Low-Cost Traffic Analysis of Tor

Eugene Y. Vasserman eyv at cs.umn.edu
Sat Jul 23 05:02:38 UTC 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Greetings. Let me introduce myself. I'm a grad student and the U of MN
in computer science. I've been working on anonymous network systems. I
also had a chance to play with Tor, and read the "Low-Cost Traffic
Analysis of Tor" paper (mentioned below).
I have a general question: this may or may not decrease performance, but
wouldn't locking and/or randomizing bandwidth per flow through a Tor
server solve this problem? This attack seem comparable to a variant on
SSL (and general crypto) timing attacks. Similar solutions could be
applied. Also, since this attack relies on a malicious node being able
to estimate its flow's likely performance through an honest node at any
given time, Tor could apply a somewhat more complex mixing approach,
making this attack more difficult. I was thinking of something like
lottery scheduling, which is really easy to implement and, if done
right, will not impose any noticeable CPU overhead, and still provide
the same (albeit probabilistic, not deterministic) throughput guarantees
for every flow. Please let me know your thoughts. I will hopefully have
some time to spend implementing this in the near future, if there is a
consensus that some of these suggestions would help.
Thanks,
Eugene

In reference to the paper:
http://www.cl.cam.ac.uk/users/sjm217/papers/oakland05torta.pdf

- --
Eugene Y. Vasserman
http://www.cs.umn.edu/~eyv/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFC4c9u4S3hfPlRZlkRAx0nAKCt+V+8l6gLhQOGuwTXnzoRL0MaqgCcDuEF
KX9dpqROl8NEQFCO/jh9fpM=
=s5YL
-----END PGP SIGNATURE-----



More information about the tor-dev mailing list