27C3 on Tor
Eugen Leitl
eugen at leitl.org
Tue Dec 28 11:07:54 PST 2010
(via arsetechnica)
http://arstechnica.com/tech-policy/news/2010/12/flaws-in-tor-anonymity-network-spotlighted.ars
Flaws in Tor anonymity network spotlighted
By John Borland, wired.com | Last updated about 4 hours ago
At the Chaos Computer Club Congress in Berlin, Germany on Monday, researchers
from the University of Regensburg delivered a new warning about the Tor
anonymizer network, a system aimed at hiding details of a computer userb�s
online activity from spying eyes.
The attack doesnb�t quite make a surferb�s activity an open book, but offers
the ability for someone on the same local networkb�a Wi-Fi network provider,
or an ISP working at law enforcement (or a regimeb�s) request, for exampleb�to
gain a potentially good idea of sites an anonymous surfer is viewing.
b�Developers have to be aware of this kind of attack, and develop
countermeasures,b� said Dominik Herrmann, a Regensburg PhD student studying
profiling and fingerprinting attacks. b�But that proves to be very difficult.b�
The research, performed by a variety of collaborators in Germany working on
anonymity measures, represents a warning for privacy-conscious users wary of
spying eyes, whether behind Net-unfriendly borders or simply corporate
firewalls.
Tor is essentially an online mask, rather than a tool that hides the fact or
content of communication itself. The projectb�s developers are addressing the
problem of traffic analysisb�essentially the threat that an attacker or
observer might be able to tease out a personb�s identity, location,
profession, social network or other information about the message content by
analyzing a messageb�s unencrypted headers.
To hide this information, the Tor system routes messages around a winding
path of volunteer servers across the Net, with each relay point knowing only
the address of the previous and next step in the pathway.
Once this circuit has been established, neither an eavesdropper nor a
compromised relay will theoretically have the ability to determine both the
source and destination of a given piece of communication. According to the
Tor projectb�s latest metrics, the network has drawn between 100,000 and
300,000 users per day over the last several months.
Herrmann and his fellow researchers say thereb�s a partial flaw in this
arrangement, however. A potential eavesdropper on the end userb�s own network
still has the ability to analyze the patterns of data being returned, and in
many cases will be able to develop a reasonable guess about the source of the
communication.
An attackerb�perhaps an ISP instructed by law enforcement or a government to
engage in such surveillanceb�would first have to develop a list of potential
sites that the target might be visiting, or that it was interested in
monitoring. It would then run the Tor system itself, testing the way these
sites appeared when accessed through Tor, developing a database of
b�fingerprintsb� associated with the sites of interest.
Once the target of the surveillance went online, the eavesdropper would
capture the packet stream as it crossed the local network and compare the
source data with its fingerprint database with the help of pattern
recognition software. Any match would be only statistical, giving somewhere
between 55 percent and 60 percent certainty, Herrmann saidb�not enough to
provide hard evidence in court, but likely more certainty than many people
seeking privacy might be comfortable with.
Different online destinations will carry different susceptibility to
fingerprinting, of course. Unusual sites, with characteristics such as very
heavy or large graphic use, can be more easily identified, Herrmann said. By
the same token, the easiest way for a website to fool such an eavesdropper
would be to make its site look as closely as possible like another popular
siteb�mimicking the look of the Google site, for example, one of the most
commonly accessed pages on the Web.
Users themselves can guard against this type of fingerprint-based
eavesdropping relatively easily, Herrmann noted. Downloading or requesting
more than one site at a time through the network will muddy the pattern
enough that certainty will be very difficult for the eavesdropper to
establish.
The research many not dissuade many from using Tor, which remains one of the
most promising approaches for individuals seeking to hide aspects of their
identity or online activity. But it may well make them work harder.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list