[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor seems to have a huge security risk--please prove me wrong!

Thus spake Paul Syverson (syverson@xxxxxxxxxxxxxxxx):

> > For those who want more background, you can read more at item #1 on
> > https://www.torproject.org/research.html.en#Ideas
> > (I hoped to transition
> > https://www.torproject.org/volunteer.html.en#Research over to that new
> > page, but haven't gotten around to finishing)
> Yes. Exploring defensive techniques would be good. Unlike correlation,
> fingerprinting seems more likely to be amenable to traffic shaping;
> although the study of this for countering correlation (as some of us
> recently published at PETS ;>) may be an OK place to build on.
> Personally I still think trust is going to play a bigger role as an
> effective counter than general shaping, but one place we seem to be in
> sync is that it all needs more study.

Yeah, though again I want to point out that what we are actually
looking at when we intuitively believe fingerprinting to be easier to
solve than correlation is the event rate from the base rate fallacy.

Otherwise, they really are the same problem. Correlation is merely the
act of taking a live fingerprint and extracting a number of bits from
it, and adding these bits to the number of bits obtained from a window
of time during which the event was supposed to have occurred.

Or, to put it in terms of event rates, it is merely the case that much
fewer potentially misclassified events happen during the very small
window of time provided by correlation, as opposed to the much larger
number of events that happen during a dragnet fingerprinting attempt.

Any classifier needs enough bits to differentiate between two
potentially coincident events. This is also why Tor's fixed packet
size performs better against known fingerprinting attacks. Because
we've truncated the lower 8 bits off of all signatures that use size
as a feature in their fingerprint classifiers. They need to work to
find other sources of bits.

Personally, I believe that it may be possible to develop fingerprint
resistance mechanisms good enough to also begin to make inroads
against correlation, *if* the network is large enough to provide an
extremely high event rate. Say, the event rate of an Internet-scale
anonymity network.

For this reason, I think it is very important for academic research to
clearly state their event rates, and the entropy of their feature
extractors and classifiers. As well as source code and full data
traces, so that their results can be reproduced on larger numbers of
targets and with larger event rates, as I mentioned in my other reply.

Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpEmKIchoKgK.pgp
Description: PGP signature