[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor DNS Deanonymization

On Fri, Oct 14, 2016 at 07:29:17AM -0500, Justin wrote:
> Not too long ago, a paper was published that talks about how Tor users
> can be deanonymized through their DNS lookups. Is this something I
> should be concerned about?

I am one of the authors.  While the attack is very precise in our
simulations, it only works in a specific situation.  On the complexity
spectrum, the attack is in between website fingerprinting (the attacker
observes or is your guard relay) and end-to-end correlation (the
attacker sees both ends).

In our setting, the attacker must observe traffic to your guard (or be
your guard) *and* your DNS requests.  That's easier than end-to-end
correlation because, depending on an exit relay's setup, DNS requests
can traverse quite a lot of autonomous systems, which benefits
network-level adversaries.  Summing up, your neighbour will have a hard
time mounting the attack, but not necessarily your government.

There are two ways to mitigate the issue.  First, we need better
defences against website fingerprinting, so an attacker learns less by
observing the connection to your guard relay.  Second, we need to
improve the DNS setup of exit relays.  I would like to see less relays
use Google's resolver, and we need to move towards encrypted DNS.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to