"Low-Resource Routing Attacks Against Anonymous Systems"

[Ringo Kamens]

You're right about the ISPs. Again, I just skimmed the article and I
saw a lot of stuff that didn't look like plain English so I assumed it
was math. It's true a smaller ISP might not control both but when you
look as these huge communication companies like ATT it seems a little
more possible. If I'm not mistaken, ATT owns more than just a /16
subnet.
Ringo Kamens

On 2/25/07, James Muir <jamuir at scs.carleton.ca> wrote:
> Ringo Kamens wrote:
> > It's very interesting and from what I can deduce, right. However, this
> > isn't new news. What *is* new is that it has been proved using math
> > and logic. I know that tor will eventually rise to defend this attack
> > as other applications such as freenet (i2p also?) have. Another
> > implication to consider of this is what if the same ISP controlled the
> > entry and exit nodes?
>
> I just skimmed the paper quickly (I'm going to give it a careful read
> tomorrow), but I didn't see too much math in there ;-)  The impressive
> part of the paper seemed to me to be their experimental results (albeit
> using a private 66-node Tor network installed on PlanetLab).
>
> I agree that the principles underlying the attack do not seem to be
> "new".  It was already known that nodes can submit false statistics
> about their uptime and bandwidth to directory authorities.  And it was
> already known that if you control the entry and exit node on a circuit
> you can link initiators and responders using timing analysis.  But maybe
> the paper has some new things to say about the implication of those facts.
>
> Concerning an ISP controlling both entry and exit nodes:  when Tor
> clients build paths, they avoid choosing two nodes on the same /16
> subnet (see path-spec.txt).  So, it does not seem that this is likely to
> happen.
>
> -James
>