[tor-relays] [tor-talk] clockskewer attack
Sampo Syreeni
decoy at iki.fi
Wed Oct 3 19:07:57 PDT 2012
On 2012-10-03, Ted Smith wrote:
> So it actually assumes that the targeted hidden service is running a
> Tor relay _and_ an open HTTP server.
The basic attack pattern is extensible to a relay and any service which
can be correlated with each other, through any sufficiently selective
metadata divulged by both services. It ain't a new one, either; I seem
to remember this sort of stuff being done from at least 2008, which
prolly makes the idea older since I'm not exactly a pro in the field.
The general statistical attack pattern is correlate, accumulate and
intersect. The research behind Tor talks about this stuff already, and
notes it cannot be stopped if we presume the relay operator leaks such
correlated information. So yes, you ought to be worried -- as the
operator of a hidden service.
--
Sampo Syreeni, aka decoy - decoy at iki.fi, http://decoy.iki.fi/front
+358-50-5756111, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
More information about the cypherpunks-legacy
mailing list