May 16, 2005 | By Annalee Newitz

Academics Analyze TOR Security in Paper at IEEE Symposium

Two computer scientists from Cambridge University, Steven Murdoch and George Danezis, presented a paper on the anonymous communication system Tor earlier this week at the IEEE Symposium on Security and Privacy. Entitled "Low-Cost Traffic Analysis of Tor," the paper describes one possible attack on Tor's security that allows an attacker to learn the nodes in a user's circuit, but not the identity of the user. The attacker must also control the server that users are trying to reach. But no aspect of the attack compromises user anonymity -- Tor users' identities are still secure.

"The paper is useful because it points out problems in some future design directions we were considering," said Tor developer Roger Dingledine. "I'm happy that we're getting serious academic research on Tor, and I'm happy that they didn't discover any attacks that could uncover users' identities. The next research question here is to try to show that their attack becomes weaker as the Tor network grows."

Tor is an open source, anonymous communication tool for the Internet, developed primarily by Dingledine and Nick Mathewson, and is currently supported by EFF.

"The reason Murdoch and Danezis picked Tor for their paper is that Tor is publicly documented, easily accessible, and is the free-route system to research," said Mathewson. "Not only is Tor advancing the state of anonymity research, but it's also getting better each time we learn about a new vulnerability."


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

FBI Director Comey will testify tomorrow before Congress about "going dark." We've preemptively busted all his myths. eff.org/r.9vdh

Jul 7 @ 4:55pm

We're hiring an activist. Here's why you should apply to this dream job: https://eff.org/r.shdh

Jul 7 @ 4:49pm

WIPO continues to edge closer to a disastrous treaty that would hand new copyright-like rights to broadcasters: https://eff.org/r.ul9a

Jul 7 @ 4:05pm
JavaScript license information