[tor-relays] Traceroute measurement from Tor relays

Wed Oct 23 17:40:46 UTC 2013

On 10/23/2013 10:09 AM, Karsten Loesing wrote:
> Hello Tor relay operators,
>
> We could use your help in a pilot project to improve Tor security. As
> you may be aware, the anonymity of a connection over Tor is vulnerable
> to an adversary who can observe it in enough places along its route.
> For example, traffic that crosses the same country as it enters and
> leaves the Tor network can potentially be deanonymized by an authority
> in that country who can monitor all network communication. Researchers
> have been working to figure out how Tor traffic gets routed over the
> Internet [0-3], but determining routes with high confidence has been
> difficult.
>
> That's where you come in. To figure out where traffic travels from
> your relay, we'd like you to run a bunch of "traceroutes" - network
> measurements that show the paths traffic takes. This is a one-time
> experiment for now, but, depending on what we find out, regularly
> making such measurements may become a part of Tor itself. We have
> already gotten some results thanks to Linus Nordberg of DFRI and
> Moritz Bartl of
> torservers.net, and now it's time to ask all relay operators to help.
> We would like to start this right away.
>
> We have written some shell scripts to automate most of the process.
> The easiest way for you to get them is with git, using the following
> commands:
>
>   git clone https://bitbucket.org/anupam_das/traceroute-from-tor-relays
>   git checkout f253f768d14e3368e4fe4de9895acd2715a19412
>
> You can also just download the files directly by visiting [4].
> Detailed instructions for setting up and running the experiment are in
> the README.
>
> Basically the experiment does traceroutes to three groups: all
> "routable IP prefixes", all Tor relays, and then all /24 subnets.
> These kinds of measurements are not uncommon, and they will not be
> done at a high rate. By default the scripts will periodically move the
> results to our server [5] via SSH, although you can keep the results
> around and/or not send them automatically if you wish (see the
> README). The traceroute data recorded is not sensitive or private at
> all. We plan to make the code and data public, following Tor's
> practice of open cooperation with the research community [6].
>
> The measurements will work best if you have the "scamper" tool from
> the Cooperative Association for Internet Data Analysis (CAIDA)
> installed (see the README for installation instructions). This is a
> standard and open-source tool that handles the many modern
> complexities of Internet routing measurement. If you are not able to
> run scamper, the script will also work with the more-common but
> less-accurate and slower "traceroute" utility. We do not currently
> have support for Windows relays. The output will take up around 500KB
> (110MB if you disable automatic removal after upload) disk space if
> you use scamper; on the other hand if you use "traceroute" utility
> each output will be around 4MB (1GB with automatic removal after
> upload disabled). * *Depending on whether you run scamper or
> traceroute the total time required varies but results for traceroutes
> to "routable IP prefixes" and all Tor relays should finish within one
> week (possibly earlier). We would like to request relay operators to
> upload those results once finished.* *
>
> This experiment is in collaboration with several researchers, but the
> leads are Anupam Das, a Ph.D. student at the University of Illinois at
> Urbana-Champaign, and his advisor Nikita Borisov. Based on a review of
> the scripts of commit f253f768d14e3368e4fe4de9895acd2715a19412, we
> believe that they operate as described above. Please do read through
> them yourself, and let us know if you have any questions or concerns.
> And also feel free to contact any of us for help or with suggestions.
>
> Because of you, Tor is the "king" of anonymous communication.  With
> your help, we will keep improving to face the new challenges to
> privacy and freedom online.
>
> Thank you,
> Karsten Loesing <karsten at torproject.org>
> Anupam Das <das17 at illinois.edu>
> Nikita Borisov <nikita at illinois.edu>
>
> [0] "Protecting anonymity in the presence of autonomous system and
> internet exchange level adversaries" by Joshua Juen. Master's Thesis,
> UIUC. 2012. <https://www.ideals.illinois.edu/handle/2142/34363>
> [1] "Users Get Routed: Traffic Correlation on Tor by Realistic
> Adversaries" by Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr,
> and Paul Syverson. ACM CCS 2013.
> <http://freehaven.net/anonbib/cache/ccs2013-usersrouted.pdf>
> [2] "AS-awareness in Tor path selection" by Matthew Edman and Paul F.
> Syverson. ACM CCS 2009.
> <http://freehaven.net/anonbib/cache/DBLP:conf/ccs/EdmanS09.pdf>
> [3] "Sampled Traffic Analysis by Internet-Exchange-Level Adversaries"
> by Steven J. Murdoch and Piotr Zieliński. PETS 2007.
> <http://freehaven.net/anonbib/cache/murdoch-pet2007.pdf>
> [4] https://bitbucket.org/anupam_das/traceroute-from-tor-relays/downloads
> [5] ttat-control.iti.illinois.edu
> [6] https://metrics.torproject.org/

Is this Big Brother phishing for better ways to compromise the Tor network?

> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20131023/930da555/attachment.html>