[tor-talk] Would Conflux have a positive effect against website fingerprinting?
Mike Perry
mikeperry at torproject.org
Tue Jul 16 18:59:56 UTC 2013
Roger Dingledine:
> On Sun, Jul 14, 2013 at 11:28:25AM -0700, Mike Perry wrote:
> > > Supposing it is applied does it help to prevent website fingerprinting
> > > to a high extend? (high extend = being costly to circumvent by adversaries)
> >
> > This was my estimation, too. Against passive adversaries, it should do
> > quite well, especially since they should have no information (or at best
> > incomplete information) about the Conflux path load balancing ratio for
> > each circuit in the Conflux path, and which bridges are participating in
> > which Conflux paths.
>
> Good point -- I agree that it should help a lot against relay-level
> (or in this case bridge-level) adversaries doing website fingerprinting
> against the flows they see.
>
> But it's far from clear to me that it will help much against an adversary
> watching the user's network connection: in that case they get everything
> they got before, if they just ignore which relay/bridge it's coming
> through.
>
> To phrase that as a research question: what part of successful website
> fingerprinting comes from looking at the sizes of the objects fetched,
> and what part comes from looking at timing? If you can do an adequate job
> at website fingerprinting just from how many bytes flow in each direction,
> then Conflux won't change things much.
>
> And I bet you *can* do an adequate job right now just with size. But I
> also bet that it's easier to make changes to Tor to foil an attack that
> uses just size. More research required, as they say.
I doubt very much that size is enough, actually. All the studies so far
that claim success with low-resolution features like size classify only
somewhere between 20 and 100 pages. I think we're seeing clear evidence
of publication bias in favor of attack papers, and people gaming the
peer review system by dressing up their attack papers to look more
impressive than they are, at least on this topic.
After all, how many web pages are there these days? A few trillion? It's
quite clear that there will be tremendous overlap in the cell counts on
anything even remotely realistic in scale.
I still agree we should defend against both size and timing, because I
believe that defenses that succeed against small-scale/rigged website
traffic fingerprinting attack papers will also make end-to-end
correlation more difficult.
--
Mike Perry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20130716/f529fced/attachment.sig>
More information about the tor-talk
mailing list