Skip to main content
SpringerLink
Log in

Preventing Active Timing Attacks in Low-Latency Anonymous Communication

(Extended Abstract)

  • Conference paper
Privacy Enhancing Technologies (PETS 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6205))

Included in the following conference series:

Abstract

Low-latency anonymous communication protocols in general, and the popular onion-routing protocol in particular, are broken against simple timing attacks. While there have been few proposed solutions to this problem when the adversary is active, several padding schemes have been proposed to defend against a passive adversary that just observes timing patterns. Unfortunately active adversaries can break padding schemes by inserting delays and dropping messages.

We present a protocol that provides anonymity against an active adversary by using a black-box padding scheme that is effective against a passive adversary. Our protocol reduces, in some sense, providing anonymous communication against active attacks to providing a padding scheme against passive attacks.

Our analytical results show that anonymity can be made arbitrarily good at the cost of some added latency and required bandwidth. We also perform measurements on the Tor network to estimate the real-world performance of our protocol, showing that the added delay is not excessive.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Back, A., Möller, U., Stiglic, A.: Traffic analysis attacks and trade-offs in anonymity providing systems. In: Moskowitz, I.S. (ed.) IH 2001. LNCS, vol. 2137, pp. 245–257. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Bauer, K., McCoy, D., Grunwald, D., Kohno, T., Sicker, D.: Low-resource routing attacks against Tor. In: Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society (WPES 2007), pp. 11–20 (2007)

    Google Scholar 

  3. Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free MIX routes and how to overcome them. In: Designing Privacy Enhancing Technologies, International Workshop on Design Issues in Anonymity and Unobservability, pp. 30–45 (2000)

    Google Scholar 

  4. Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of service or denial of security? In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007), pp. 92–102 (2007)

    Google Scholar 

  5. Camenisch, J., Lysyanskaya, A.: A formal treatment of onion routing. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 169–187. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Dingledine, R., Mathewson, N.: Anonymity loves company: Usability and the network effect. In: 5th Workshop on the Economics of Information Security, WEIS 2006 (2006)

    Google Scholar 

  7. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium, pp. 303–320 (2004)

    Google Scholar 

  8. Dingledine, R., Shmatikov, V., Syverson, P.: Synchronous batching: From cascades to free routes. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 186–206. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Feigenbaum, J., Johnson, A., Syverson, P.: Preventing active timing attacks in low-latency anonymous communication. Technical Report TR-10-15, The University of Texas at Austin (2010), ftp://ftp.cs.utexas.edu/pub/techreports/TR-1965.pdf

  10. Fu, X., Graham, B., Bettati, R., Zhao, W.: Active traffic analysis attacks and countermeasures. In: 2003 International Conference on Computer Networks and Mobile Computing (ICCNMC 2003), pp. 31–39 (2003)

    Google Scholar 

  11. Fu, X., Graham, B., Bettati, R., Zhao, W.: Analytical and empirical analysis of countermeasures to traffic analysis attacks. In: Proceedings of the 2003 International Conference on Parallel Processing, pp. 483–492 (2003)

    Google Scholar 

  12. Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 137–150. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  13. Hopper, N., Vasserman, E.Y., Chan-TIN, E.: How much anonymity does network latency leak? ACM Transactions on Information and System Security 13(2), 1–28 (2010)

    Article  Google Scholar 

  14. Iwanik, J., Klonowski, M., Kutylowski, M.: DUO–onions and hydra–onions – failure and adversary resistant onion protocols. In: Communications and Multimedia Security: 8th IFIP TC-6 TC-11 Conference on Communications and Multimedia Security, pp. 1–15 (2004)

    Google Scholar 

  15. Kesdogan, D., Egner, J., Büschkes, R.: Stop-and-go-MIXes providing probabilistic anonymity in an open system. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 83–98. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  16. Levine, B.N., Reiter, M.K., Wang, C., Wright, M.K.: Timing attacks in low-latency mix-based systems (extended abstract). In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. McCoy, D., Bauer, K., Grunwald, D., Kohno, T., Sicker, D.: Shining light in dark places: Understanding the Tor network. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 63–76. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  18. Mills, D.: Network time protocol (version 3) specification, implementation. RFC 1305, Internet Engineering Task Force (March 1992)

    Google Scholar 

  19. Mittal, P., Borisov, N.: Information leaks in structured peer-to-peer anonymous communication systems. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), pp. 267–278 (2008)

    Google Scholar 

  20. Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: 2005 IEEE Symposium on Security and Privacy (SP 2005), pp. 183–195 (2005)

    Google Scholar 

  21. Murdoch, S.J., Zieliński, P.: Sampled traffic analysis by internet-exchange-level adversaries. In: Borisov, N., Golle, P. (eds.) PET 2007. LNCS, vol. 4776, pp. 167–183. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  22. Nambiar, A., Wright, M.: Salsa: a structured approach to large-scale anonymity. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006), pp. 17–26 (2006)

    Google Scholar 

  23. Øverlier, L., Syverson, P.: Locating hidden servers. In: 2006 IEEE Symposium on Security and Privacy (SP 2006), pp. 100–114 (2006)

    Google Scholar 

  24. Raymond, J.-F.: Traffic analysis: Protocols, attacks, design issues, and open problems. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 10–29. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  25. Shmatikov, V., Wang, M.-H.: Timing analysis in low-latency mix networks: Attacks and defenses. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 18–33. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  26. Syverson, P.: Onion routing for resistance to traffic analysis. In: Proceedings of the 3rd DARPA Information Survivability Conference and Exposition (DISCEX-III), vol. 2, pp. 108–110 (2003)

    Google Scholar 

  27. Syverson, P., Tsudik, G., Reed, M., Landwehr, C.: Towards an analysis of onion routing security. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 96–114. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  28. TorStatus - Tor network status (April 2010), http://torstatus.kgprog.com/

  29. Wang, X., Chen, S., Jajodia, S.: Network flow watermarking attack on low-latency anonymous communication systems. In: 2007 IEEE Symposium on Security and Privacy (SP 2007), pp. 116–130 (2007)

    Google Scholar 

  30. Wang, M.M.W., Srinivasan, V.: Dependent link padding algorithms for low latency anonymity systems. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), pp. 323–332 (2008)

    Google Scholar 

  31. Yu, W., Fu, X., Graham, S., Xuan, D., Zhao, W.: DSSS-based flow marking technique for invisible traceback. In: 2007 IEEE Symposium on Security and Privacy (SP 2007), Washington, DC, USA, pp. 18–32 (2007)

    Google Scholar 

  32. Zhu, Y., Fu, X., Graham, B., Bettati, R., Zhao, W.: On flow correlation attacks and countermeasures in mix networks. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 207–225. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Yale University, USA

    Joan Feigenbaum

  2. The University of Texas at Austin, USA

    Aaron Johnson

  3. Naval Research Laboratory, USA

    Paul Syverson

Authors
  1. Joan Feigenbaum
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aaron Johnson
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Paul Syverson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Purdue University, 305 North University Street, IN 47907, 2107, West Lafayete, USA

    Mikhail J. Atallah

  2. Department of Computer Science & Engineering, University of Minnesota, MN 55455, Minneapolis, USA

    Nicholas J. Hopper

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Feigenbaum, J., Johnson, A., Syverson, P. (2010). Preventing Active Timing Attacks in Low-Latency Anonymous Communication. In: Atallah, M.J., Hopper, N.J. (eds) Privacy Enhancing Technologies. PETS 2010. Lecture Notes in Computer Science, vol 6205. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14527-8_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14527-8_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14526-1

  • Online ISBN: 978-3-642-14527-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation