Your new post is loading...
Researchers at the KTH Royal Institute of Technology, Stockholm, and Princeton University in the USA have unveiled a new way to attack Tor and deanonymise its users.
The attack, dubbed DefecTor by the researchers’ in their recently published paper The Effect of DNS on Tor’s Anonymity, uses the DNS lookups that accompany our browsing, emailing and chatting to create a new spin on Tor’s most well established weakness; correlation attacks.
Tor works by routing users’ traffic through ‘circuits’ of computers to obscure where the traffic originates. The first computer in a circuit is drawn from a pool of about 2,500 ‘entry guards’ and the last from a smaller pool of about 1,000 ‘exit nodes’.
Correlation attacks observe the traffic entering and leaving Tor, and then attempt to pair up incoming and outgoing streams.
Because the traffic that passes from the client, through the circuit and all the way to the exit node is encrypted, attackers can’t just read it. Instead they have to use low level details like packet lengths and directions to look for known patterns that reveal what sites a user is visiting – a technique called fingerprinting.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=TOR
Researchers at the KTH Royal Institute of Technology, Stockholm, and Princeton University in the USA have unveiled a new way to attack Tor and deanonymise its users.
The attack, dubbed DefecTor by the researchers’ in their recently published paper The Effect of DNS on Tor’s Anonymity, uses the DNS lookups that accompany our browsing, emailing and chatting to create a new spin on Tor’s most well established weakness; correlation attacks.
Tor works by routing users’ traffic through ‘circuits’ of computers to obscure where the traffic originates. The first computer in a circuit is drawn from a pool of about 2,500 ‘entry guards’ and the last from a smaller pool of about 1,000 ‘exit nodes’.
Correlation attacks observe the traffic entering and leaving Tor, and then attempt to pair up incoming and outgoing streams.
Because the traffic that passes from the client, through the circuit and all the way to the exit node is encrypted, attackers can’t just read it. Instead they have to use low level details like packet lengths and directions to look for known patterns that reveal what sites a user is visiting – a technique called fingerprinting.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=TOR