|
|
@@ -1704,9 +1704,8 @@ presence of unreliable nodes.
|
|
|
Below we summarize a variety of attacks and how well our design withstands
|
|
|
them.
|
|
|
|
|
|
-\begin{enumerate}
|
|
|
-\item \textbf{Passive attacks}
|
|
|
-\begin{itemize}
|
|
|
+\subsubsection*{Passive attacks}
|
|
|
+\begin{tightlist}
|
|
|
\item \emph{Observing user behavior.}
|
|
|
\item \emph{End-to-end Timing correlation.}
|
|
|
\item \emph{End-to-end Size correlation.}
|
|
|
@@ -1733,10 +1732,10 @@ DOS three of the 4 who would allow a certain exit.
|
|
|
anonymization of data stream.
|
|
|
|
|
|
|
|
|
-\end{itemize}
|
|
|
+\end{tightlist}
|
|
|
|
|
|
-\item \textbf{Active attacks}
|
|
|
-\begin{itemize}
|
|
|
+\subsubsection*{Active attacks}
|
|
|
+\begin{tightlist}
|
|
|
\item \emph{Key compromise.} Talk about all three keys. 3 bullets
|
|
|
\item \emph{Iterated subpoena.} Legal roving adversary. Works bad against
|
|
|
this because of ephemeral keys. Criticize pets paper in section 2 for
|
|
|
@@ -1756,7 +1755,6 @@ Subcase of running a hostile node:
|
|
|
the exit node can change the content you're getting to try to
|
|
|
trick you. similarly, when it rejects you due to exit policy,
|
|
|
it could give you a bad IP that sends you somewhere else.
|
|
|
-\end{itemize}
|
|
|
\item \emph{replaying traffic} Can't in Tor. NonSSL anonymizer.
|
|
|
|
|
|
\item Do bad things with the Tor network, so we are hated and
|
|
|
@@ -1771,23 +1769,23 @@ Exit policy's are a start.
|
|
|
we rely on DNS being globally consistent. if people in africa resolve
|
|
|
IPs differently, then asking to extend a circuit to a certain IP can
|
|
|
give away your origin.
|
|
|
+\end{tightlist}
|
|
|
|
|
|
-\item \textbf{Directory attacks}
|
|
|
-\begin{itemize}
|
|
|
+\subsubsection*{Directory attacks}
|
|
|
+\begin{tightlist}
|
|
|
\item knock out a dirserver
|
|
|
\item knock out half the dirservers
|
|
|
\item trick user into using different software (with different dirserver
|
|
|
keys)
|
|
|
\item OR connects to the dirservers but nowhere else
|
|
|
\item foo
|
|
|
-\end{itemize}
|
|
|
+\end{tightlist}
|
|
|
|
|
|
-\item \textbf{Attacks against rendezvous points}
|
|
|
-\begin{itemize}
|
|
|
+\subsubsection*{Attacks against rendezvous points}
|
|
|
+\begin{tightlist}
|
|
|
\item foo
|
|
|
-\end{itemize}
|
|
|
+\end{tightlist}
|
|
|
|
|
|
-\end{enumerate}
|
|
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
|
|
Roger Dingledine