Untrusted Onions: Is Tor Broken?

Presented at NolaCon 2016, May 21, 2016, 2 p.m. (Unknown duration)

Tor is used by dissidents, journalists, whistleblowers, and shadier characters to access the Internet anonymously. Cases where people engaging in activity frowned upon by their government have been caught despite using Tor usually involve one or more of the following factors 1) Tor misconfiguration 2) Not using Tor consistently (Sabu from Lulzsec) 3) OPSEC failures (Dread Pirate Roberts of the Silk Road). Are there ways to catch people who are connecting to specific Tor hidden services even if they are doing everything right?

I will examine a theoretical attack presented in a paper published by a research group at MIT in August 2015. Their claim is that they can identify a users' involvement with hidden services with up to a 99% true positive rate and 0.07% false positive rate, using a passive circuit fingerprinting attack. Furthermore, since the attack is passive, it cannot be detected until nodes have been deanonymized.


Presenters:

  • John Shade
    John Shade is a security researcher whose interests include privacy, network traffic analysis, and penetration testing. John has been called a polymath with interests ranging from Terahertz technology to ancient languages. What motivates John is a desire to know things that are esoteric, hidden from plain view, encoded, or camouflaged.

Links:

Similar Presentations: