[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Website Fingerprinting Defense via Traffic Splitting

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] Website Fingerprinting Defense via Traffic Splitting
From: "l.m" <ter.one.leeboi@xxxxxxxx>
Date: Thu, 22 Jan 2015 13:56:45 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 22 Jan 2015 14:36:08 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Daniel Forster wrote:
> Hello Guys,
>
> it would be great if I could get a few opinions regarding my
> upcoming master thesis topic.
>
> My supervisor is Andriy Panchenko (you may know some of his work
> from Mike Perry's critique on website fingerprinting attacks).
> As a defense, we'd like to experiment with traffic splitting (like
> conflux- split traffic over multiple entry guards, but already
> merging at the middle relay) and padding.
>
> I know that the no. of entry guards got decreased from three to one.
> May it be worth the research or is the approach heading in a not so
> great direction w.r.t. the Tor Project's "only one entry node"
> decision? Or, actually, what do you think in general..?

I think it will be interesting to see how a client of Tor can be fingerprinted by the guards chosen. In particular if the circuit length tends to be three and you perform a merge at the middle node. By watching the incoming n-tuple of guards, having chosen in advance the role of middle-hop, can clients be identified through correlation with exit traffic. I'm aware that the choice of guards can already make a client fingerprintable--but how much more so in this case. This might not be the adversary you're intending to address but is still a consequence. Unless I'm reading your proposal incorrectly.

How might the possible threat be addressed. Perhaps a more robust implementation of network coding and a revisit of circuit length. I'm just throwing out thoughts. I too am interested in the application of network coding to the goals of Tor. I'll be eagerly awaiting your results. Good luck and thanks.

-- leeroy

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Prev by Author: Re: [tor-dev] Bridge users by transport is broken
Next by Author: Re: [tor-dev] Proposal xxx: Consensus Hash Chaining
Previous by thread: Re: [tor-dev] How Exit node decide which relay dedicated for particular http response.
Next by thread: [tor-dev] [PATCH] Fix some compiler warnings (torsocks)
Index(es):
- Author
- Thread