Below we summarize a variety of attacks and how well our design withstands
them.
-\begin{enumerate}
-\item \textbf{Passive attacks}
-\begin{itemize}
+\subsubsection*{Passive attacks}
+\begin{tightlist}
\item \emph{Observing user behavior.}
\item \emph{End-to-end Timing correlation.}
\item \emph{End-to-end Size correlation.}
anonymization of data stream.
-\end{itemize}
+\end{tightlist}
-\item \textbf{Active attacks}
-\begin{itemize}
+\subsubsection*{Active attacks}
+\begin{tightlist}
\item \emph{Key compromise.} Talk about all three keys. 3 bullets
\item \emph{Iterated subpoena.} Legal roving adversary. Works bad against
this because of ephemeral keys. Criticize pets paper in section 2 for
the exit node can change the content you're getting to try to
trick you. similarly, when it rejects you due to exit policy,
it could give you a bad IP that sends you somewhere else.
-\end{itemize}
\item \emph{replaying traffic} Can't in Tor. NonSSL anonymizer.
\item Do bad things with the Tor network, so we are hated and
we rely on DNS being globally consistent. if people in africa resolve
IPs differently, then asking to extend a circuit to a certain IP can
give away your origin.
+\end{tightlist}
-\item \textbf{Directory attacks}
-\begin{itemize}
+\subsubsection*{Directory attacks}
+\begin{tightlist}
\item knock out a dirserver
\item knock out half the dirservers
\item trick user into using different software (with different dirserver
keys)
\item OR connects to the dirservers but nowhere else
\item foo
-\end{itemize}
+\end{tightlist}
-\item \textbf{Attacks against rendezvous points}
-\begin{itemize}
+\subsubsection*{Attacks against rendezvous points}
+\begin{tightlist}
\item foo
-\end{itemize}
+\end{tightlist}
-\end{enumerate}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
projects / thirdparty / tor.git / commitdiff
