[tor-dev] Tor Attack Implementations (Master's Thesis: Tor & Mixes)

Sun Feb 8 21:39:50 UTC 2015

Florian Rüchel <florian.ruechel.tor at inexplicity.de> writes:

> Hi everyone,
>
> I have taken some time and considered my topic for the Master's Thesis.
> I have finally decided to write it on integrating high-latency traffic
> with the Tor low-latency network (see also my initial mail and George's
> response[1]).
>

Hello,

yes it does sound like an interesting research topic.

>
> My primary research goal is to determine the impact of a mix network
> inside Tor, especially on low-latency users of the network. For this, I
> plan to use shadow [2] with scallion to simulate the Tor network. I then
> want to integrate Mix features into the network and see how the network
> reacts to certain attacks, attacking the mix users as well as the
> non-mix users. A crucial part in this evaluation will be to determine
> whether the anonymity of regular Tor users might be reduced (for example
> just by drawing away users from low- to high-latency traffic) or whether
> it might actually be improved (it could attract more users into the same
> network).
>

Yes, I'm also wondering whether the anonymity of low-latency Tor would
increase if we plugged a high-latency network into it, and also the
opposite. I'm curious on whether one network will act as cover traffic
for the other, and what kind of adversaries that would fool.

On this topic you might also enjoy the paper "Sleeping dogs lie on a
bed of onions but wake when mixed" by Paul Syverson:
https://petsymposium.org/2011/papers/hotpets11-final10Syverson.pdf

> However, for this evaluation/simulation to work, I need to attack my
> simulation, i.e. become the adversary and measure the effectiveness of
> my attacks. And for this, I need the actual implementation. So if anyone
> has access or can direct me to implementations that I can use, I would
> be glad for your help.
>

What implementations do you mean?

I'm curious to how you are going to use simulation here. I also
imagine that actually integrating mixminion with Tor on a level that
would allow simulation will be non-trivial engineering work.

In any case, if you have specific Shadow questions, you might want to
speak with Rob Jansen who develops Shadow and who is also interested
in hidden services research.

> It would also help me a lot if you can direct me to papers or articles
> that have shown specific attacks that are known to work on the current
> network.
>
> Finally, I am currently considering using Mixminion as my basis for a
> mix network as it seems well designed and addresses a lot of known
> attacks. I currently do not plan to evaluate its security but instead
> only the effect its usage has on attacks that work on regular Tor users.
> However, if anyone can propose a better mix network to base my work on,
> please let me know.
>

Hm, not sure how exactly the integration will work here, but mixminion
sounds like a decent choice maybe. It's also developed by Nick, who is
the Tor developer.