[tor-bugs] #20416 [Core Tor/Tor]: The Effect of DNS on Tor's Anonymity

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Oct 21 06:16:34 UTC 2016 

#20416: The Effect of DNS on Tor's Anonymity
------------------------------+------------------------------
     Reporter:  ufd33         |      Owner:
         Type:  project       |     Status:  new
     Priority:  Very High     |  Milestone:  Tor: unspecified
    Component:  Core Tor/Tor  |    Version:  Tor: unspecified
     Severity:  Critical      |   Keywords:
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+------------------------------
 We show how an attacker can use DNS requests to mount highly precise
 website fingerprinting attacks: Mapping DNS traffic to websites is highly
 accurate even with simple techniques, and correlating the observed
 websites with a website fingerprinting attack greatly improves the
 precision when monitoring relatively unpopular websites. Our results show
 that DNS requests from Tor exit relays traverse numerous autonomous
 systems that subsequent web traffic does not traverse. We also find that a
 set of exit relays, at times comprising 40% of Tor’s exit bandwidth, uses
 Google’s public DNS servers—an alarmingly high number for a single
 organization. We believe that Tor relay operators should take steps to
 ensure that the network maintains more diversity into how exit relays
 resolve DNS domains.

 full text:
 We show how an attacker can use DNS requests to mount highly precise
 website fingerprinting attacks: Mapping DNS traffic to websites is highly
 accurate even with simple techniques, and correlating the observed
 websites with a website fingerprinting attack greatly improves the
 precision when monitoring relatively unpopular websites. Our results show
 that DNS requests from Tor exit relays traverse numerous autonomous
 systems that subsequent web traffic does not traverse. We also find that a
 set of exit relays, at times comprising 40% of Tor’s exit bandwidth, uses
 Google’s public DNS servers—an alarmingly high number for a single
 organization. We believe that Tor relay operators should take steps to
 ensure that the network maintains more diversity into how exit relays
 resolve DNS domains.

 full text:
 https://nymity.ch/tor-dns/tor-dns.pdf

 webpage:
 https://nymity.ch/tor-dns/

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20416>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list