[tor-talk] Matryoshka: Are TOR holes intentional?

Paul Syverson paul.syverson at nrl.navy.mil
Sun Jun 21 15:55:32 UTC 2015


On Sun, Jun 21, 2015 at 05:27:56AM +0000, ncl at cock.li wrote:
> grarpamp:
> > http://shofarnexus.com/Blog-2015-01-13
> 
> Under "The hole in TOR":
> > If you see a 456 byte message sent from computer A and a moment later
> > the same or similar size message arrive at computer B you could draw
> > an obvious conclusion.
> 
> But, Tor cells are a fixed-size of 512 bytes:
> https://www.torproject.org/docs/faq#CellSize
> 
> Regarding timing attacks: doesn't the "natural" deviation in latency
> over the internet, and the size of the tor network, make correlation a
> bit more difficult (for short-lived connections at least)?

On a practical level no. 

In our 2006 results we ran experiments seeing if one could use
correlation to find Tor onion services (that we had set up, not other
people's) with a single compromised relay on the live network. Matches
were trivial to identify and we had zero false positives on many thousands
of runs. [0] In 2007, Bauer et al. extended our work to allow owning
of multiple relays, which would permit correlation on ordinary destinations
(not just onionsites). They generally could identify with a very tiny
false positive rate based just on circuit setup, before any application
traffic had even been sent. [1]

Uniform cell size does reduce the effectiveness of destination
fingerprinting.  And it's conceivable that with the growth of the
network and its use, correlation based on datasets of wholesale
network-wide collected timing information could be made nontrivially
more expensive. I have suggested to Roger and others for a while now
that it would be worth exploring synchronous building of circuits for
this reason to see if that is true, and discussed some of the factors
for exploration. But as far as I know neither ourselves nor anyone
else has found time to do this research. In any case, if one observes
entry and exit of a circuit and wants to know if they are correlated,
it takes almost no traffic on the connection to do so. This was first
described in the mentioned papers, but it has also been born out by
several later results as the network and its use have grown.

[0] Locating Hidden Servers. Overlier and Syverson 
available at http://freehaven.net/anonbib/
[1] Low-Resource Routing Attacks Against Tor. Bauer et al.
available at http://freehaven.net/anonbib/

aloha,
Paul


More information about the tor-talk mailing list