The Tor network is a widely used system for anonymous communication. However, Tor is known to be vulnerable to various attackers. Our Raptor attacks focus on Autonomous System (AS) level adversaries, i.e. the 50,000 networks which compose the Internet today. An AS, such as an Internet Service Provider (ISP), can easily eavesdrop on any Tor traffic that traverses it. First, Raptor exploits the fact that traffic in the Internet is asymmetric, meaning that a path from A to B in the Internet is often different from the path from B to A. Asymmetric traffic increases the number of AS that are crossed by Tor traffic, increasing the attack surface. Second, Raptor exploits the fact that Internet routing changes over time, e.g. due to devices failures. As the routing protocol converges around the failure, different AS receive the corresponding traffic, increasing again the attack surface. Finally, Raptor leverages the fact that each AS can actively manipulate the Internet routing protocol to attract parts of Tor traffic.
Some of our key contributions are:
- Asymmetric Traffic Analysis which can deanonymize a user with a 95% accuracy, without any false positives.
- Quantify the effect of routing asymmetry and routing dynamics, showing that they increase the chance of threat by 50% and 100%, respectively, with respect to previous work.
- Perform real-world BGP routing attacks on live Tor network with 90% accuracy on deanonymizing users.
- Sketch of countermeasures against Raptor attacks.
- Yixin Sun, PhD Student, Princeton University
- Anne Edmundson, PhD Student, Princeton University
- Laurent Vanbever, Assistant Professor, ETH Zurich
- Oscar Li, Undergraduate Student, Princeton University
- Jennifer Rexford, Gordon Y.S. Wu Professor in Engineering, Princeton University
- Mung Chiang, Arthur LeGrand Doty Professor of Electrical Engineering, Princeton University
- Prateek Mittal, Assistant Professor, Princeton University
The authors would like to thank NSF for funding support in this project.