[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: 27C3 on Tor

To: or-talk@xxxxxxxxxxxxx
Subject: Re: 27C3 on Tor
From: Roger Dingledine <arma@xxxxxxx>
Date: Tue, 28 Dec 2010 23:29:09 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 28 Dec 2010 23:29:17 -0500
In-reply-to: <AANLkTikTxOSNX_h6a8-MwbwjX6J1vRsqBPx-k-2ykiUs@xxxxxxxxxxxxxx>
References: <20101228190754.GJ16518@xxxxxxxxx> <AANLkTi=9b_-sQYkn4WqfagrtH_7C53r_DkDxVA0GOwB9@xxxxxxxxxxxxxx> <AANLkTikTxOSNX_h6a8-MwbwjX6J1vRsqBPx-k-2ykiUs@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On Tue, Dec 28, 2010 at 08:51:30PM -0500, Nick Mathewson wrote:
> From the wired.com article, this sounds _exactly_ like the old website
> fingerprinting attack, which has been known since 2002:
>     http://freehaven.net/anonbib/#hintz02
> 
> It would be neat if somebody could send a pointer to the authors'
> actual results.

See also point 3 at
https://www.torproject.org/getinvolved/research.html.en#Ideas
It's been sitting on our "this is important to learn more about"
research list for years.

It's also listed in the talk I did at 25c3:
http://events.ccc.de/congress/2008/Fahrplan/events/2977.en.html
http://freehaven.net/~arma/slides-25c3.pdf (slide 30)

So I'm glad to see more attention to the attack, but a bit frustrated that
we (the research community) are not farther along at understanding it.

Two other things to note:

The website fingerprinting attack works against other anonymity systems
too, in most cases even more straightforwardly than against Tor. We've
got 8+ years in the literature of applying it to other systems (most
thoroughly just attacking SSL streams to learn what web page is being
fetched despite the encryption), and in the past few years people have
improved the attack to get it to work against Tor also. As I understand
it, even now it only works consistently when they assume laboratory
conditions. That isn't to say that it won't work in real-world conditions
-- just that it's a real hassle to get all the details right so most
researchers don't put in the required engineering work.

What I'm really looking forward to is learning what modifications to Tor
might slow down the attack. For example, what happens if we move to a 1024
byte cell by default, or if we randomly add some extra cells periodically,
or if we ask the entry node to add padding cells so the responses we get
are multiples of 10KB? It would seem that there is a tradeoff between
bandwidth overhead (wasted bytes) and protection against this attack,
but I hope there are smart points in the tradeoff space. Alas, we're
still not really to that point yet -- we don't know how well it actually
works in practice against vanilla Tor, so it doesn't make sense to ask
how well it would work in practice against a modified Tor design.

--Roger

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Follow-Ups:
- Re: 27C3 on Tor
  - From: Gregory Maxwell
- Re: 27C3 on Tor
  - From: Roc Admin

References:
- 27C3 on Tor
  - From: Eugen Leitl
- Re: 27C3 on Tor
  - From: Roc Admin
- Re: 27C3 on Tor
  - From: Nick Mathewson

Prev by Author: Re: Why NOT send UDP over tor?
Next by Author: Re: 27C3 on Tor
Previous by thread: Re: 27C3 on Tor
Next by thread: Re: 27C3 on Tor
Index(es):
- Author
- Thread