Distilling the Low Cost Traffic Analysis Attack

14 September 2007

Just finished reading a new paper on Low Cost Traffic Analysis: 

Wiangsripanawan, R., Susilo, W., and Safavi-Naini, R. 2007. Design principles for low latency anonymous network systems secure against timing attacks. In Proceedings of the Fifth Australasian Symposium on ACSW Frontiers – Volume 68(Ballarat, Australia, January 30 – February 02, 2007).

The authors look afresh at the Low Cost Traffic Analysis attack and how it applies to the Tarzan and MorphMix peer-to-peer anonymity systems. The key observation is that for the attack to apply three preconditions need to hold:

  1. A node’s load affects the latency of relayed traffic.
  2. The adversary knows the nodes participating in the protocols.
  3. The adversary must be able to establish a direct connection with all other nodes.

The paper argues that Tarzan’s mimic based routing structure may invalidate precondition (3). MorphMix on the other hand makes it difficult for the adversary to know all nodes in the network (2). As a general rule they advise designers to make comprehensive node discovery difficult, a property that is also in line with the needs of censorship resistant proposals.

Before getting overly excited about the security of those systems it is worth remembering the inherent unscalability of Tarzan, as well as the recent attacks against MorphMix.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: