traffic analysis | Tor Blog

New low cost traffic analysis attacks and mitigations

Recently, Tobias Pulls and Rasmus Dahlberg published a paper entitled Website Fingerprinting with Website Oracles.

18 comments

A Critique of Website Traffic Fingerprinting Attacks

Website traffic fingerprinting is an attack where the adversary attempts to recognize the encrypted traffic patterns of specific web pages without using any other information.

16 comments

Experimental Defense for Website Traffic Fingerprinting mikeperry September 04, 2011

Updated 09/05/2011: Add link to actual

23 comments

Upcoming Events

There are currently no upcoming events scheduled.

See All Upcoming Events

Recent Updates

New Alpha Release: Tor 0.4.7.1-alpha

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.7.1-alpha from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely some time next week.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

This version is the first alpha release of the 0.4.7.x series. One major feature is Vanguards Lite, from proposal 333, to help mitigate guard discovery attacks against onion services. It also includes numerous bugfixes.

Changes in version 0.4.7.1-alpha - 2021-09-17

Major features (Proposal 332, onion services, guard selection algorithm):
- Clients and onion services now choose four long-lived "layer 2" guard relays for use as the middle hop in all onion circuits. These relays are kept in place for a randomized duration averaging 1 week. This mitigates guard discovery attacks against clients and short-lived onion services such as OnionShare. Long-lived onion services that need high security should still use the Vanguards addon (https://github.com/mikeperry-tor/vanguards). Closes ticket 40363; implements proposal 333.
Minor features (bridge testing support):
- Let external bridge reachability testing tools discard cached bridge descriptors when setting new bridges, so they can be sure to get a clean reachability test. Implements ticket 40209.

New low cost traffic analysis attacks and mitigations

A Critique of Website Traffic Fingerprinting Attacks

New Alpha Release: Tor 0.4.7.1-alpha

Changes in version 0.4.7.1-alpha - 2021-09-17

New Release: Tor Browser 10.5.6 (Windows, macOS, Linux)

New Release: Tails 4.22

New Release: Tor Browser 11.0a6 (Android Only)