Skip to main content
placeholder image

Design principles for low latency anonymous network systems secure against timing attacks

Journal Article


Abstract


  • Low latency anonymous network systems, such as Tor, were considered secure against timing attacks when the threat model does not include a global adversary. In this threat model the adversary can only see part of the links in the system. In a recent paper entitled Lowcost trafic analysis of Tor, it was shown that a variant of timing attack that does not require a global adversary can be applied to Tor. More importantly, authors claimed that their attack would work on any low latency anonymous network systems. The implication of the attack is that all low latency anonymous networks will be vulnerable to this attack even if there is no global adversary. In this paper, we investigate this claim against other low latency anonymous networks, including Tarzan and Morphmix. Our results show that in contrast to the claim of the aforementioned paper, the attack may not be applicable in all cases. Based on our analysis, we draw design principles for secure low latency anonymous network system (also secure against the above attack). © 2007, Australian Computer Society, Inc.

Publication Date


  • 2007

Citation


  • Wiangsripanawan, R., Susilo, W., & Safavi-Naini, R. (2007). Design principles for low latency anonymous network systems secure against timing attacks. Conferences in Research and Practice in Information Technology Series, 68, 183-191.

Scopus Eid


  • 2-s2.0-84871199341

Web Of Science Accession Number


Start Page


  • 183

End Page


  • 191

Volume


  • 68

Abstract


  • Low latency anonymous network systems, such as Tor, were considered secure against timing attacks when the threat model does not include a global adversary. In this threat model the adversary can only see part of the links in the system. In a recent paper entitled Lowcost trafic analysis of Tor, it was shown that a variant of timing attack that does not require a global adversary can be applied to Tor. More importantly, authors claimed that their attack would work on any low latency anonymous network systems. The implication of the attack is that all low latency anonymous networks will be vulnerable to this attack even if there is no global adversary. In this paper, we investigate this claim against other low latency anonymous networks, including Tarzan and Morphmix. Our results show that in contrast to the claim of the aforementioned paper, the attack may not be applicable in all cases. Based on our analysis, we draw design principles for secure low latency anonymous network system (also secure against the above attack). © 2007, Australian Computer Society, Inc.

Publication Date


  • 2007

Citation


  • Wiangsripanawan, R., Susilo, W., & Safavi-Naini, R. (2007). Design principles for low latency anonymous network systems secure against timing attacks. Conferences in Research and Practice in Information Technology Series, 68, 183-191.

Scopus Eid


  • 2-s2.0-84871199341

Web Of Science Accession Number


Start Page


  • 183

End Page


  • 191

Volume


  • 68