[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Whitepaper draft: Towards Side Channel Analysis of Datagram Tor vs Current Tor (traffic fingerprinting)



On Tue, Nov 27, 2018 at 12:13 PM David Fifield <david@xxxxxxxxxxxxxxx> wrote:
>
> On Tue, Nov 27, 2018 at 08:23:21AM -0500, Nick Mathewson wrote:
> > ### Traffic Fingerprinting of TCP-like systems
 [...]
> > This class of attacks is solvable, especially if the exact same
> > TCP-like implementation is used by all clients, but it also requires
> > careful consideration and additional constraints to be placed on the
> > TCP stack(s) in use that are not usually considered by TCP
> > implementations -- particularly to ensure that they do not depend on
> > OS-specific features or try to learn things about their environment
> > over time, across different connections.
>
> Thanks, this is nice and thoughtful analysis.
>
> Does the word "clients" in the last paragraph meant to exclude servers?
> Or should I understand something like "peers" that includes clients and
> servers? I'm trying to think of how fingerprinting a server could be
> useful to an attacker. An onion service doesn't count as a server--at
> the layer of the TCP-like protocol, it's a client, with the RP as
> server.

Right.  I *think* that only parties that need anonymity need to avoid
TCP fingerprinting.

cheers,
-- 
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev