Tempest: Temporal Dynamics in Anonymity Systems

by   Ryan Wails, et al.

Many recent proposals for anonymous communication omit from their security analyses a consideration of the effects of time on important system components. In practice, many components of anonymity systems, such as the client location and network structure, exhibit changes and patterns over time. In this paper, we focus on the effect of such temporal dynamics on the security of anonymity networks. We present Tempest, a suite of novel attacks based on (1) client mobility, (2) usage patterns, and (3) changes in the underlying network routing. Using experimental analysis on real-world datasets, we demonstrate that these temporal attacks degrade user privacy across a wide range of anonymity networks, including deployed systems such as Tor; path-selection protocols for Tor such as DeNASA, TAPS, and Counter-RAPTOR; and network-layer anonymity protocols for Internet routing such as Dovetail and HORNET. The degradation is in some cases surprisingly severe. For example, a single host failure or network route change could quickly and with high certainty identify the client's ISP to a malicious host or ISP. The adversary behind each attack is relatively weak - generally passive and in control of one network location or a small number of hosts. Our findings suggest that designers of anonymity systems should rigorously consider the impact of temporal dynamics when analyzing anonymity.


Securing Internet Applications from Routing Attacks

Attacks on Internet routing are typically viewed through the lens of ava...

Saving Brian's Privacy: the Perils of Privacy Exposure through Reverse DNS

Given the importance of privacy, many Internet protocols are nowadays de...

Security and Privacy Implications of Middlebox Cooperation Protocols

This white paper presents an analysis done by the MAMI project of the pr...

Oblivious DNS over HTTPS (ODoH): A Practical Privacy Enhancement to DNS

The Domain Name System (DNS) is the foundation of a human-usable Interne...

Automated Security Analysis of Exposure Notification Systems

We present the first formal analysis and comparison of the security of t...

An Axiomatic Perspective on the Performance Effects of End-Host Path Selection

In various contexts of networking research, end-host path selection has ...

Fractal Rosette: A Stable Space-Ground Network Structure in Mega-Constellation

We present F-Rosette, a stable space-ground network structure for low-ea...

Please sign up or login with your details

Forgot password? Click here to reset