Cryptology ePrint Archive: Report 2013/664

TUC: Time-sensitive and Modular Analysis of Anonymous Communication

Michael Backes and Praveen Manoharan and Esfandiar Mohammadi

Abstract: The anonymous communication (AC) protocol Tor constitutes the most widely deployed technology for providing anonymity for user communication over the Internet. Tor has been subject to several analyses which have shown strong anonymity guarantees for Tor. However, all previous analyses ignore time-sensitive leakage: timing patterns in web traffic allow for attacks such as website fingerprinting and traffic correlation, which completely break the anonymity provided by Tor. For conducting a thorough and comprehensive analysis of Tor that in particular includes all of these time-sensitive attacks, one of the main obstacles is the lack of a rigorous framework that allows for a time-sensitive analysis of complex AC protocols.

In this work, we present TUC (for Time-sensitive Universal Composability): the first universal composability framework that includes a comprehensive notion of time, which is suitable for and tailored to the demands of analyzing AC protocols. As a case study, we extend previous work and show that the onion routing (OR) protocol, which underlies Tor, can be securely abstracted in TUC, i.e., all time-sensitive attacks are reflected in the abstraction. We finally leverage our framework and this abstraction of the OR protocol to formulate a countermeasure against website fingerprinting attacks and to prove this countermeasure secure.

Category / Keywords: foundations / cryptographic protocols, security analysis of protocols, concurrent composition, anonymous communication

Date: received 17 Oct 2013, last revised 18 Oct 2013

Contact author: manoharan at cs uni-saarland de

Available format(s): PDF | BibTeX Citation

Note: We added acknowledgements.

Version: 20131024:075928 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]