RAPTOR: Routing Attacks on Privacy in Tor

Frequently Asked Questions

Q: A brief synopsis of what Raptor attacks are

A: Tor provides anonymity by bouncing user traffic through a network of three consecutive relays. Using three relays prevents any single router from knowing the mapping between the source (user) and the final destination: the first one knows the source, not the destination; the last one knows the destination, not the source; and the middle one knows neither of them. It is well-known that Tor communication can be de-anomized by an attacker if she can simultaneously observe the traffic between the source and the first relay and, at the same time, the traffic between the last relay and the destination. The design of TOR is predicated around the idea that this is hard to achieve though as relays are scattered around the entire globe.
Raptor attacks focus on Autonomous System (AS) level adversaries, i.e. the 50,000 networks which compose the Internet today. An AS, such as an Internet Service Provider (ISP), can easily eavesdrop on any Tor traffic that traverses it. In particular, Raptor attacks leverage three key characteristics of Internet traffic. First, Raptor exploits the fact that traffic in the Internet is asymmetric, meaning that a path from A to B in the Internet is often different from the path from B to A. Asymmetric traffic increases the number of AS that are crossed by Tor traffic, increasing the attack surface. Second, Raptor exploits the fact that Internet routing changes over time, e.g. due to devices failures. As the routing protocol converges around the failure, different AS receive the corresponding traffic, increasing again the attack surface. Finally, Raptor leverages the fact that each AS can actively manipulate the Internet routing protocol to attract parts of Tor traffic.

Q: If and why these findings are potentially more alarming than earlier findings

A: Previous work mainly focused on attacking Tor relays, while our work focus on AS-level adversary, which have more chances to gain visibility into a lot of Tor traffic and more power to manipulate the Tor communication. Here are a few bullet points of our contributions:
(1) Previous work only looked at correlating packet sizes/timings for one direction of the traffic. In contrast, Raptor also exploits the return traffic (i.e., acknowledgments) which increases the number of ASes that can tap into Tor traffic and de-anonymize the Tor users. (You might already know this, but just FYI, let’s say A is sending a file to B. A will divide the file into multiple packets and send them one at a time. Upon the reception of each packet, B will send an acknowledgement message back to A. Communication is therefore bidirectional. Previous work only looked at the data traffic from A to B, while we exploit the ACK traffic from B to A, which requires a new way to do correlation analysis).
(2) Our work quantifies the effect of routing asymmetry (see (1)) and routing dynamics. We show that they increase the chance of threat by 50% and 100%, respectively, with respect to previous work.
(3) Our work shows the feasibility of actively manipulating the Internet routing protocol to perform attacks on live Tor network, which no previous work has done before.

Q: I've been trying to read the section about preventing such attacks, and I'd love just a quick (however cursory) rundown of what TOR devs or those using it can do

A: There are many potential ways the Tor project can utilize our countermeasure. One concrete example is adapting the Tor relay selection process to consider Raptor attacks. Currently, Tor client selects its relays without taking into account Internet routing. Thanks to our measurement platform, the Tor network can gain knowledge of which AS is prone to see the communication at both ends if a given set of relays are picked, and thus adapt the path selection algorithm accordingly. In addition, as showed in Raptor, it's quite effective to perform a more-specific BGP prefix attack on a Tor relay, so an easy way to prevent such attack is to pick Tor relays with /24 prefixes. (However though, /24 prefix is still subject to an equal-specific prefix attack, but it's less powerful than a more-specific prefix attack regarding the range it can be propagated through internet.)

Q: Anything further that the Tor users should know?

One thing to notice is that Raptor attacks are applicable to all low-latency anonymity systems (not just the Tor network). Other affected systems include the I2P network. So Tor is still currently one of the best ways to provide anonymity to users, even though it certainly has things that need to be improved.