Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Deanonymizing Onion Services byIntroducing Packet Delay
Blekinge Institute of Technology.
2022 (English)Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Background. Onion services facilitate two-way communication over the Tor net-work without letting either party know the other address or location. Many different techniques to break that anonymizing have come forth, but most of them have only been on paper. Some have been tested but then only on a separate network and not on the live Tor network.

Objectives. This thesis presents a technique that, with a minimal intrusion to the Tor network and no manipulation of the Introduction relay or the Rendezvous relay,can break the anonymizing of an Onion service.

Methods. The technique has been tested on the live Tor network with the approval of an ethics board. The Onion service anonymity was broken by having the Guard relay the Onion service used to connect to the Tor network introducea watermark containing the IP4 address of the Onion service in the TCP packet’s Request-Response Time (RRT). The TCP packets were used to transmit the water-mark where an HTTP echo request was sent from a Tor client where the RRT was captured, and the watermark was decoded. In order to decode the watermark, the normal RRT of packets on the Tor network was needed, so to get the data, HTTP echo requests were also sent without the watermark.

Results. The watermark was decoded by the Tor client 88.80% of the time out of 607 tries.

Conclusions. While this technique was proven to work, what holds it back is the need for the Onion service to choose the Guard relay that introduces the watermark.The chance of a specific Guard relay is chosen depends on that relays history on the Tor network. However, it’s usually about 0.005%, meaning it would need around,20000 tries to break the anonymity of a random Onion service if only one Guard relay is used.

Place, publisher, year, edition, pages
2022. , p. 36
National Category
Computer Sciences Other Computer and Information Science
Identifiers
URN: urn:nbn:se:bth-23059OAI: oai:DiVA.org:bth-23059DiVA, id: diva2:1664834
External cooperation
Axel Gehlin Björnberg
Subject / course
Degree Project in Master of Science in Engineering 30,0 hp
Educational program
DVACD Master of Science in Computer Security
Presentation
2022-05-24, Sal 1270, Valhallavägen 1, Karlskrona, 08:00 (English)
Supervisors
Examiners
Available from: 2022-08-23 Created: 2022-06-05 Last updated: 2022-08-23Bibliographically approved

Open Access in DiVA

fulltext(819 kB)352 downloads
File information
File name FULLTEXT02.pdfFile size 819 kBChecksum SHA-512
e5ce4cc783c896014902a1eff326059cbe5da20e1ccb05f69eb292b6b0eb3699b5f0488213c14bfedbc5c928aa35084a48b83948aed7a64995ccf229ebe57c5b
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Ödén, Johannes
By organisation
Blekinge Institute of Technology
Computer SciencesOther Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 352 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 528 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf