SPD talk: "Simulating a Global Passive Adversary for Attacking Tor-like Anonymity Systems"?

gojosan at mailhaven.com gojosan at mailhaven.com
Thu Jun 12 03:56:21 UTC 2008


I just noticed this talk at the Security and Privacy Day from May 2008. 
While I understand that Tor's thread model does not defend against a GPA
I am still curious what effect this attack can have against the current,
real Tor network?  

Simulating a Global Passive Adversary for Attacking Tor-like Anonymity
Systems
http://web.crypto.cs.sunysb.edu/spday/

"We present a novel, practical, and effective mechanism for identifying
the IP address of Tor clients. We approximate an almost-global passive
adversary (GPA) capable of eavesdropping anywhere in the network by
using LinkWidth, a novel bandwidth-estimation technique. LinkWidth
allows network edge-attached entities to estimate the available
bandwidth in an arbitrary Internet link without a cooperating peer host,
router, or ISP. By modulating the bandwidth of an anonymous connection
(e.g., when the destination server or its router is under our control),
we can observe these fluctuations as they propagate through the Tor
network and the Internet to the end-user's IP address. Our technique
exploits one of the design criteria for Tor (trading off GPA-resistance
for improved latency/bandwidth over MIXes) by allowing well-provisioned
(in terms of bandwidth) adversaries to effectively become GPAs. Although
timing-based attacks have been demonstrated against
non-timing-preserving anonymity networks, they have depended either on a
global passive adversary or on the compromise of a substantial number of
Tor nodes. Our technique does not require compromise of any Tor nodes or
collaboration of the end-server (for some scenarios). We demonstrate the
effectiveness of our approach in tracking the IP address of Tor users in
a series of experiments. Even for an under-provisioned adversary with
only two network vantage points, we can accurately identify the end user
(IP address) in many cases. Furthermore, we show that a well-provisioned
adversary, using a topological map of the network, can trace-back the
path of an anonymous user in under 20 minutes. Finally, we can trace an
anonymous Location Hidden Service in approximately 120 minutes."

-gojosan





-- 
  
  gojosan at mailhaven.com

-- 
http://www.fastmail.fm - Email service worth paying for. Try it for free



More information about the tor-talk mailing list