[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Should I warn against Tor?

Jens Lechtenboerger:
> Dear reader,
> Iâm a Tor user.
> Of course, since Torâs beginning the threat model has been excluding
> global passive adversaries (which are able to observe both ends of
> the torified communication) but I didnât consider that a real issue.
> However, now I do.
> In 2007 Murdoch and ZieliÅski [4] developed traffic analysis
> techniques based on sampled data for parties monitoring Internet
> eXchanges (IXes).  Apparently, the parties mentioned above have
> capabilities that go far beyond the paperâs sampling technique.
> Thus, Iâm assuming that global adversaries are spying on me.

It's also important to understand the limitations of these attacks. If
the data they record is low resolution (such as Murdoch's IX sampled
results), the accuracy will be poor.

Murdoch didn't achieve any success at all until several megabytes were
transmitted in a single connection, and even after that, the accuracy
was heavily impacted by the prevalence of similar traffic elsewhere in
the network (due to a phenomenon called the 'base rate fallacy').

As more people use Tor, the better this property gets. In fact, a
Raccoon (when you run an anonymity network, you get all sorts of
interesting characters) proved that the accuracy of dragnet correlation
attacks falls proportional to 1/U^2, where U is the number of concurrent
active users. This creature also pointed out the same property is
visible in Murdoch's own graphs:

I think this property suggests that with better usability and some
lightweight defenses, Tor can actually do quite well, especially for
relatively small, short transmissions like website loads.

I am worried about the level and duration of timing resolution that
datacenters as large as the NSA one in Utah could provide (assuming that
all that storage is for traffic, and not for stuff like mapping ECC
curves onto Z_p). Even so, I still think protocol-level active attacks
(such as RPW's hidden service Guard discovery attack, and the Raccoon's
bitstomping/tagging attack) are far more likely to be how intelligence
agencies and others will attack Tor:

Mike Perry

Attachment: signature.asc
Description: Digital signature

tor-talk mailing list