Tor De-anonymisation Techniques

Tor offers a censorship-resistant and distributed platform that can provide easy-to-implement anonymity to web users, websites, and other web services. Tor enables web servers to hide their location, and Tor users can connect to these authenticated hidden services while the server and the user both stay anonymous. However, throughout the years of Tor’s existence, some users have lost their anonymity. This paper discusses the technical limitations of anonymity and the operational security challenges that Tor users will encounter. We present a hands-on demonstration of anonymity exposures that leverage traffic correlation attacks, electronic fingerprinting, operational security failures, and remote code execution. Based on published research and our experience with these methods, we will discuss what they are and how some of them can be exploited. Also, open problems, solutions, and future plans are discussed.

Juha Nurmi, Mikko S. Niemelä (Kinkayo-Silverskin): Tor De-anonymisation Techniques

Presented at NSS 2017, Helsinki. Lecture Notes in Computer Science, volume 10394

Share on LinkedInGoogle+Tweet about this on TwitterShare on FacebookEmail to someone