On 10/23/2013 10:09 AM, Karsten Loesing wrote:
Hello Tor relay operators,
We could use your help in a pilot project to improve Tor security. As you may be aware, the anonymity of a connection over Tor is vulnerable to an adversary who can observe it in enough places along its route. For example, traffic that crosses the same country as it enters and leaves the Tor network can potentially be deanonymized by an authority in that country who can monitor all network communication. Researchers have been working to figure out how Tor traffic gets routed over the Internet [0-3], but determining routes with high confidence has been difficult.
That's where you come in. To figure out where traffic travels from your relay, we'd like you to run a bunch of "traceroutes" - network measurements that show the paths traffic takes. This is a one-time experiment for now, but, depending on what we find out, regularly making such measurements may become a part of Tor itself. We have already gotten some results thanks to Linus Nordberg of DFRI and Moritz Bartl of torservers.net, and now it's time to ask all relay operators to help. We would like to start this right away.
We have written some shell scripts to automate most of the process. The easiest way for you to get them is with git, using the following commands:
git clone https://bitbucket.org/anupam_das/traceroute-from-tor-relays git checkout f253f768d14e3368e4fe4de9895acd2715a19412
You can also just download the files directly by visiting [4]. Detailed instructions for setting up and running the experiment are in the README.
Basically the experiment does traceroutes to three groups: all "routable IP prefixes", all Tor relays, and then all /24 subnets. These kinds of measurements are not uncommon, and they will not be done at a high rate. By default the scripts will periodically move the results to our server [5] via SSH, although you can keep the results around and/or not send them automatically if you wish (see the README). The traceroute data recorded is not sensitive or private at all. We plan to make the code and data public, following Tor's practice of open cooperation with the research community [6].
The measurements will work best if you have the "scamper" tool from the Cooperative Association for Internet Data Analysis (CAIDA) installed (see the README for installation instructions). This is a standard and open-source tool that handles the many modern complexities of Internet routing measurement. If you are not able to run scamper, the script will also work with the more-common but less-accurate and slower "traceroute" utility. We do not currently have support for Windows relays. The output will take up around 500KB (110MB if you disable automatic removal after upload) disk space if you use scamper; on the other hand if you use "traceroute" utility each output will be around 4MB (1GB with automatic removal after upload disabled). * *Depending on whether you run scamper or traceroute the total time required varies but results for traceroutes to "routable IP prefixes" and all Tor relays should finish within one week (possibly earlier). We would like to request relay operators to upload those results once finished.* *
This experiment is in collaboration with several researchers, but the leads are Anupam Das, a Ph.D. student at the University of Illinois at Urbana-Champaign, and his advisor Nikita Borisov. Based on a review of the scripts of commit f253f768d14e3368e4fe4de9895acd2715a19412, we believe that they operate as described above. Please do read through them yourself, and let us know if you have any questions or concerns. And also feel free to contact any of us for help or with suggestions.
Because of you, Tor is the "king" of anonymous communication. With your help, we will keep improving to face the new challenges to privacy and freedom online.
Thank you, Karsten Loesing karsten@torproject.org Anupam Das das17@illinois.edu Nikita Borisov nikita@illinois.edu
[0] "Protecting anonymity in the presence of autonomous system and internet exchange level adversaries" by Joshua Juen. Master's Thesis, UIUC. 2012. https://www.ideals.illinois.edu/handle/2142/34363 [1] "Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries" by Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, and Paul Syverson. ACM CCS 2013. http://freehaven.net/anonbib/cache/ccs2013-usersrouted.pdf [2] "AS-awareness in Tor path selection" by Matthew Edman and Paul F. Syverson. ACM CCS 2009. http://freehaven.net/anonbib/cache/DBLP:conf/ccs/EdmanS09.pdf [3] "Sampled Traffic Analysis by Internet-Exchange-Level Adversaries" by Steven J. Murdoch and Piotr Zieliński. PETS 2007. http://freehaven.net/anonbib/cache/murdoch-pet2007.pdf [4] https://bitbucket.org/anupam_das/traceroute-from-tor-relays/downloads [5] ttat-control.iti.illinois.edu [6] https://metrics.torproject.org/
Is this Big Brother phishing for better ways to compromise the Tor network?
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays