SSL and TLS: designing and building secure systems
SSL and TLS: designing and building secure systems
Proceedings of the First International Workshop on Information Hiding
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Statistical Identification of Encrypted Web Browsing Traffic
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Active Traffic Analysis Attacks and Countermeasures
ICCNMC '03 Proceedings of the 2003 International Conference on Computer Networks and Mobile Computing
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Low-Cost Traffic Analysis of Tor
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Measuring relationship anonymity in mix networks
Proceedings of the 5th ACM workshop on Privacy in electronic society
Hot or not: revealing hidden services by their clock skew
Proceedings of the 13th ACM conference on Computer and communications security
Inferring the source of encrypted HTTP connections
Proceedings of the 13th ACM conference on Computer and communications security
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Low-resource routing attacks against tor
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Proceedings of the 2009 ACM workshop on Cloud computing security
On the risks of serving whenever you surf: vulnerabilities in Tor's blocking resistance design
Proceedings of the 8th ACM workshop on Privacy in the electronic society
A Round-Based Cover Traffic Algorithm for Anonymity Systems
INCOS '09 Proceedings of the 2009 International Conference on Intelligent Networking and Collaborative Systems
Fingerprinting websites using traffic analysis
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Sampled traffic analysis by internet-exchange-level adversaries
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
A practical congestion attack on tor using long paths
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
The traffic analysis of continuous-time mixes
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
On flow correlation attacks and countermeasures in mix networks
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
On blending attacks for mixes with memory
IH'05 Proceedings of the 7th international conference on Information Hiding
Timing analysis in low-latency mix networks: attacks and defenses
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Privacy vulnerabilities in encrypted HTTP streams
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Anonymous connections and onion routing
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
How to hide who is communicating with whom? How to hide when a person is communicating? How to even hide the existence of ongoing communications? Partial answers to these questions have already been proposed, usually as byproducts of anonymity providing systems. The most advanced one available today is Onion-Routing and is implemented in Tor and I2P. Still, Onion-Routing is exposed to a series of serious attacks. The current paper classifies these series of attacks, and announces the TrueNyms unobservability protocol. We describe here how TrueNyms handles one of the families of attacks applying to the current Onion-Routing system, namely traffic analysis on the "shape", and give some evidence on its performance. Developed since 2003, TrueNyms is not anymore an academic answer to a privacy problem, but is a heavily tested and efficient product providing unobservability and anonymity. Although it cannot be used (for the time-being) for very low-latency applications like telephony over IP, TrueNyms can be efficiently used for most low-latency applications like Web browsing and HTTP-based protocols (RSS for instance), Instant Messaging, File transfers, audio and video streaming, remote shell, etc. TrueNyms allows parties to communicate without revealing anything about the communication -- including its very existence -- to any observer, despite how powerful such an observer might be.