Theory and tests in ideal lab conditions are one thing. Running these ideas against a real world network is another. I was to see video of this if it's really true.
On Wed, May 21, 2008 at 12:18 PM, F. Fox <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > I know someone else mentioned this, but I misplaced the email: > > ******** > > - From : http://web.crypto.cs.sunysb.edu/spday/ > > "Simulating a Global Passive Adversary for Attacking Tor-like Anonymity > Systems > We present a novel, practical, and effective mechanism for identifying > the IP address of Tor clients. We approximate an almost-global passive > adversary (GPA) capable of eavesdropping anywhere in the network by > using LinkWidth, a novel bandwidth-estimation technique. LinkWidth > allows network edge-attached entities to estimate the available > bandwidth in an arbitrary Internet link without a cooperating peer host, > router, or ISP. By modulating the bandwidth of an anonymous connection > (e.g., when the destination server or its router is under our control), > we can observe these fluctuations as they propagate through the Tor > network and the Internet to the end-user's IP address. Our technique > exploits one of the design criteria for Tor (trading off GPA-resistance > for improved latency/bandwidth over MIXes) by allowing well-provisioned > (in terms of bandwidth) adversaries to effectively become GPAs. Although > timing-based attacks have been demonstrated against > non-timing-preserving anonymity networks, they have depended either on a > global passive adversary or on the compromise of a substantial number of > Tor nodes. Our technique does not require compromise of any Tor nodes or > collaboration of the end-server (for some scenarios). We demonstrate the > effectiveness of our approach in tracking the IP address of Tor users in > a series of experiments. Even for an under-provisioned adversary with > only two network vantage points, we can accurately identify the end user > (IP address) in many cases. Furthermore, we show that a well-provisioned > adversary, using a topological map of the network, can trace-back the > path of an anonymous user in under 20 minutes. Finally, we can trace an > anonymous Location Hidden Service in approximately 120 minutes." > > ********* > > I wonder if this could be true, and what exactly this all means; if it > means that pretty much anyone can jump into the role of a GPA, we're > screwed. > > - -- > F. Fox > AAS, CompTIA A+/Network+/Security+ > Owner of Tor node "kitsune" > http://fenrisfox.livejournal.com > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iQIVAwUBSDR1e+j8TXmm2ggwAQhYSBAAjd86xH3G1b4zauY9V5txc59n+VAZtD3I > dih3M1LI/AthXGymIsTn7GfQIhsw9wIlBMxxs8Se0Azgdm2QIB2sQkJSwsQB8JrJ > 45PV2tYOhThfZayvPNq3RLZ70rlWum654IYbh5VYh1ODOENqmcg5/YLYeLORc/NE > zEkvRo2PGxKY/7V0icVyN7Q/+vwpu61Wm3Yt/D3mrHvLddh2ft3MiTqifAMRpjaj > ZbyKzcDwsMsltCKnJiz9ECNDja2FTj0x6pyQGHDO8DSnY9KXus95Brt9cjKW5yF0 > Ix7wGt5V87MYFpEoWEErbHHCKU9N4zFgu4dBj8dTJFqe09eXe/FZGrKHPS7pnnNE > 02FKNiafuyf7+jUQYrQFZMxi8TnjveHDcjc1w1OTx355bu3xZzVEmHR9PnG5oDWr > HpfsA13649j+vGfm+Afjvd0Yw0Db3yeYo9uDG/mJDcvyl2qI30tFwI4YggbWHgVL > 6UTEk5SwPI6k1A+9IAUObrHtqqb/qQJOZy3tHx9slogI6qPJSYIUTQWgBjNZ1yJ9 > C2l7t5y5JqMXQHQzZwdNRboaeIEMunedevN/zweLK5Lt308FP7JAJJHLz/f7MDLK > WN4oZEyL0LWuIlqbEPBNODgIXyicHNf2Hd+lMDOasCIc63mCaa7hlk+j73gQjH/B > lQIwdbevNBU= > =CKp7 > -----END PGP SIGNATURE----- >
