario, point-by-point [Was: Re: Oh boy...]

Hash: SHA256

Now that I've gotten the alarm bells to quiet a bit, I started thinking
about the statement provided about this attack - and I think I may know
where some holes in it are, when used against the real Tor network.

Point-by-point follows:

> From : http://web.crypto.cs.sunysb.edu/spday/
> "Simulating a Global Passive Adversary for Attacking Tor-like Anonymity
> Systems
> We present a novel, practical, and effective mechanism for identifying
> the IP address of Tor clients. We approximate an almost-global passive
> adversary (GPA) capable of eavesdropping anywhere in the network by
> using LinkWidth, a novel bandwidth-estimation technique. LinkWidth
> allows network edge-attached entities to estimate the available
> bandwidth in an arbitrary Internet link without a cooperating peer host,
> router, or ISP. By modulating the bandwidth of an anonymous connection
> (e.g., when the destination server or its router is under our control),
> we can observe these fluctuations as they propagate through the Tor
> network and the Internet to the end-user's IP address.

Two problems here:

1.) Sure, stream-modulation can be done. This is nothing new. However,
the global distribution of Tor may be its saving grace here - it'd be
incredibly difficult for most attackers to observe such a huge chunk of
the Internet.

2.) This technique wouldn't work against hidden services; although, in
theory, a hidden service could be the mentioned destination server.

 Our technique
> exploits one of the design criteria for Tor (trading off GPA-resistance
> for improved latency/bandwidth over MIXes) by allowing well-provisioned
> (in terms of bandwidth) adversaries to effectively become GPAs.

A GPA is an *observer*, not someone with a buttload of bandwidth. It's
all about the view.

> Although
> timing-based attacks have been demonstrated against
> non-timing-preserving anonymity networks, they have depended either on a
> global passive adversary or on the compromise of a substantial number of
> Tor nodes.

The second mentioned method is the "lottery method;" if you wait long
enough, you may get both the Guard and Exit for a circuit. Old news - in
fact, entry guards were implemented to reduce the probability of this

> Our technique does not require compromise of any Tor nodes or
> collaboration of the end-server (for some scenarios). We demonstrate the
> effectiveness of our approach in tracking the IP address of Tor users in
> a series of experiments. Even for an under-provisioned adversary with
> only two network vantage points, we can accurately identify the end user
> (IP address) in many cases. Furthermore, we show that a well-provisioned
> adversary, using a topological map of the network, can trace-back the
> path of an anonymous user in under 20 minutes. Finally, we can trace an
> anonymous Location Hidden Service in approximately 120 minutes."

Given what I mentioned above, I'll believe it when I see it.

- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org