[tor-dev] Attack linking Tor circuits
    Otto Huhta 
    otto.huhta at gmail.com
       
    Fri Sep 19 10:10:06 UTC 2014
    
    
  
Dear Tor developers,
We’ve been working on an MSc Thesis project looking into an attack that
links different Tor circuits back to the same user, using only information
available to a Tor middle node. We’ve discovered that an adversary can
quite accurately determine if two consecutive circuits are used by the same
user just by looking at when these circuits are built and destroyed or when
they begin and stop relaying traffic. This is mainly the result of the
fixed 10 minute circuit lifetime and the fact that the transition to using
a new circuit is quite sharp. According to our measurements, circuits
belonging to the same user are built at very close to 10 minute intervals.
Also, when one circuit stops relaying traffic another one suddenly becomes
active, at almost the very same moment.
Thanks to these properties we could train a classifier to quite efficiently
identify matching pairs of circuits (9% EER). We looked into the threat
posed by this attack to Tor users and concluded that because of entry
guards the threat is real, given that an adversary can control a
significant portion of middle node traffic. Finding matches among all
possible Tor circuits would result in too many false positives but thanks
to entry guards an adversary can focus only on circuits built through these
specific nodes and quite efficiently determine if two circuits belong to
the same user. Possible plans of moving to using only a single guard node
make the situation much more severe: we concluded that for a user picking a
slow guard node, the adversary can find almost all circuits belonging to a
same user (again assuming control of a large portion of middle node
bandwidth). We thus see that before moving on with any such plans, one
should consider the effect of our findings on the threat posed by a middle
node linking user circuits.
As a final note, we considered the effects of randomizing the circuit
lifetime (e.g. between 5-15 minutes) to mitigate this threat but concluded
that it would not necessarily solve the problem. The most prominent feature
linking two circuits together seems to be the time difference between
traffic ending on one circuit and beginning on another circuit, and this
link cannot be broken by varying the circuit lifetime. However, if someone
were to devise such a modification, we would be happy to re-run our tests
to see what kind of an effect this would have on the success rate of an
adversary.
For those interested in our findings, the full thesis Linking Tor Circuits
can be found at:
http://www0.cs.ucl.ac.uk/staff/G.Danezis/students/Huhta14-UCL-Msc.pdf
Best regards,
Otto Huhta, UCL
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140919/fff87ff4/attachment.html>
    
    
More information about the tor-dev
mailing list