![]() This is an example of traffic confirmation. We may not understand what they are saying (they may speak a different language), but we still can know, statistically, that they are speaking to each other. If we pay attention to the right two people long enough, we will eventually come to the conclusion that they are speaking to each other by simply observing their patterns of starting and stopping communication. If we were going to identify who was talking to who, we might want to consider looking at when they are communicating and who else is communicating at roughly the same time (or slightly after).įor example, we generally assume that when someone stops speaking, they will stop and wait to listen to what the other person wants to say before they continue. The most common method being the statistical method. Most people may try to use names, but if names are never mentioned (or alternately, everyone used pseudonyms), then you would have to rely upon other methods. How could you determine whom was speaking to whom among this rude bunch? Further, suppose that all people were standing in a big circle and looked only at the center of the room while speaking. Suppose we were in a large crowded room with a lot of talking people. So what is this traffic conformation attack we are worried about? Simple Traffic Conformation & Bayesian Math If the relays are not busy, an attacker (Oscar) could attempt to use packet counting in order to find the identity of the person Bob is communicating with, but in general, most nodes are too busy to be attacked this way easily. So even if someone could analyze the packets from each relay, short of breaking the encryption algorithm (RSA in this case), you cannot simply follow a packet by how it looks. Note that each packet is encrypted in its entirety for each layer of encryption. All traffic leaving the exit node is unencrypted. Traffic can only leave the system through an exit node. This next poorly drawn image I made in MSPaint should help visualization.Īll TOR routes are made up of three hops which include two relays and an exit node. The purpose is to ensure that at all hops, only the outermost layer of routing information is view-able. It accomplishes this task by scrubbing a packet of identifying information, and then creating multiple layers of encrypted routing instructions. In essence, its purpose is to ensure that no one can look at any packet of a particular transmission and read both the sender and its destination. TOR is an anonymizing service that uses multiple hops to obfuscate both origination and endpoint of a particular internet communication. So understanding how TOR works is paramount to understanding how it is attacked. You can hardly attack a system you don't understand. As I have a fondness for probability and computers, I thought I would try to help explain how a correlation attack works, how long it takes for a positive identification, what other types of attacks exist, and finally, how to defend yourself. This is hardly the first attack against TOR, but the question many may wonder is how this attack actually works, and better yet, what methods exist that do not require a billion dollar budget and a horde of computer specialists. Once both are compromised, it is much easier to correlate traffic with a particular individual. The purpose is presumably to trace the origin of a communication by compromising some entrance and exit nodes. In an attempt to reduce the anonymity granted by the service, the NSA has opened a great many nodes of their own. As was mentioned by the great OTW last week, TOR, aka The Onion Router, has had its integrity attacked by the NSA.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |