论文信息 - One Fast Guard for Life ( or 9 months )

One Fast Guard for Life ( or 9 months )

“Entry Guards” in the Tor anonymity network mitigate against several traffic analysis attacks including the “predecessor” attack, statistical profiling, and passive AS-level correlation attacks. Several recent works have shown that the current design does not provide sufficient mitigation against these attacks and may also introduce new vulnerabilities. We propose a simple response to these results: Tor clients should move from using three entry guards to a single, fast entry guard, and rotate entry guards after 9 months rather than after 45 days. We measure the likely effect on anonymity and performance of these changes, and discuss some of the remaining problems with entry guards not addressed by this proposal.

R. Dingledine | N. Hopper | George Kadianakis | Nick Mathewson

[1] Micah Adler,et al. The predecessor attack: An analysis of a threat to anonymous communications systems , 2004, TSEC.

[2] Paul F. Syverson,et al. Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[3] G. Danezis,et al. Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity , 2007 .

[4] Roger Dingledine. Measuring the safety of the Tor network , 2011 .

[5] Ian Goldberg,et al. Changing of the guards: a framework for understanding and improving entry guard selection in tor , 2012, WPES '12.

[6] Tao Wang,et al. Congestion-Aware Path Selection for Tor , 2012, Financial Cryptography.

[7] Micah Sherr,et al. An Empirical Evaluation of Relay Selection in Tor , 2013, NDSS.

[8] Ian Goldberg,et al. The Path Less Travelled: Overcoming Tor's Bottlenecks with Traffic Splitting , 2013, Privacy Enhancing Technologies.

[9] Alex Biryukov,et al. Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization , 2013, 2013 IEEE Symposium on Security and Privacy.

[10] Micah Sherr,et al. Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.