Delivery-Date: Fri, 14 Nov 2014 23:13:38 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD,UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 795921E0B9B;
	Fri, 14 Nov 2014 23:13:36 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 128F131A0D;
	Sat, 15 Nov 2014 04:13:26 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id E263F31990
 for <tor-talk@lists.torproject.org>; Sat, 15 Nov 2014 04:13:21 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id xB2BEIXLem8O for <tor-talk@lists.torproject.org>;
 Sat, 15 Nov 2014 04:13:21 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id BC503318F6
 for <tor-talk@lists.torproject.org>; Sat, 15 Nov 2014 04:13:21 +0000 (UTC)
Received: from plantcutter.riseup.net (plantcutter-pn.riseup.net [10.0.1.121])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id B720F491F6
 for <tor-talk@lists.torproject.org>; Sat, 15 Nov 2014 04:13:18 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: mirimir) with ESMTPSA id F257B21A2E
Message-ID: <5466D2D8.3080708@riseup.net>
Date: Fri, 14 Nov 2014 21:13:12 -0700
From: Mirimir <mirimir@riseup.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <CAD2Ti29P2sRYqq8eRASTAnx4Q6x+G208DnA-dPPBHqSLQP2AAA@mail.gmail.com>
 <20141115004241.GB44443@moria.seul.org>
In-Reply-To: <20141115004241.GB44443@moria.seul.org>
X-Virus-Scanned: clamav-milter 0.98.4 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] Netflow analysis breaks Tor
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 11/14/2014 05:42 PM, Roger Dingledine wrote:
> On Fri, Nov 14, 2014 at 06:20:16PM -0500, grarpamp wrote:
>> Professor Sambuddho Chakravarty, a former researcher at Columbia
>> University???s Network Security Lab and now researching Network
>> Anonymity and Privacy at the Indraprastha Institute of Information
>> Technology in Delhi, has co-published a series of papers over the last
>> six years outlining the attack vector, and claims a 100% ???decloaking???
>> success rate under laboratory conditions, and 81.4% in the actual
>> wilds of the Tor network.
>>
>> http://thestack.com/chakravarty-tor-traffic-analysis-141114
>> https://mice.cs.columbia.edu/getTechreport.php?techreportID=1545&format=pdf
> 
> I put up a few pointers here for readers to get up to speed:
> https://blog.torproject.org/blog/traffic-correlation-using-netflows

I also recommend his PhD thesis:

Sambuddho Chakravarty (2014) Traffic Analysis Attacks and Defenses in
Low Latency Anonymous Communication
http://www.cs.columbia.edu/~angelos/Papers/theses/sambuddho_thesis.pdf

> There sure are a lot of things going on in Tor-land these days, but I
> don't think this has much to do with any of the other recent stories.
> Rather, some journalist thought this would be a great time to drop
> another story.
> 
> In summary, it's great to see more research on traffic confirmation
> attacks, but a) traffic confirmation attacks are not a new area so don't
> freak out without actually reading the papers, and b) this particular one,
> while kind of neat, doesn't supercede all the previous papers.
> 
> --Roger
> 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

