[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Attacking the GPA-simulation scenario, point-by-point [Was: Re: Oh boy...]
- To: or-talk@xxxxxxxxxxxxx
- Subject: Attacking the GPA-simulation scenario, point-by-point [Was: Re: Oh boy...]
- From: "F. Fox" <kitsune.or@xxxxxxxxx>
- Date: Wed, 21 May 2008 13:30:07 -0700
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Wed, 21 May 2008 16:30:19 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; bh=ZTmAP5aY+Mi6Y2yN++/fQU/Rhy++QPe9y+20y/VVl9c=; b=GjlAoAaO24H+0qYAAxm5VOHuCX2r7sUNdGV0BuWquUGq1H/3k7T6DwlbM+gva+DIonxCUFC+zh4f7tSWIXxv3D9X3wgv1DyGX7XrFL1Q3CokrAsc+yKTi3AACmgsZ435JXmTyKI0AidBOU7y4DWD8xgpPxDItzQfklXVF2QTnEs=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=jrXgecdJRUBIKN9/kLw3jkVz14IL5vaaKMmFOMAdQdrrrHqCpbIpIohe5ybbtpUXOASyhEg+aPm0KDOavCyOpqqjjOZ/W6ODTB4BU67jS8cKsAQOlQeyPthT8TxbbNAtaODdahr78S+HWdRumS6bi44mP2WGURT4p/m9hqYTrUY=
- In-reply-to: <21f144250805211244r192f1aaagd3cdbac820198cf1@xxxxxxxxxxxxxx>
- References: <4834757B.1080703@xxxxxxxxx> <21f144250805211244r192f1aaagd3cdbac820198cf1@xxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Mozilla-Thunderbird 2.0.0.12 (X11/20080420)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Now that I've gotten the alarm bells to quiet a bit, I started thinking
about the statement provided about this attack - and I think I may know
where some holes in it are, when used against the real Tor network.
Point-by-point follows:
>
> From : http://web.crypto.cs.sunysb.edu/spday/
>
> "Simulating a Global Passive Adversary for Attacking Tor-like Anonymity
> Systems
> We present a novel, practical, and effective mechanism for identifying
> the IP address of Tor clients. We approximate an almost-global passive
> adversary (GPA) capable of eavesdropping anywhere in the network by
> using LinkWidth, a novel bandwidth-estimation technique. LinkWidth
> allows network edge-attached entities to estimate the available
> bandwidth in an arbitrary Internet link without a cooperating peer host,
> router, or ISP. By modulating the bandwidth of an anonymous connection
> (e.g., when the destination server or its router is under our control),
> we can observe these fluctuations as they propagate through the Tor
> network and the Internet to the end-user's IP address.
Two problems here:
1.) Sure, stream-modulation can be done. This is nothing new. However,
the global distribution of Tor may be its saving grace here - it'd be
incredibly difficult for most attackers to observe such a huge chunk of
the Internet.
2.) This technique wouldn't work against hidden services; although, in
theory, a hidden service could be the mentioned destination server.
Our technique
> exploits one of the design criteria for Tor (trading off GPA-resistance
> for improved latency/bandwidth over MIXes) by allowing well-provisioned
> (in terms of bandwidth) adversaries to effectively become GPAs.
A GPA is an *observer*, not someone with a buttload of bandwidth. It's
all about the view.
> Although
> timing-based attacks have been demonstrated against
> non-timing-preserving anonymity networks, they have depended either on a
> global passive adversary or on the compromise of a substantial number of
> Tor nodes.
The second mentioned method is the "lottery method;" if you wait long
enough, you may get both the Guard and Exit for a circuit. Old news - in
fact, entry guards were implemented to reduce the probability of this
happening.
> Our technique does not require compromise of any Tor nodes or
> collaboration of the end-server (for some scenarios). We demonstrate the
> effectiveness of our approach in tracking the IP address of Tor users in
> a series of experiments. Even for an under-provisioned adversary with
> only two network vantage points, we can accurately identify the end user
> (IP address) in many cases. Furthermore, we show that a well-provisioned
> adversary, using a topological map of the network, can trace-back the
> path of an anonymous user in under 20 minutes. Finally, we can trace an
> anonymous Location Hidden Service in approximately 120 minutes."
>
Given what I mentioned above, I'll believe it when I see it.
- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIVAwUBSDSGTuj8TXmm2ggwAQjrFQ/+I5KAPPOIbyrKYMLaum1nw8CvOBv2zP+N
i77RRyqBeTfOSNpA+JbbvbnON/bjbi8x6k639AgwLV6QhmIJK2yGgCCJpfayXgaK
YAb8mKcR9Q0yjyfMMt3ZuDI75pMGE+1zpyqdggbUlFbJ6RDnrad51rLuRgtu6+ip
rPa99gu6DxCZdYhbTL5y5jGLsBjkEh2zfMvSrHDenN2Ujw63doJM4cibopL+i8oP
YRissmbPNaGJsBH+juuOr3S0YkZMuOAxiXfST4NnGp3i16kEMPMVCCYM1WEKbti5
I5YHzMdwTmr4B+yo5VTwhRrCR21G13s7EfuJEAjiHJ/unQQ/p4O/KwFEnvNy6VYA
Ia53bJAK9MS5RhXGsIeY1bxYkRPi2ieaFMibyXrK8d5BaMM9ms1T1ClmxlCTDu+J
n+Fq8WV4xr+c9ZE71Nkpo0/xV88YLhG52fxjGvJWYFc8+tuE2as1wCF7GhSUBiuX
gvh47eB1mHJg2qU91Pa+d5drkQboKYMG8Gcjmh4W8WmLBtpTxqe1sP3qsx1v3JoE
lb0XaYwr6hm6J4sPmyrrhFx6QksLwpqWGRI2Zot0sd6a/CJqR3J7YwAOzjccP+l7
U22DYky9IfKYFrLFFnyXXq+O18qwKr7xvlc2h14/b2o2XWh6z/+5lyua03f4fXvW
/Xy2/hk4ju4=
=EWyn
-----END PGP SIGNATURE-----