One of the advantages of Tor is that it is sufficiently open and widely deployed enough to run "real-world" anonymity experiments. Last year, myself and George Danezis performed traffic analysis on Tor to test the attack potential of weaker adversaries. This paper has now been accepted for a conference, the 2005 IEEE Symposium on Security and Privacy (Oakland). It isn't a full and general attack on Tor as the basic attack only gives path information, not the address of the originator, but we think it does provide some interesting results. The paper can be found here (PDF 364K): http://www.cl.cam.ac.uk/users/sjm217/papers/oakland05torta.pdf Abstract: Tor is the second generation Onion Router, supporting the anonymous transport of TCP streams over the Internet. Its low latency makes it very suitable for common tasks, such as web browsing, but insecure against traffic analysis attacks by a global passive adversary. We present new traffic analysis techniques that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams and therefore greatly reduce the anonymity provided by Tor. Furthermore, we show that otherwise unrelated streams can be linked back to the same initiator. Our attack is feasible for the adversary anticipated by the Tor designers. Our theoretical attacks are backed up by experiments performed on the deployed, albeit experimental, Tor network. Our techniques should also be applicable to any low latency anonymous network. These attacks highlight the relationship between the field of traffic analysis and more traditional computer security issues, such as covert channel analysis. Our research also highlights that the inability to directly observe network links does not prevent an attacker from performing traffic analysis: the adversary can use the anonymising network as an oracle to infer the traffic load on remote nodes in order to perform traffic analysis. Hope this is of interest, Steven J. Murdoch. -- w: http://www.cl.cam.ac.uk/users/sjm217/
Attachment:
pgpaBtagrWrGW.pgp
Description: PGP signature