Traffic analysis: protocols, attacks, design issues, and open problems
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Web MIXes: a system for anonymous and unobservable Internet access
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Low-Cost Traffic Analysis of Tor
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Low-resource routing attacks against tor
Proceedings of the 2007 ACM workshop on Privacy in electronic society
A new cell counter based attack against tor
Proceedings of the 16th ACM conference on Computer and communications security
Proceedings of the 2009 ACM workshop on Cloud computing security
How much anonymity does network latency leak?
ACM Transactions on Information and System Security (TISSEC)
A practical congestion attack on tor using long paths
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Web browser history detection as a real-world privacy threat
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Traffic analysis against low-latency anonymity networks using available bandwidth estimation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Cryptographic protocol analysis of AN.ON
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Review: A survey on solutions and main free tools for privacy enhancing Web communications
Journal of Network and Computer Applications
The dangers of composing anonymous channels
IH'12 Proceedings of the 14th international conference on Information Hiding
Hi-index | 0.00 |
In this paper we investigate the impact of missing replay protection as well as missing integrity protection concerning a local attacker in AN.ON. AN.ON is a low latency anonymity network mostly used to anonymize web traffic. We demonstrate that both protection mechanisms are important by presenting two attacks that become feasible as soon as the mechanisms are missing. We mount both attacks on the AN.ON network which neither implements replay protection nor integrity protection yet.