[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: "Low-Resource Routing Attacks Against Anonymous Systems"

Ringo Kamens wrote:
It's very interesting and from what I can deduce, right. However, this
isn't new news. What *is* new is that it has been proved using math
and logic. I know that tor will eventually rise to defend this attack
as other applications such as freenet (i2p also?) have. Another
implication to consider of this is what if the same ISP controlled the
entry and exit nodes?

I just skimmed the paper quickly (I'm going to give it a careful read tomorrow), but I didn't see too much math in there ;-) The impressive part of the paper seemed to me to be their experimental results (albeit using a private 66-node Tor network installed on PlanetLab).

I agree that the principles underlying the attack do not seem to be "new". It was already known that nodes can submit false statistics about their uptime and bandwidth to directory authorities. And it was already known that if you control the entry and exit node on a circuit you can link initiators and responders using timing analysis. But maybe the paper has some new things to say about the implication of those facts.

Concerning an ISP controlling both entry and exit nodes: when Tor clients build paths, they avoid choosing two nodes on the same /16 subnet (see path-spec.txt). So, it does not seem that this is likely to happen.