Results 1  10
of
26
LowCost Traffic Analysis Of Tor
 In Proceedings of the 2005 IEEE Symposium on Security and Privacy. IEEE CS
, 2005
"... Tor is the second generation Onion Router, supporting the anonymous transport of TCP streams over the Internet. Its low latency makes it very suitable for common tasks, such as web browsing, but insecure against trafficanalysis attacks by a global passive adversary. We present new trafficanalysis t ..."
Abstract

Cited by 230 (8 self)
 Add to MetaCart
(Show Context)
Tor is the second generation Onion Router, supporting the anonymous transport of TCP streams over the Internet. Its low latency makes it very suitable for common tasks, such as web browsing, but insecure against trafficanalysis attacks by a global passive adversary. We present new trafficanalysis techniques that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams and therefore greatly reduce the anonymity provided by Tor. Furthermore, we show that otherwise unrelated streams can be linked back to the same initiator. Our attack is feasible for the adversary anticipated by the Tor designers. Our theoretical attacks are backed up by experiments performed on the deployed, albeit experimental, Tor network. Our techniques should also be applicable to any low latency anonymous network. These attacks highlight the relationship between the field of trafficanalysis and more traditional computer security issues, such as covert channel analysis. Our research also highlights that the inability to directly observe network links does not prevent an attacker from performing trafficanalysis: the adversary can use the anonymising network as an oracle to infer the traffic load on remote nodes in order to perform trafficanalysis. 1
Hot or not: Revealing hidden services by their clock skew
 In 13th ACM Conference on Computer and Communications Security (CCS 2006
, 2006
"... Locationhidden services, as offered by anonymity systems such as Tor, allow servers to be operated under a pseudonym. As Tor is an overlay network, servers hosting hidden services are accessible both directly and over the anonymous channel. Traffic patterns through one channel have observable effec ..."
Abstract

Cited by 101 (3 self)
 Add to MetaCart
(Show Context)
Locationhidden services, as offered by anonymity systems such as Tor, allow servers to be operated under a pseudonym. As Tor is an overlay network, servers hosting hidden services are accessible both directly and over the anonymous channel. Traffic patterns through one channel have observable effects on the other, thus allowing a service’s pseudonymous identity and IP address to be linked. One proposed solution to this vulnerability is for Tor nodes to provide fixed quality of service to each connection, regardless of other traffic, thus reducing capacity but resisting such interference attacks. However, even if each connection does not influence the others, total throughput would still affect the load on the CPU, and thus its heat output. Unfortunately for anonymity, the result of temperature on clock skew can be remotely detected through observing timestamps. This attack works because existing abstract models of anonymitynetwork nodes do not take into account the inevitable imperfections of the hardware they run on. Furthermore, we suggest the same technique could be exploited as a classical covert channel and can even provide geolocation.
Anonymity protocols as noisy channels
 Information and Computation
, 2006
"... Abstract. We propose a framework in which anonymity protocols are interpreted as particular kinds of channels, and the degree of anonymity provided by the protocol as the converse of the channel’s capacity. We also investigate how the adversary can test the system to try to infer the user’s identity ..."
Abstract

Cited by 85 (27 self)
 Add to MetaCart
(Show Context)
Abstract. We propose a framework in which anonymity protocols are interpreted as particular kinds of channels, and the degree of anonymity provided by the protocol as the converse of the channel’s capacity. We also investigate how the adversary can test the system to try to infer the user’s identity, and we study how his probability of success depends on the characteristics of the channel. We then illustrate how various notions of anonymity can be expressed in this framework, and show the relation with some definitions of probabilistic anonymity in literature. 1
Anonymity vs. Information Leakage in Anonymity Systems
 In Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS 2005
, 2005
"... Measures for anonymity in systems must be on one hand simple and concise, and on the other hand reflect the realities of real systems. Such systems are heterogeneous, as are the ways they are used, the deployed anonymity measures, and finally the possible attack methods. Implementation quality and t ..."
Abstract

Cited by 26 (0 self)
 Add to MetaCart
Measures for anonymity in systems must be on one hand simple and concise, and on the other hand reflect the realities of real systems. Such systems are heterogeneous, as are the ways they are used, the deployed anonymity measures, and finally the possible attack methods. Implementation quality and topologies of the anonymity measures must be considered as well. We therefore propose a new measure for the anonymity degree, which takes into account possible heterogeneity. We model the effectiveness of single mixes or of mix networks in terms of information leakage and measure it in terms of covert channel capacity. The relationship between the anonymity degree and information leakage is described, and an example is shown.
Statistical Measurement of Information Leakage
"... Abstract. Information theory provides a range of useful methods to analyse probability distributions and these techniques have been successfully applied to measure information flow and the loss of anonymity in secure systems. However, previous work has tended to assume that the exact probabilities o ..."
Abstract

Cited by 16 (4 self)
 Add to MetaCart
(Show Context)
Abstract. Information theory provides a range of useful methods to analyse probability distributions and these techniques have been successfully applied to measure information flow and the loss of anonymity in secure systems. However, previous work has tended to assume that the exact probabilities of every action are known, or that the system is nondeterministic. In this paper, we show that measures of information leakage based on mutual information and capacity can be calculated, automatically, from trial runs of a system alone. We find a confidence interval for this estimate based on the number of possible inputs, observations and samples. We have developed a tool to automatically perform this analysis and we demonstrate our method by analysing a Mixminon anonymous remailer node. 1
Compositional Methods for InformationHiding
"... Protocols for informationhiding often use randomized primitives to obfuscate the link between the observables and the information to be protected. The degree of protection provided by a protocol can be expressed in terms of the probability of error associated to the inference of the secret inform ..."
Abstract

Cited by 7 (1 self)
 Add to MetaCart
(Show Context)
Protocols for informationhiding often use randomized primitives to obfuscate the link between the observables and the information to be protected. The degree of protection provided by a protocol can be expressed in terms of the probability of error associated to the inference of the secret information. We consider a probabilistic process calculus approach to the specification of such protocols, and we study how the operators affect the probability of error. In particular, we characterize constructs that have the property of not decreasing the degree of protection, and that can therefore be considered safe in the modular construction of protocols. As a case study, we apply these techniques to the Dining Cryptographers, and we are able to derive a generalization of Chaum’s strong anonymity result.
Quantifying information flow for dynamic secrets
"... Abstract—A metric is proposed for quantifying leakage of information about secrets and about how secrets change over time. The metric is used with a model of information flow for probabilistic, interactive systems with adaptive adversaries. The model and metric are implemented in a probabilistic pro ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
(Show Context)
Abstract—A metric is proposed for quantifying leakage of information about secrets and about how secrets change over time. The metric is used with a model of information flow for probabilistic, interactive systems with adaptive adversaries. The model and metric are implemented in a probabilistic programming language and used to analyze several examples. The analysis demonstrates that adaptivity increases information flow. Keywords—dynamic secret, quantitative information flow, probabilistic programming, gain function, vulnerability I.
Anonymity and covert channels in simple timed mixfirewalls
 In Proc. 4th Workshop on Privacy Enhancing Technologies, volume 3424 of LNCS
, 2004
"... Abstract. Traditional methods for evaluating the amount of anonymity a orded by various Mix con gurations have depended on either measuring the size of the set of possible senders of a particular message (the anonymity set size), or by measuring the entropy associated with the probability distributi ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Abstract. Traditional methods for evaluating the amount of anonymity a orded by various Mix con gurations have depended on either measuring the size of the set of possible senders of a particular message (the anonymity set size), or by measuring the entropy associated with the probability distribution of the messages possible senders. This paper explores further an alternative way of assessing the anonymity ofa Mix system by considering the capacity of a covert channel from a sender behind the Mix to an observer of the Mix's output. Initial work considered a simple model [5], with an observer (Eve) restricted to counting the number of messages leaving a Mix con gured as a rewall guarding an enclave with one malicious sender (Alice) and some other naive senders (Cluelessi's). Here, we consider the case where Eve can distinguish between multiple destinations, and the senders can select to which destination their message (if any) is sent each clock tick. 1
Adversary Gain vs. Defender Loss in Quantified Information Flow
"... Abstract—Metrics for quantifying information leakage assume that an adversary’s gain is the defender’s loss. We demonstrate that this assumption does not always hold via a class of scenarios. We describe how to extend quantification to account for a defender with goals distinct from adversary failu ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Abstract—Metrics for quantifying information leakage assume that an adversary’s gain is the defender’s loss. We demonstrate that this assumption does not always hold via a class of scenarios. We describe how to extend quantification to account for a defender with goals distinct from adversary failure. We implement the extension and experimentally explore the impact on the measured information leakage of the motivating scenario. Keywordsquantitative information flow, probabilistic models, gain function, vulnerability I.