"Low-Resource Routing Attacks Against Anonymous Systems"
James Muir
jamuir at scs.carleton.ca
Mon Feb 26 00:13:51 UTC 2007
Ringo Kamens wrote:
> It's very interesting and from what I can deduce, right. However, this
> isn't new news. What *is* new is that it has been proved using math
> and logic. I know that tor will eventually rise to defend this attack
> as other applications such as freenet (i2p also?) have. Another
> implication to consider of this is what if the same ISP controlled the
> entry and exit nodes?
I just skimmed the paper quickly (I'm going to give it a careful read
tomorrow), but I didn't see too much math in there ;-) The impressive
part of the paper seemed to me to be their experimental results (albeit
using a private 66-node Tor network installed on PlanetLab).
I agree that the principles underlying the attack do not seem to be
"new". It was already known that nodes can submit false statistics
about their uptime and bandwidth to directory authorities. And it was
already known that if you control the entry and exit node on a circuit
you can link initiators and responders using timing analysis. But maybe
the paper has some new things to say about the implication of those facts.
Concerning an ISP controlling both entry and exit nodes: when Tor
clients build paths, they avoid choosing two nodes on the same /16
subnet (see path-spec.txt). So, it does not seem that this is likely to
happen.
-James
More information about the tor-talk
mailing list