[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Attacking the GPA-simulation scenario, point-by-point [Was: Re: Oh boy...]



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Now that I've gotten the alarm bells to quiet a bit, I started thinking
about the statement provided about this attack - and I think I may know
where some holes in it are, when used against the real Tor network.

Point-by-point follows:

> 
> From : http://web.crypto.cs.sunysb.edu/spday/
> 
> "Simulating a Global Passive Adversary for Attacking Tor-like Anonymity
> Systems
> We present a novel, practical, and effective mechanism for identifying
> the IP address of Tor clients. We approximate an almost-global passive
> adversary (GPA) capable of eavesdropping anywhere in the network by
> using LinkWidth, a novel bandwidth-estimation technique. LinkWidth
> allows network edge-attached entities to estimate the available
> bandwidth in an arbitrary Internet link without a cooperating peer host,
> router, or ISP. By modulating the bandwidth of an anonymous connection
> (e.g., when the destination server or its router is under our control),
> we can observe these fluctuations as they propagate through the Tor
> network and the Internet to the end-user's IP address.

Two problems here:

1.) Sure, stream-modulation can be done. This is nothing new. However,
the global distribution of Tor may be its saving grace here - it'd be
incredibly difficult for most attackers to observe such a huge chunk of
the Internet.

2.) This technique wouldn't work against hidden services; although, in
theory, a hidden service could be the mentioned destination server.

 Our technique
> exploits one of the design criteria for Tor (trading off GPA-resistance
> for improved latency/bandwidth over MIXes) by allowing well-provisioned
> (in terms of bandwidth) adversaries to effectively become GPAs.

A GPA is an *observer*, not someone with a buttload of bandwidth. It's
all about the view.

> Although
> timing-based attacks have been demonstrated against
> non-timing-preserving anonymity networks, they have depended either on a
> global passive adversary or on the compromise of a substantial number of
> Tor nodes.

The second mentioned method is the "lottery method;" if you wait long
enough, you may get both the Guard and Exit for a circuit. Old news - in
fact, entry guards were implemented to reduce the probability of this
happening.

> Our technique does not require compromise of any Tor nodes or
> collaboration of the end-server (for some scenarios). We demonstrate the
> effectiveness of our approach in tracking the IP address of Tor users in
> a series of experiments. Even for an under-provisioned adversary with
> only two network vantage points, we can accurately identify the end user
> (IP address) in many cases. Furthermore, we show that a well-provisioned
> adversary, using a topological map of the network, can trace-back the
> path of an anonymous user in under 20 minutes. Finally, we can trace an
> anonymous Location Hidden Service in approximately 120 minutes."
> 

Given what I mentioned above, I'll believe it when I see it.

- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSDSGTuj8TXmm2ggwAQjrFQ/+I5KAPPOIbyrKYMLaum1nw8CvOBv2zP+N
i77RRyqBeTfOSNpA+JbbvbnON/bjbi8x6k639AgwLV6QhmIJK2yGgCCJpfayXgaK
YAb8mKcR9Q0yjyfMMt3ZuDI75pMGE+1zpyqdggbUlFbJ6RDnrad51rLuRgtu6+ip
rPa99gu6DxCZdYhbTL5y5jGLsBjkEh2zfMvSrHDenN2Ujw63doJM4cibopL+i8oP
YRissmbPNaGJsBH+juuOr3S0YkZMuOAxiXfST4NnGp3i16kEMPMVCCYM1WEKbti5
I5YHzMdwTmr4B+yo5VTwhRrCR21G13s7EfuJEAjiHJ/unQQ/p4O/KwFEnvNy6VYA
Ia53bJAK9MS5RhXGsIeY1bxYkRPi2ieaFMibyXrK8d5BaMM9ms1T1ClmxlCTDu+J
n+Fq8WV4xr+c9ZE71Nkpo0/xV88YLhG52fxjGvJWYFc8+tuE2as1wCF7GhSUBiuX
gvh47eB1mHJg2qU91Pa+d5drkQboKYMG8Gcjmh4W8WmLBtpTxqe1sP3qsx1v3JoE
lb0XaYwr6hm6J4sPmyrrhFx6QksLwpqWGRI2Zot0sd6a/CJqR3J7YwAOzjccP+l7
U22DYky9IfKYFrLFFnyXXq+O18qwKr7xvlc2h14/b2o2XWh6z/+5lyua03f4fXvW
/Xy2/hk4ju4=
=EWyn
-----END PGP SIGNATURE-----