Dissecting Tor Bridges: a Security Evaluation of their Private and Public Infrastructures
Carmela Troncoso, IMDEA Software Institute, Madrid, Spain
12-1pm 31st Mar 2017
Abstract
Bridges are onion routers in the Tor Network whose IP addresses are not public. So far, no global security analysis of Tor bridges has been performed. Leveraging public data sources, and two known Tor issues, we perform the first systematic study on the security of the Tor bridges infrastructure. Our study covers both the public infrastructure available to all Tor users, and the previously unreported private infrastructure, comprising private nodes for the exclusive use of those who know their existence.
Our analysis of the public infrastructure is twofold. First, we examine the security implications of the public data in the CollecTor service, identifying several pieces of data that may be detrimental for the security of bridges. Then, we measure security relevant properties of public bridges. Our results show that the 55% of public bridges that carry clients are vulnerable to aggressive blocking; that 90% of bridge clients use default bridges that are trivial to identify; that the concurrent deployment of Pluggable Transports in bridges reduces the security of the most secure transports; and that running non-Tor services in the same host as a bridge may harm its anonymity.
To study the private infrastructure, we use an approach to discover 694 private bridges on the Internet and a novel technique to track bridges across IP changes. We are first to measure the size of the private bridge population (35% discovered bridges are private) and to report existence of infrastructures that use private proxies to forward traffic to backend bridges or relays. We use a novel clustering approach to analyze the different infrastructures using proxies and bridges, examining its hosting and security properties. We provide an extensive discussion on the security implications of our findings.
https://software.imdea.org/~carmela.troncoso/papers/Matic_NDSS17.pdf
Short Bio
Carmela Troncoso received the Master’s degree in Telecommunication Engineering from the University of Vigo, Spain in 2006; and a Ph.D. in Engineering from the KU Leuven, Belgium, in 2011. Her thesis “Design and Analysis methods for Privacy Technologies” funded by the Fundación Barrié de la Maza and the Flemish Foundation for Science, received the European Research Consortium for Informatics and Mathematics Security and Trust Management Best Ph.D. Thesis Award. During her doctoral studies she was an intern at Microsoft Research Cambridge for three months.
She joins the IMDEA Software Institute in October 2015. Previously, she spent one year being post-doctoral researcher at the COSIC Group (KULeuven, Belgium) and two years as post-doc in Gradiant, the Galician Research and Development Center in Advanced Telecommunications. In December 2014 she became the Security and Privacy Technical Lead at Gradiant, leading a group of 5 people that works closely with industry to deliver secure and privacy friendly solutions to the market. In this time she files a patent with PSA Peugeot Citroën about secure communications Vehicle-Cloud.
Her research focuses on security and privacy, with main contributions to the field of anonymous communications and location privacy. She has published in all top venues on the field, as well as on top journals.
She is currently the Caspar Bowden PET Award Chair, and she will will serve as the Co-Editor-in-Chief (and Program Chair) of PoPETS in 2018-2019.
https://software.imdea.org/~carmela.troncoso/