[Cryptography] Paper on Tor deanonymization: "Users Get Routed"

Perry E. Metzger perry at piermont.com
Sun Sep 8 20:31:47 EDT 2013


A new paper on the Tor network, entitled "Users Get Routed:
Traffic Correlation on Tor by Realistic Adversaries".

  https://security.cs.georgetown.edu/~msherr/papers/users-get-routed.pdf

Quote to whet your appetite:

    We present the first analysis of the popular Tor anonymity network
    that indicates the security of typical users against reasonably
    realistic adversaries in the Tor network or in the underlying
    Internet. Our results show that Tor users are far more susceptible
    to compromise than indicated by prior work.
    [...]
    Our analysis shows that 80% of all types of users may be de-
    anonymized by a relatively moderate Tor-relay adversary within six
    months. Our results also show that against a single AS adversary
    roughly 100% of users in some common locations are deanonymized
    within three months (95% in three months for a single IXP). Fur-
    ther, we find that an adversary controlling two ASes instead of
    one reduces the median time to the first client de-anonymization
    by an order of magnitude: from over three months to only 1 day
    for a typical web user; and from over three months to roughly
    one month for a BitTorrent user. This clearly shows the dramatic
    effect an adversary that controls multiple ASes can have on
    security.

Disclaimer: one of the authors (Micah Sherr) is a doctoral brother.

Perry
-- 
Perry E. Metzger		perry at piermont.com


More information about the cryptography mailing list