Dropping on the Edge:Flexibility and Traffic Confirmation in Onion Routing Protocols

Autor: Florentin Rochet, Olivier Pereira
Jazyk: angličtina
Rok vydání: 2018
Předmět:
Zdroj: Rochet, F & Pereira, O 2018, ' Dropping on the Edge : Flexibility and Traffic Confirmation in Onion Routing Protocols. ', Proceedings on Privacy Enhancing Technology, vol. 2018, no. 2, pp. 27-46 . https://doi.org/10.1515/popets-2018-0011
Proceedings on Privacy Enhancing Technologies, Vol 2018, Iss 2, Pp 27-46 (2018)
DOI: 10.1515/popets-2018-0011
Popis: The design of Tor includes a feature that is common to most distributed systems: the protocol is flexible. In particular, the Tor protocol requires nodes to ignore messages that are not understood, in order to guarantee the compatibility with future protocol versions. This paper shows how to exploit this flexibility by proposing two new active attacks: one against onion services and the other against Tor clients.Our attack against onion services is a new low-cost side-channel guard discovery attack that makes it possible to retrieve the entry node used by an onion service in one day, without injecting any relay in the network. This attack uses the possibility to send dummy cells that are silently dropped by onion services, in accordance with the flexible protocol design, and the possibility to observe those cells by inspecting public bandwidth measurements, which act as a side channel.Our attack against Tor clients, called the dropmark attack, is an efficient 1-bit conveying active attack that correlates flows. Simulations performed in Shadow show that the attack succeeds with an overwhelming probability and with no noticeable impact on user performance.Finally, we open the discussion regarding a trade-off between flexibility and security in anonymous communication systems, based on what we learned within the scope of our attacks.
Databáze: OpenAIRE
Externí odkaz: