[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: SPD talk: "Simulating a Global Passive Adversary for Attacking Tor-like Anonymity Systems"?
On Thu, Jun 12, 2008 at 04:26:48PM -0700, Mike Perry wrote:
> All this aside, this is a very clever attack, and further evidence
> that we should more closely study capacity properties, reliability
> properties, queuing properties, and general balancing properties of
> the network.
Right. We've gotten a copy of the paper from the authors, and we're
evaluating it. My current thoughts are that this is a brilliant new
theoretical attack, but how effective it can be on the current Tor
network is still an open question.
In other words, the next steps are to a) try to make the attack more
practical and see how flexible it can become, and/or b) learn from the
authors whether they know more than they wrote in their very brief and
unfortunately kind of vague analysis section. Alas, I'm busy the next
few days with our upcoming Tor releases, and will get back to talking
to them after that.
Interestingly, it appears that folks who transfer huge amounts of data
over Tor may be more vulnerable than the folks who have more moderate
loads -- maybe we've just found another argument against putting
file-sharing traffic over Tor. ;)
Since a lot of the countermeasures we're pondering are just a matter
of degree ("well, if the attack doesn't work when the foo level is
over .8, then try to make the foo level always .81"), we need a better
understanding of the limits of the attack before we can go about trying
to counter it.
My intuition is that it will turn out to be a fine attack, and we will
need to do something smart about it.
Speaking of which, there is another attack that's currently in this same
situation -- a brilliant theoretical attack, probably can be made to work
in practice, more work is required before we understand how effective
it can be:
http://freehaven.net/anonbib/#ccs07-latency-leak
One of the interesting features of these new network-property-based
anonymity attacks is that it appears they work even better against
single-hop proxy systems than against Tor. These attacks so far are of
the form "first do an attack to identify the Tor relays in the circuit,
and then hope you have enough time left to trace all the way to the
client location before the client moves". If the first half is trivial,
you have a lot more time for the second half.
So when you read our warning at startup:
"This is experimental software. Do not rely on it for strong anonymity."
be sure not to interpret it as a suggestion that there are any other
low-latency anonymity approaches that are considered better. As far
as I can tell, it's either use Tor or do nothing; and each user has a
different level of risk they can handle, so part of our ongoing work is
to figure out how much risk there really is.
Exciting times,
--Roger