Improving Tor security against timing and traffic analysis attacks with fair randomization




The Tor network is probably one of the most popular online anonymity systems in the world. It has been built based on the volunteer relays from all around the world. It has a strong scientific basis which is structured very well to work in low latency mode that makes it suitable for tasks such as web browsing. Despite the advantages, the low latency also makes Tor insecure against timing and traffic analysis attacks, which are the most dominant attacks on Tor network in recent past years. In this paper, first all kinds of attacks on Tor network will be classified and then timing and traffic analysis attacks will be described in more details. Then we present a new circuit scheduling for Tor network in order to preserve two properties, fairness and randomness. Both properties are trying to make pattern and timing analysis attacks more difficult and even in some cases impractical. Our scheduler distorts timing patterns and size of packets in a random way (randomness) without imposing artificial delays or paddings (fairness). Finally, by using our new scheduler, one of the most powerful attacks in this area is debilitated, and by it is shown that analyzing traffic patterns and size of packets will be more difficult to manage.


[1] R. Dingledine, N. Mathewson and P. Syverson, Tor: The Second-Generation Onion Router, In Proceedings of the 13th USENIX Security Symposium, 2004.

[2] F. Tschorsch, B. Scheuermann, Tor is Unfair and What to Do About It, 36th Annual IEEE Conference on Local Computer Networks, 2011.

[3] Z. Ling, J. Luo, W. Yu and X. Fu, Equal-Sized Cells Mean Equal-Sized Packets in Tor?, IEEE International Conference on Communications (ICC), 2011.

[4] Y. Zhang, Effective Attacks in the Tor Authentication Protocol, In Third IEEE International Conference on Network and System Security, 2009.

[5] J. McLachlan and N. Hopper, On the risks of serving whenever you surf: vulnerabilities in tor's blocking resistance design, 8th ACM workshop on privacy in the electronic society, 2009.

[6] V. Pappas, E. Athanasopoulos, S. Ioannidis, and E. P. Markato, Compromising anonymity using packet spinning, 11th Information Security Conference (ISC), 2008.

[7] K. Bauer, D. McCoy, D. Grunwald, T. Kohno, and D. Sicker, Low-resource routing attacks against tor, ACM workshop on Privacy in electronic society, 2007.

[8] J. Barker, P. Hannay and P. Szewczyk, Using Traffic Analysis to Identify the Second Generation Onion Router, International Conference on Embedded and Ubiquitous Computing (EUC), 2011.

[9] N. Borisov, G. Danezis, P. Mittal and P. Tabriz, Denial of Service or Denial of Security?, 14th ACM conference on Computer and communications security, 2007.

[10] J. A. Elices and F. Perez-Gonzalez, Fingerprinting a flow of messages to an anonymous Server, International Workshop on Information Forensics and Security (WIFS), 2012.

[11] N. Evans, R. Dingledine and C. Grotho, A Practical Congestion Attack on Tor Using Long Paths, In Proceedings of the 18th USENIX Security Symposium, 2009.

[12] N. Hopper, E. Y. Vasserman and E. Chan-Tin, How much anonymity does network latency leak?, ACM Transactions on Information and System Security, vol. 13, 2010.

[13] S. J. Murdoch and G. Danezis, Low-cost traffic analysis of Tor, in Proceedings of the 2005 IEEE Symposium on Security and Privacy, 2005.

[14] Z. Ling, J. Luo, W. Yu, X. Fu, D. Xuan, W. Jia, D. Xuan and W. Jia, A new cell counting based attack against Tor, IEEE/ACM TRANSACTIONS ON NETWORKING, 2012.

[15] J. Barker, P. Hannay and P. Szewczyk, Using Traffic Analysis to Identify the Second Generation Onion Router, International Conference on Embedded and Ubiquitous Computing (EUC), 2011.

[16] F. Zhang, W. He and X. Liu, Defending Against Traffic Analysis in Wireless Networks Through Traffic Reshaping, 31th International Conference on Distributed Computing Systems, 2011.

[17] S. Chen, R. Wang, X. Wang and K. Zhang, Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow, IEEE Symposium on Security and Privacy, 2010.

[18] T. Sochor, Fuzzy Control of Configuration of Web Anonymization using TOR, Technological Advances in Electrical and Electronics and Computer Engineering (TAEECE), 2013.

[19] C.V. Wright, S.E. Coull and F. Monrose, Traffic Morphing: an efficient defense against statistical traffic analysis, 16th network and distributed system security symposium, 2009.

[20] H. Mohajeri Moghaddam, B. Li, M. Derakhshani and I. Goldberg, Skype Morph: protocol obfuscation for Tor bridges, ACM conference on Computer and communications security (CCS), 2012.

[21] Skype Software. [Online; accessed September 2013]

[22] N. Mathewson. The Tor Project, A simple obfuscating proxy. [Online; accessed September 2013].

[23] P.Winter, S. Lindskog, How the Great Fire-wall of China is Blocking Tor, Technical Report, [Online; accessed September-2013].

[24] D. Kesdogan, J. Egner and R. Schkes, Stop-and-go MIXes: Providing probabilistic anonymity in an open system, Second International Workshop on Information Hiding, Springer, LNCS 1525, 1998

[25] B. N. Levine, M. K. Reiter, C. WANG and M. K. Wright, Timing attacks in low-latency mix-based systems, In Proceedings of Financial Cryptography, 2004.

[26] C. Diaz and A. Serjantov, Generalizing mixes, In Proceedings of Privacy Enhancing Technologies workshop (PET), 2003.

[27] C. Tang and I. Goldberg, An improved algorithm for Tor circuit scheduling, 17th ACM Conference on Computer and Communications Security, 2010.