Tor is not resilient against timing correlation attacks.
Suppose Alfred hosts a Tor onion describing relativistic physics.
Suppose Bob cautiously uses Tor to consult such information on a regular basis.
Then depending on priviliged access or leverage on the internet backbone multiple approaches can be used:
A) suppose some regions randomly suffer internet or power black-outs. Obviously a Tor onion interacting with the Tor network is not in that region. While a Tor onion disconnected for the duration of such an event is possibly/probably in one of such regions. Similar for tor Browsers.
B) instead of waiting for spontaneous events they can be elicited (costly in case of internet blackouts, very costly in case of energy blackouts).
C) instead of disabling participation, one can randomly stall it: if ISP's at both ends co-operate or are compromised, network packets can be intentionally given known pseudorandom delays on top of the spontaneous delays. By calculating the correlation of the delays one can identify which Tor user IP address is frequenting which Tor onion host IP address. This works even if the added delays are smaller than the spontaneous delays, because the spontaneous delays are uncorrelated with the injected delays so the "correlation" of the spontaneous delays with the injected delays will average towards 0, whereas the correlation factor of injected delays will correlate with the injected delays. The number of packets necessary to have true positives raise above the noise floor depends on the relative sizes of the spontaneous variation in delays and the injected delays. If the injection delays are smaller it will take many more packets before true positives rise above the noise floor.
This article is from the time of the Snowden leaks, more than 10 years ago.
The moment they have correlated the traffic on your ISP's end, with the traffic on the specific Tor onion's ISP's end, they can just ask your ISP for your true name.
In this case the experts were convinced cookies were used, which is conceivably correct for a fraction of the users. The cookies and ads were probably multifunctionally abused: tracking random browsing, spam email for lucky hits, propagation delay injection of the advertisement packets, ...
This part is the thing that made me understand the numbering series:
> […] Continuing this trend, rounding as needed, and we end up with the series 10, 15, 22, 33, 47, and 68. Components built to the E6 standard have a 20% relative error tolerance, and if we look at the values again we’ll see a trend. Starting with 10 again and adding 20% error we end up with 12. Moving to 15 and subtracting 20% we get… wait for it… 12. Moving up from 15 we get 15 + 20% = 18 and 22 – 20% = 17.6. This trend repeats no matter what range of powers of 10 you use, as long as they are consecutive. So 47kΩ + 20% = 56400, while 68kΩ – 20% = 54400.
> Look again at the values 47 and 68. The max/min values overlap right about 56, don’t they? That sounds familiar. The E12 standard uses all of the same values as E6, but with 6 more values mixed in. These 6 additional values are roughly where the E6 values overlap, and now in order to cover the entire range our %-error is reduced to 10%. Starting again at 10, we have 10, 12, 15, 18, 22, 27, 33, 39, 47, 56, 68, and 82. The math holds true here as well, with the error values just slightly overlapping.
It's the 'tolerance overlap' concept that makes the numbers work, but I don't think I've ever seen it explained so clearly before.
> Mathematics can be seen as a logic game. You start with a set of assumptions and you come up with all the logical conclusions you can from that. Then, if someone else finds a situation that fits those assumptions, they can benefit from the pre-discovered logical conclusions. This means that if some conclusions require fewer assumptions, then those conclusions are more generally applicable
This is a really, really nice expression of something my mind's been hovering around for a while.
Highly recommend his blog [1] - where he often writes bite-sized math-y articles. I have personally benefited from it; I was looking for ways to sample quickly from a mixture of Beta distributions when I stumbled upon his post on the Kumaraswamy distribution [2], which takes on Beta-like shapes but has a closed form expression for the cumulative distribution function (CDF). The latter property makes generating samples from it convenient and fast.
Suppose Alfred hosts a Tor onion describing relativistic physics.
Suppose Bob cautiously uses Tor to consult such information on a regular basis.
Then depending on priviliged access or leverage on the internet backbone multiple approaches can be used:
A) suppose some regions randomly suffer internet or power black-outs. Obviously a Tor onion interacting with the Tor network is not in that region. While a Tor onion disconnected for the duration of such an event is possibly/probably in one of such regions. Similar for tor Browsers.
B) instead of waiting for spontaneous events they can be elicited (costly in case of internet blackouts, very costly in case of energy blackouts).
C) instead of disabling participation, one can randomly stall it: if ISP's at both ends co-operate or are compromised, network packets can be intentionally given known pseudorandom delays on top of the spontaneous delays. By calculating the correlation of the delays one can identify which Tor user IP address is frequenting which Tor onion host IP address. This works even if the added delays are smaller than the spontaneous delays, because the spontaneous delays are uncorrelated with the injected delays so the "correlation" of the spontaneous delays with the injected delays will average towards 0, whereas the correlation factor of injected delays will correlate with the injected delays. The number of packets necessary to have true positives raise above the noise floor depends on the relative sizes of the spontaneous variation in delays and the injected delays. If the injection delays are smaller it will take many more packets before true positives rise above the noise floor.
This article is from the time of the Snowden leaks, more than 10 years ago.
The moment they have correlated the traffic on your ISP's end, with the traffic on the specific Tor onion's ISP's end, they can just ask your ISP for your true name.
In this case the experts were convinced cookies were used, which is conceivably correct for a fraction of the users. The cookies and ads were probably multifunctionally abused: tracking random browsing, spam email for lucky hits, propagation delay injection of the advertisement packets, ...