RAPTOR: Routing Attacks on Privacy in Tor



The Tor network is a widely used system for anonymous communication. However, Tor is known to be vulnerable to various attackers. Our Raptor attacks focus on Autonomous System (AS) level adversaries, i.e. the 50,000 networks which compose the Internet today. An AS, such as an Internet Service Provider (ISP), can easily eavesdrop on any Tor traffic that traverses it. First, Raptor exploits the fact that traffic in the Internet is asymmetric, meaning that a path from A to B in the Internet is often different from the path from B to A. Asymmetric traffic increases the number of AS that are crossed by Tor traffic, increasing the attack surface. Second, Raptor exploits the fact that Internet routing changes over time, e.g. due to devices failures. As the routing protocol converges around the failure, different AS receive the corresponding traffic, increasing again the attack surface. Finally, Raptor leverages the fact that each AS can actively manipulate the Internet routing protocol to attract parts of Tor traffic.

Some of our key contributions are:

Learn more:

Paper FAQ Raptor in News Counter-RAPTOR

The Team:

This study was performed by researchers at Princeton University and ETH Zurich.

The authors would like to thank NSF for funding support in this project.