Padding Machines for Tor
Protect metadata in the Tor onion routing network
Tor is the worlds largest anonymity network with about eight million daily users around the world who use Tor to browse the web anonymously, access onion services, and circumvent censorship. The project Padding Machines for Tor will design and implement padding machines---as part of a new framework in Tor for generating fake padding traffic---to defend against website fingerprinting attacks. A website fingerprinting attack is a type of traffic analysis attack where an attacker attempts to determine websites visited by a target Tor user by analysing encrypted traffic. The results of the project will be both open source and open access, with the goal of contributing to effective and efficient defenses deployed by default in Tor against website fingerprinting attacks.
Why does this actually matter to end users?
On the internet, every computer by design gets a unique number - a so called internet protocol address (or for short IP address). This address is used to send information from your computer to the other computer you want to communicate with, and of course back. Unlike a traditional radio, you often need to send messages to receive messages on the internet. Computers are a great engineering achievement but they are certainly not magic, and thus they need to be able to somehow find each other. The IP address makes this possible. Unfortunately, the fact that every computer has a unique number opens up the possibility of abuse by dishonest actors. Because even though it is none of their business, breaking privacy is a profitable business. If they link what you do on the left side of the internet to what you do on the right side of the internet, they can create a profile and sell this to the highest bidder - with any bad luck to people that want to use it for nefarious purposes.
While work is under way to replace the design of the internet within the Next Generation Internet initiative, there are multiple ways to avoid your IP address being tracked on the current internet. A popular method to attempt to anonymise ones internet presence is to use the Tor network. Tor is a network of millions of computers and users that send messages among each other to confuse someone watching internet traffic. Of course, this is an arms race between those that want to be anonymous when they visit some webpages and those that want to achieve the opposite goal.
Researchers found out that while the actual content can be well obscured with lots of intricate math operations, no activity is still observably different from some activity. That means sometimes the patterns of usage would still put users at risk. This is the background of this project. It will attempt to create fake network activity that is realistic and plausible, in such a way that an attacker will not be able to infer much anymore about Tor users. Tor is used a lot by ordinary people but also by journalists, whisteblowers, dissidents, diplomats and others for who the loss of their anonymity while using the internet can have very dramatic consequences. The project therefore contributes to both privacy and security of internet users.
Run by Karlstad University
This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.
