Preventing Active Timing Attacks in Low-Latency Anonymous Communication
University of Texas at Austin Austin United States
Pagination or Media Count:
Low-latency anonymous communication protocols in general, and the popular onion-routing protocol in particular, are broken against simple timing attacks. While there have been few proposed solutions to this problem when the adversary is active, several padding schemes have been proposed to defend against a passive adversary that just observes timing patterns. Unfortunately active adversaries can break padding schemes by inserting delays and dropping messages. We present a protocol that provides anonymity against an active adversary by using a black-box padding scheme that is effective against a passive adversary. Our protocol reduces, in some sense, providing anonymous communication against active attacks to providing a padding scheme against passive attacks. It uses time stamping to enforce timing patterns and redundancy to deal with both malicious and benign delays. Because of an asymmetry between sending data to a destination and receiving data from a destination, the protocol uses different techniques in each direction. Our analytical results show that anonymity can be made arbitrarily good at the cost of some added latency and required bandwidth. We also perform measurements on the Tor network to estimate the real-world performance of our protocol, showing that the added delay is not excessive.
- Computer Systems Management and Standards