InfoSec Seminar: Your Choice MATor(s): Large-scale Quantitative Anonymity Assessment of Tor Path Selection Algorithms against Structural Attacks

Speaker: Sebastien Meiser

Date/Time: 07-Jul-2016, 16:00 UTC

Venue: Roberts 106



We present a rigorous methodology for quantifying the anonymity provided by Tor against a variety of structural attacks, i.e., adversaries that compromise Tor nodes and thereby perform eavesdropping attacks to deanonymize Tor users.First, we provide an algorithmic approach for computing the anonymity impact of such structural attacks against Tor. The algorithm is  parametric in the considered path selection algorithm and is, hence, capable of reasoning about variants of Tor and alternative path selection algorithms as well. Second, we present formalizations of various instantiations of structural attacks against Tor and show that the computed anonymity impact of each of these adversaries indeed constitutes a worst-case anonymity bound for the cryptographic realization of Tor. Third, we use our methodology to conduct a rigorous, large-scale evaluation of Tor's anonymity which establishes worst-case anonymity bounds against various structural attacks for Tor and for alternative path selection algorithms such as DistribuTor, SelekTOR, and LASTor. This yields the first rigorous  anonymity comparison between different path selection algorithms. As part of our analysis, we quantify the anonymity impact of a path selection transition phase, i.e., a small number of users decides to run an alternative algorithm while the vast majority still uses the original one. 


Sebastian Meiser recently submitted his PhD thesis on Quantitative Anonymity Guarantees for Tor under supervision of Michael Backes in Saarland University, Germany. His research focus is on the foundations of anonymity and privacy, especially on quantitative definitions of anonymity, privacy and security, as well as on a cryptographic perspective on these notions.

Add to Calendar

This page was last modified on 27 Mar 2014.