[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] on the topic of tor's weaknesses



Chris,

An attack may only work under its own threat model (capabilities and
resources an adversary has). If entries and exit are all secure, some
correlation attacks may not work. However, if the adversary can still
observe (not need to compromise Tor routers) the traffic into and out of
entries and exits, some attacks may still work, e.g., by correlating the
traffic patterns at the two sides of a circuit. Here is a paper describing
such possibility:
http://www.cs.uml.edu/~xinwenfu/paper/TorCellSize_ICC11_Fu.pdf.

Hope it helps a bit.

Xinwen Fu



On Sat, Feb 25, 2012 at 12:06 PM, Chris Wheeler <grintor@xxxxxxxxx> wrote:

> I have been reading a lot about end-to-end correlation attacks on tor. I am
> writing a paper on the subject and have a question which I can't seem to
> find an answer to. I understand these attacks rely on the attacker being
> able to view the traffic of the first relay a client is connecting to and
> the exit server. At this point they could make a correlation of what exit
> traffic is specific to that client based on statistical analysis. My
> question is: since bridges are just entry-point relays, If one could be
> certain that they were connecting to a bridge that is not compromised (for
> instance, if they themselves controlled the bridge), would they then be
> protected from such an attack?
>
> Thank you for your help
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk