Anonymity in Tor-like systems under Timing Analysis: An Information Theoretic Perspective

“Tor does not provide protection against end-to-end timing attacks: If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit” http://www.torproject.org. Indeed, as first demonstrated in [1] and bolstered by many follow up studies since, timing attacks have continued to be a significant threat to anonymity in a Tor-like system. While timing attacks are only a subset of possible attacks on an anonymous system, resilience to timing attacks can be studied from an independent perspective. Protection of anonymity from timing analysis requires characterizing the information retrievable from timing, and consequently designing packet scheduling protocols for mixes that minimize this information. This paper provides an information theoretic perspective on the study and prevention of timing analysis, and briefly discusses the implications on the design of anonymous systems.