[tor-dev] Support for mix integration research
aaron.m.johnson at nrl.navy.mil
Tue Feb 23 16:03:16 UTC 2016
Sounds like a great project. I have a couple of suggestions:
1. Consider how to use mixing to anonymize Tor’s name resolution system. Currently, clients connect to onion service by first resolving the onion address (e.g. xyzblah.onion) to a descriptor using a distributed hash table. That hash table can easily be infiltrated by an adversary running relays, and if the adversary also controls a client’s guard they can deanonymize the client during the lookup. This is the attack that the CMU/CERT researchers performed  as well as Biryukov et al. . Onion-service descriptors are very small, and so it seems to me that mixing could be applied here to defeat deanonymization.
2. Read the alpha-mixing paper , which first described how high-latency and low-latency traffic might be mixed together.
 <https://freedom-to-tinker.com/blog/felten/why-were-cert-researchers-attacking-tor/ <https://freedom-to-tinker.com/blog/felten/why-were-cert-researchers-attacking-tor/>>
 Alex Biryukov, Ivan Pustogarov, Fabrice Thill, Ralf-Philipp Weinmann; "Content and popularity analysis of Tor hidden services”; IEEE 34th International Conference on Distributed Computing Systems Workshops; 2014; <http://arxiv.org/abs/1308.6768 <http://arxiv.org/abs/1308.6768>>.
 Roger Dingledine, Andrei Serjantov, and Paul Syverson; "Blending Different Latency Traffic with Alpha-Mixing”; In the Proceedings of the Sixth Workshop on Privacy Enhancing Technologies (PET 2006); 2006; <http://freehaven.net/doc/alpha-mixing/alpha-mixing.pdf <http://freehaven.net/doc/alpha-mixing/alpha-mixing.pdf>>.
> On Feb 22, 2016, at 9:11 AM, Katharina Kohls <katharina.kohls at rub.de> wrote:
> Hi everyone,
> we are a team of 4 PHD students in the field of IT security, working at
> the Ruhr-University Bochum at the chair for systems security and the
> information security group.
> Currently we work on a research project with the goal to leverage the
> security of Tor against timing attacks by integrating mixes in Tor
> nodes. The general idea is to differentiate high-latency and low-latency
> traffic among the network for applying additional delays to the former
> type of packets. Based on this the success of traffic analysis attacks
> should be decreased without restricting the low latency assurance of Tor.
> We plan to integrate the mix into Tor version 0.2.5.10 and analyze its
> performance along with the Shadow simulator.
> As there are a lot of details to consider, both regarding the technical
> aspects of the integration as well as practical assumptions, e.g., "how
> do we get DiffServ-like nodes?", we would be pleased to receive some
> feedback on the idea and support for the implementation of the mix.
> Further details on the mix and stuff will sure be provided if needed!
> M.Sc. Katharina Kohls
> Ruhr-University Bochum
> Research Group Information Security
> Universitätsstrasse 150
> ID 2/123
> 44780 Bochum / Germany
> Phone: +49 234 / 32 - 26991
> Web: www.infsec.rub.de
> tor-dev mailing list
> tor-dev at lists.torproject.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-dev