Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Dropping on the Edge: Flexibility and Traffic Confirmation in Onion Routing Protocols

Dropping on the Edge: Flexibility and Traffic Confirmation in Onion Routing Protocols AbstractThe design of Tor includes a feature that is common to most distributed systems: the protocol is flexible. In particular, the Tor protocol requires nodes to ignore messages that are not understood, in order to guarantee the compatibility with future protocol versions. This paper shows how to exploit this flexibility by proposing two new active attacks: one against onion services and the other against Tor clients.Our attack against onion services is a new low-cost side-channel guard discovery attack that makes it possible to retrieve the entry node used by an onion service in one day, without injecting any relay in the network. This attack uses the possibility to send dummy cells that are silently dropped by onion services, in accordance with the flexible protocol design, and the possibility to observe those cells by inspecting public bandwidth measurements, which act as a side channel.Our attack against Tor clients, called the dropmark attack, is an efficient 1-bit conveying active attack that correlates flows. Simulations performed in Shadow show that the attack succeeds with an overwhelming probability and with no noticeable impact on user performance.Finally, we open the discussion regarding a trade-off between flexibility and security in anonymous communication systems, based on what we learned within the scope of our attacks. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Proceedings on Privacy Enhancing Technologies de Gruyter

Dropping on the Edge: Flexibility and Traffic Confirmation in Onion Routing Protocols

Download PDF
20 pages

Loading next page...
 
/lp/de-gruyter/dropping-on-the-edge-flexibility-and-traffic-confirmation-in-onion-rhSCCH2UL0
Publisher
de Gruyter
Copyright
© 2018 Florentin Rochet et al., published by De Gruyter Open
ISSN
2299-0984
eISSN
2299-0984
DOI
10.1515/popets-2018-0011
Publisher site
See Article on Publisher Site

Abstract

AbstractThe design of Tor includes a feature that is common to most distributed systems: the protocol is flexible. In particular, the Tor protocol requires nodes to ignore messages that are not understood, in order to guarantee the compatibility with future protocol versions. This paper shows how to exploit this flexibility by proposing two new active attacks: one against onion services and the other against Tor clients.Our attack against onion services is a new low-cost side-channel guard discovery attack that makes it possible to retrieve the entry node used by an onion service in one day, without injecting any relay in the network. This attack uses the possibility to send dummy cells that are silently dropped by onion services, in accordance with the flexible protocol design, and the possibility to observe those cells by inspecting public bandwidth measurements, which act as a side channel.Our attack against Tor clients, called the dropmark attack, is an efficient 1-bit conveying active attack that correlates flows. Simulations performed in Shadow show that the attack succeeds with an overwhelming probability and with no noticeable impact on user performance.Finally, we open the discussion regarding a trade-off between flexibility and security in anonymous communication systems, based on what we learned within the scope of our attacks.

Journal

Proceedings on Privacy Enhancing Technologiesde Gruyter

Published: Apr 1, 2018

References

  • anonymously sharing files with onionshare https github com micahflee onionshare Accessed
    Securly
  • Passive attack analysis for connection - based anonymity systems of
    Serjantov
  • Goldschlag Anonymous connections and onion routing on in
    Reed
  • Safely measuring tor of the rd Conference on Communications
    Jansen
  • Anonymity and one - way authentication in key exchange protocols Designs and pages
    Goldberg
  • Compromising anonymity using packet spinning InProceedings of the th Conference September
    Pappas
  • Compromising anonymity using packet spinning InProceedings of the th Conference September
    Pappas
  • Trawling for Tor Hidden services Detection measurement deanonymization InProceedings of the on Privacy
    Biryukov
  • Consumption of hidden services in mbit s https metrics torproject org hidserv rend relayed cells html Accessed
  • Safely measuring tor of the rd Conference on Communications
    Jansen
  • Sampled traffic analysis by Internet - exchange - level adversaries In editors Proceedings of the Seventh Workshop on Privacy PET
    Murdoch
  • Timing analysis in low - latency mix networks Attacks and defenses of September
    Shmatikov
  • zzz Pseudonym Schimmer Peer profiling and selection in the i anonymous network InProceedings of PET CON pages
    March
  • repository regarding data and code of this paper https github com frochet dropping on the edge
    Github
  • Passive attack analysis for connection - based anonymity systems of
    Serjantov
  • practical congestion attack on Tor using long paths InProceedings of the th
    Evans
  • Shadow Running Tor in a Box for Accurate and Efficient Experimentation InProceedings of the Network and Distributed System Security Internet
    Jansen
  • Balancing the Tor network with maximum diversity Proceedings on
    Rochet
  • Ticket Client s choice of rend point can leak info about guard of misconfigured hidden services with entrynodes option https trac torproject org projects tor ticket Accessed
  • anonymously sharing files with onionshare https github com micahflee onionshare Accessed
    Securly
  • Capacity of the Tor network https metrics torproject org bandwidth flags html Accessed
  • web application to inspect details of currently running relays https atlas torproject org Accessed
    Atlas
  • Network Flow Watermarking Attack on Low - Latency Anonymous Communication Systems InProceedings of the on Privacy pages
    Wang
  • - based flow marking technique for invisible traceback on Privacy pages
    Yu
  • Performance security improvements for tor survey
    AlSabah
  • Sampled traffic analysis by Internet - exchange - level adversaries In editors Proceedings of the Seventh Workshop on Privacy PET
    Murdoch
  • Project The chutney tool for testing and automating tor network setup https gitweb torproject org chutney git
  • - based flow marking technique for invisible traceback on Privacy pages
    Yu
  • AS - awareness in Tor path selection In editors Proceedings of the Conference on and Communications pages November
    Edman
  • Swirl scalable watermark to detect correlated network flows InProceedings of the Network and Distributed Internet
    Houmansadr
  • Balancing the Tor network with maximum diversity Proceedings on
    Rochet
  • Data - collecting service in the Tor network https collector torproject org Accessed
  • Tin How much anonymity does network latency leak InProceedings of
    Hopper
  • Back and analysis attacks and trade - offs in anonymity providing systems In editor Proceedings of Information Workshop pages Verlag
    Möller
  • Tracking anonymous peer - to - peer voip calls on the internet InProceedings of the ACM Conference on Computer and Communications pages November
    Wang
  • and Towards an Analysis of Onion Routing In editor Proceedings of Designing Privacy Workshop on Design Issues in Anonymity and pages Verlag
    Syverson
  • One cell is enough to break tor s anonymity InProceedings of Black Hat Technical Security Conference pages
    Fu
  • Probabilistic model checking of an anonymity system of
    Shmatikov
  • Capacity of the Tor network https metrics torproject org bandwidth flags html Accessed
  • Location diversity in anonymity networks InProceedings of the Workshop on Privacy in the Electronic
    Feamster
  • Hiding Routing In editor Proceedings of First Workshop pages Verlag
    Goldschlag
  • Swirl scalable watermark to detect correlated network flows InProceedings of the Network and Distributed Internet
    Houmansadr
  • Secure load balancing in Tor on
    Johnson
  • Tor specifications https gitweb torproject org torspec git tree Accessed
  • Circuit dirtiness is inconsistant with maxcircuitdirtiness https trac torproject org projects tor ticket ticket
    Jaym
  • Goldschlag Anonymous connections and onion routing on in
    Reed
  • Anonymity and one - way authentication in key exchange protocols Designs and pages
    Goldberg
  • Consumption of hidden services in mbit s https metrics torproject org hidserv rend relayed cells html Accessed
  • An efficient communication system with strong anonymity on
    Kwon
  • Pragmatic IP Anonymity of the Ottawa Linux
    Brown
  • repository regarding data and code of this paper https github com frochet dropping on the edge
    Github
  • Generic decentralized unstoppable anonymity The phantom protocol http www magnusbrading com phantom phantom design paper pdf Accessed
  • practical congestion attack on Tor using long paths InProceedings of the th
    Evans
  • Secure load balancing in Tor on
    Johnson
  • Circuit fingerprinting attacks : Passive deanonymization of Tor hidden services In th pages
    Kwon
  • zzz Pseudonym Schimmer Peer profiling and selection in the i anonymous network InProceedings of PET CON pages
    March
  • Performance security improvements for tor survey
    AlSabah
  • Low - cost traffic analysis of Tor InProceedings of the on and Privacy
    Murdoch
  • AS - awareness in Tor path selection In editors Proceedings of the Conference on and Communications pages November
    Edman
  • The need for flow fingerprints to link correlated network flows InProceedings of the th PETS
    Houmansadr
  • Salsa structured approach to large - scale anonymity of November
    Nambiar
  • Tor specifications https gitweb torproject org torspec git tree Accessed
  • Back and analysis attacks and trade - offs in anonymity providing systems In editor Proceedings of Information Workshop pages Verlag
    Möller
  • Circuit fingerprinting attacks : Passive deanonymization of Tor hidden services In th pages
    Kwon
  • Goldschlag Onion Routing access configurations InProceedings of the Information Survivability Conference and Exposition volume pages
    Syverson
  • and Towards an Analysis of Onion Routing In editor Proceedings of Designing Privacy Workshop on Design Issues in Anonymity and pages Verlag
    Syverson
  • Destination - naive asawareness in anonymous communications InProceedings of the th PETS
    Barton
  • Trawling for Tor Hidden services Detection measurement deanonymization InProceedings of the on Privacy
    Biryukov
  • Tin How much anonymity does network latency leak InProceedings of
    Hopper
  • Shadow Running Tor in a Box for Accurate and Efficient Experimentation InProceedings of the Network and Distributed System Security Internet
    Jansen
  • Tracking anonymous peer - to - peer voip calls on the internet InProceedings of the ACM Conference on Computer and Communications pages November
    Wang
  • alexa data set http amazonaws com alexastatic top csv zip Accessed
  • Low - cost traffic analysis of Tor InProceedings of the on and Privacy
    Murdoch
  • Generic decentralized unstoppable anonymity The phantom protocol http www magnusbrading com phantom phantom design paper pdf Accessed
  • web application to inspect details of currently running relays https atlas torproject org Accessed
    Atlas
  • Tor The second - generation onion router InProceedings of the th
    Dingledine
  • Network Flow Watermarking Attack on Low - Latency Anonymous Communication Systems InProceedings of the on Privacy pages
    Wang
  • Ticket Client s choice of rend point can leak info about guard of misconfigured hidden services with entrynodes option https trac torproject org projects tor ticket Accessed
  • Goldschlag Onion Routing access configurations InProceedings of the Information Survivability Conference and Exposition volume pages
    Syverson
  • Relay early confirmation attack https blog torproject org blog tor security advisory relay early traffic confirmation attack Accessed
  • Project The chutney tool for testing and automating tor network setup https gitweb torproject org chutney git
  • The need for flow fingerprints to link correlated network flows InProceedings of the th PETS
    Houmansadr
  • Destination - naive asawareness in anonymous communications InProceedings of the th PETS
    Barton
  • Location diversity in anonymity networks InProceedings of the Workshop on Privacy in the Electronic
    Feamster
  • Probabilistic model checking of an anonymity system of
    Shmatikov
  • Data - collecting service in the Tor network https collector torproject org Accessed
  • Circuit dirtiness is inconsistant with maxcircuitdirtiness https trac torproject org projects tor ticket ticket
    Jaym
  • alexa data set http amazonaws com alexastatic top csv zip Accessed
  • Tor The second - generation onion router InProceedings of the th
    Dingledine
  • Salsa structured approach to large - scale anonymity of November
    Nambiar
  • An efficient communication system with strong anonymity on
    Kwon
  • Hiding Routing In editor Proceedings of First Workshop pages Verlag
    Goldschlag
  • Pragmatic IP Anonymity of the Ottawa Linux
    Brown
  • Relay early confirmation attack https blog torproject org blog tor security advisory relay early traffic confirmation attack Accessed
  • Timing analysis in low - latency mix networks Attacks and defenses of September
    Shmatikov
  • One cell is enough to break tor s anonymity InProceedings of Black Hat Technical Security Conference pages
    Fu