0

It's been known ever since Tor existed that flow correlation attacks can break Tor's anonymity, but whereas in the past flow correlation attacks had a false positive rate far too high to be useful against an anonymity network the size of Tor (IIRC the best one I saw had a FPR of 2%) two recent attacks -- Deepcorr and DeepCoFFEA -- have FPRs on the order of 0.001%. In addition, the storage space and time requirements to run these attacks makes them feasible even with relatively limited hardware.

What is the impact of these attacks? As far as I can tell, it basically reduces Tor to the same anonymity level as an anonymous HTTP proxy, in the sense that it might protect you against your work's IT department but against any other adversary it's basically useless.

The DeepCoFFEA paper if anyone is interested: https://www-users.cse.umn.edu/~hoppernj/deepcoffea.pdf

Improve this question
2
  • It helps you against all adversaries who cant correlate flows. It depends on the flows and if e.g. countries have access to the flows of other countries or if some flows are inside a single country.
    – secfren
    Commented Aug 23, 2023 at 13:57
  • @secfren Given that 90% of Tor relays are in America and Western Europe and that all of these countries collaborate with regards to surveillance I'd say any Western intelligence agency has access to 90% of Tor flows. Especially given that a lot of relays are on cloud servers and therefore have a 100% probability of being monitored. Wouldn't surprise me if there's an NSA program to force all cloud providers to send them full packet captures of all Tor traffic on all their VPSs. So in other words, Tor is useless against any Western intelligence agency.
    – DeepPSNA
    Commented Aug 23, 2023 at 14:43

0

Reset to default

You must log in to answer this question.