Security and Performance Implications of BGP Rerouting-Resistant Guard Selection Algorithms for Tor - ICT Systems Security and Privacy Protection
Conference Papers Year : 2020

Security and Performance Implications of BGP Rerouting-Resistant Guard Selection Algorithms for Tor

Abstract

Tor is the most popular anonymization system with millions of daily users and, thus, an attractive target for attacks, e.g., by malicious autonomous systems (ASs) performing active routing attacks to become man in the middle and deanonymize users. It was shown that the number of such malicious ASs is significantly larger than previously expected due to the lack of security guarantees in the Border Gateway Protocol (BGP). In response, recent works suggest alternative Tor path selection methods prefering Tor nodes with higher resilience to active BGP attacks.In this work, we analyze the implications of such proposals. We show that Counter-RAPTOR and DPSelect are not as secure as thought before: for particular users they allow for leakage of user’s location. DPSelect is not as resilient as widely accepted as we show that it achieves only one third of its originally claimed resilience and, hence, does not protect users from routing attacks. We reveal the performance implications of both methods and identify scenarios where their usage leads to significant performance bottlenecks. Finally, we propose a new metric to quantify the user’s location leakage by path selection. Using this metric and performing large-scale analysis, we show to which extent a malicious middle can fingerprint the user’s location and what kind of confidence it can achieve. Our findings shed light on the implications of path selection methods on the users’ anonymity and the need for further research.
Fichier principal
Vignette du fichier
497034_1_En_15_Chapter.pdf (710.91 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-03440868 , version 1 (22-11-2021)

Licence

Identifiers

Cite

Asya Mitseva, Marharyta Aleksandrova, Thomas Engel, Andriy Panchenko. Security and Performance Implications of BGP Rerouting-Resistant Guard Selection Algorithms for Tor. 35th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2020, Maribor, Slovenia. pp.219-233, ⟨10.1007/978-3-030-58201-2_15⟩. ⟨hal-03440868⟩
69 View
189 Download

Altmetric

Share

More