Hello Katharina, Sounds like a great project. I have a couple of suggestions: 1. Consider how to use mixing to anonymize Tor’s name resolution system. Currently, clients connect to onion service by first resolving the onion address (e.g. xyzblah.onion) to a descriptor using a distributed hash table. That hash table can easily be infiltrated by an adversary running relays, and if the adversary also controls a client’s guard they can deanonymize the client during the lookup. This is the attack that the CMU/CERT researchers performed [0] as well as Biryukov et al. [1]. Onion-service descriptors are very small, and so it seems to me that mixing could be applied here to defeat deanonymization. 2. Read the alpha-mixing paper [2], which first described how high-latency and low-latency traffic might be mixed together.
Good luck! Aaron [0] <https://freedom-to-tinker.com/blog/felten/why-were-cert-researchers-attacking-tor/ <https://freedom-to-tinker.com/blog/felten/why-were-cert-researchers-attacking-tor/>> [1] Alex Biryukov, Ivan Pustogarov, Fabrice Thill, Ralf-Philipp Weinmann; "Content and popularity analysis of Tor hidden services”; IEEE 34th International Conference on Distributed Computing Systems Workshops; 2014; <http://arxiv.org/abs/1308.6768 <http://arxiv.org/abs/1308.6768>>. [2] Roger Dingledine, Andrei Serjantov, and Paul Syverson; "Blending Different Latency Traffic with Alpha-Mixing”; In the Proceedings of the Sixth Workshop on Privacy Enhancing Technologies (PET 2006); 2006; <http://freehaven.net/doc/alpha-mixing/alpha-mixing.pdf <http://freehaven.net/doc/alpha-mixing/alpha-mixing.pdf>>. > On Feb 22, 2016, at 9:11 AM, Katharina Kohls <katharina.ko...@rub.de> wrote: > > Hi everyone, > > we are a team of 4 PHD students in the field of IT security, working at > the Ruhr-University Bochum at the chair for systems security and the > information security group. > > Currently we work on a research project with the goal to leverage the > security of Tor against timing attacks by integrating mixes in Tor > nodes. The general idea is to differentiate high-latency and low-latency > traffic among the network for applying additional delays to the former > type of packets. Based on this the success of traffic analysis attacks > should be decreased without restricting the low latency assurance of Tor. > > We plan to integrate the mix into Tor version 0.2.5.10 and analyze its > performance along with the Shadow simulator. > > As there are a lot of details to consider, both regarding the technical > aspects of the integration as well as practical assumptions, e.g., "how > do we get DiffServ-like nodes?", we would be pleased to receive some > feedback on the idea and support for the implementation of the mix. > Further details on the mix and stuff will sure be provided if needed! > > Cheers, > Katharina > -- > M.Sc. Katharina Kohls > > Ruhr-University Bochum > Research Group Information Security > Universitätsstrasse 150 > ID 2/123 > 44780 Bochum / Germany > > Phone: +49 234 / 32 - 26991 > Web: www.infsec.rub.de > _______________________________________________ > tor-dev mailing list > tor-dev@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev >
_______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
