The Tor network is susceptible to “traffic-correlation attacks” that when carried out are able to deanonymize Tor users, TechRepublic reports. The article follows on a report co-authored by ICFP fellow Yixin Sun.
From the article: “Tor is currently the most popular method for anonymizing online communications—it serves millions of users, and carries terabytes of traffic every day. Despite its proven effectiveness, a group of researchers from Princeton is urging caution because Tor has a weakness.
‘Tor is vulnerable to traffic-correlation attacks,’ write Princeton University researchers Yixin Sun, Anne Edmundson, Nick Feamster, Mung Chiang, and Prateek Mittal…’An adversary [or Autonomous System (AS)] who can observe the traffic at both ends of the communications path—between the Tor client and the entry guard relay, and between the exit relay and the destination server—can perform traffic analysis on packet size and timing to deanonymize Tor users.’
The authors are particularly concerned about RAPTOR (Routing Attacks on Privacy in TOR) attacks, where quirks in BGP routing allow attackers to increase the number of AS-level adversaries observing traffic entering and exiting the Tor network.
‘As the internet gets bigger and more dynamic, more organizations have the ability to observe users’ traffic,’ says research team member Yixin Sun…’We want to understand possible ways these organizations could identify users and provide Tor with the means to defend itself against these attacks and help preserve online privacy.’”