Skip to main content
SpringerLink
Log in

Bridging and Fingerprinting: Epistemic Attacks on Route Selection

  • Conference paper
Privacy Enhancing Technologies (PETS 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5134))

Included in the following conference series:

Abstract

Users building routes through an anonymization network must discover the nodes comprising the network. Yet, it is potentially costly, or even infeasible, for everyone to know the entire network. We introduce a novel attack, the route bridging attack, which makes use of what route creators do not know of the network. We also present new discussion and results concerning route fingerprinting attacks, which make use of what route creators do know of the network. We prove analytic bounds for both route fingerprinting and route bridging and describe the impact of these attacks on published anonymity-network designs. We also discuss implications for network scaling and client-server vs. peer-to-peer systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of service or denial of security? How attacks on reliability can compromise anonymity. In: De Capitani di Vimercati, S., Syverson, P., Evans, D. (eds.) CCS 2007: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 92–102. ACM Press, New York (2007)

    Chapter  Google Scholar 

  2. Boucher, P., Shostack, A., Goldberg, I.: Freedom systems 2.0 architecture. White paper, Zero Knowledge Systems, Inc. (December 2000)

    Google Scholar 

  3. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2), 84–88 (1981)

    Article  Google Scholar 

  4. Danezis, G., Clayton, R.: Route fingerprinting in anonymous communications. In: Sixth IEEE International Conference on Peer-to-Peer Computing, P2P 2006, pp. 69–72. IEEE Computer Society Press, Los Alamitos (2006)

    Chapter  Google Scholar 

  5. Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  6. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium, August 2004, pp. 303–319. USENIX Association (2004)

    Google Scholar 

  7. Feigenbaum, J., Johnson, A., Syverson, P.: A probabilistic analysis of onion routing in a black-box model. In: Yu, T. (ed.) WPES 2007: Proceedings of the 2007 ACM Workshop on Privacy in the Electronic Society, pp. 1–10. ACM Press, New York (2007)

    Chapter  Google Scholar 

  8. Freedman, M.J., Morris, R.: Tarzan: A peer-to-peer anonymizing network layer. In: Atluri, V. (ed.) Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, November 2002, pp. 193–206. ACM Press, New York (2002)

    Chapter  Google Scholar 

  9. Freedman, M.J., Sit, E., Cates, J., Morris, R.: Introducing Tarzan, a peer-to-peer anonymizing network layer. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 121–129. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  10. Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 137–150. Springer, Heidelberg (1996)

    Google Scholar 

  11. Murdoch, S.J., Zieliński, P.: Sampled traffic analysis by internet-exchange-level adversaries. In: Borisov, N., Golle, P. (eds.) PET 2007, vol. 4776, pp. 167–183. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  12. Nambiar, A., Wright, M.: Salsa: A structured approach to large-scale anonymity. In: Wright, R.N., De Capitani di Vimercati, S., Shmatikov, V. (eds.) CCS 2006: Proceedings of the 13th ACM Conference on Computer and Communications Security, October 2006, pp. 17–26. ACM Press, New York (2006)

    Chapter  Google Scholar 

  13. Øverlier, L., Syverson, P.: Locating hidden servers. In: IEEE Symposium on Security and Privacy (S&P 2006), May 2006, pp. 100–114. IEEE Computer Society Press, Los Alamitos (2006)

    Chapter  Google Scholar 

  14. Reiter, M., Rubin, A.: Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1(1), 66–92 (1998)

    Article  Google Scholar 

  15. Rennhard, M., Plattner, B.: Practical anonymity for the masses with morphmix. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 233–250. Springer, Heidelberg (2004)

    Google Scholar 

  16. Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Serjantov, A., Dingledine, R., Syverson, P.: From a trickle to a flood: Active attacks on several mix types. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 36–52. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003)

    Google Scholar 

  19. Shmatikov, V.: Probabilistic model checking of an anonymity system. Journal of Computer Security 12(3-4), 355–377 (2004)

    Google Scholar 

  20. Stoica, I., Morris, R., Liben-Nowell, D., Karger, D.R., Kaashoek, M.F., Dabek, F., Balakrishnan, H.: Chord: a scalable peer-to-peer lookup protocol for internet applications. IEEE/ACM Trans. Netw. 11(1), 17–32 (2003)

    Article  Google Scholar 

  21. Syverson, P., Reed, M., Goldschlag, D.: Onion Routing access configurations. In: Proceedings of the DARPA Information Survivability Conference & Exposition, DISCEX 2000, vol. 1, pp. 34–40. IEEE Computer Society Press, Los Alamitos (1999)

    Chapter  Google Scholar 

  22. Syverson, P., Tsudik, G., Reed, M., Landwehr, C.: Towards an analysis of onion routing security. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 96–114. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  23. Venkitasubramaniam, P., He, T., Tong, L.: Anonymous networking amidst eavesdroppers (October 2007) arXiv:0710.4903v1 at arxiv.org

    Google Scholar 

  24. Wright, M., Adler, M., Levine, B.N., Shields, C.: Defending anonymous communication against passive logging attacks. In: 2003 IEEE Symposium on Security and Privacy, May 2003, pp. 28–43. IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  25. Wright, M., Adler, M., Levine, B.N., Shields, C.: The Predecessor Attack: An Analysis of a Threat to Anonymous Communications Systems. ACM Transactions on Information and System Security (TISSEC) 4(7), 489–522 (2004)

    Article  Google Scholar 

  26. Zhuang, L., Zhou, F., Zhao, B.Y., Rowstron, A.I.T.: Cashmere: Resilient anonymous routing. In: 2nd USENIX Symposium on Networked Systems Design and Implementation (NSDI 2005), pp. 301–314. USENIX Association (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Microsoft Research, Cambridge, UK

    George Danezis

  2. Naval Research Laboratory, USA

    Paul Syverson

Authors
  1. George Danezis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul Syverson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Nikita Borisov Ian Goldberg

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Danezis, G., Syverson, P. (2008). Bridging and Fingerprinting: Epistemic Attacks on Route Selection. In: Borisov, N., Goldberg, I. (eds) Privacy Enhancing Technologies. PETS 2008. Lecture Notes in Computer Science, vol 5134. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70630-4_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-70630-4_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-70629-8

  • Online ISBN: 978-3-540-70630-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation