[tor-dev] Paper on how DNS affects Tor's anonymity

Jesse V kernelcorn at torproject.org
Wed Sep 28 23:31:54 UTC 2016


On 09/28/2016 11:35 AM, Philipp Winter wrote:
> My colleagues and I published a (not yet peer-reviewed) research paper
> on how DNS affects Tor's anonymity.  The key parts of our work are:
> 
> - We measure the DNS setup of exit relays over time, showing that at
>   times Google got to see almost 40% of DNS requests coming out of Tor.
> 
> - We show how website fingerprinting attacks can be augmented with
>   observed DNS requests, resulting in precise attacks for unpopular
>   websites.
> 
> - Similar to the "Users Get Routed" work, we simulate the impact of our
>   attack at Internet-scale using the TorPS simulator.
> 
> The PDF is available online:
> <https://nymity.ch/tor-dns/tor-dns.pdf>
> 
> Our project page has code, data, and replication instructions:
> <https://nymity.ch/tor-dns/>
> _______________________________________________

Excellent work, this is really neat!

It reminds me a bit of
https://www.cse.buffalo.edu/~mohaisen/doc/14-wpes.pdf, which describes
the prevalence accidental .onion lookups on DNS root servers.

The issue with 8.8.8.8 is significant. It's easy to point
/etc/resolv.conf at Google's DNS because it just works, without
realizing the implications. https://xkcd.com/1361/

-- 
Jesse

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 709 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160928/61334cae/attachment.sig>


More information about the tor-dev mailing list