Skip to Main content Skip to Navigation
New interface
Conference papers

Security and Performance Implications of BGP Rerouting-Resistant Guard Selection Algorithms for Tor

Abstract : Tor is the most popular anonymization system with millions of daily users and, thus, an attractive target for attacks, e.g., by malicious autonomous systems (ASs) performing active routing attacks to become man in the middle and deanonymize users. It was shown that the number of such malicious ASs is significantly larger than previously expected due to the lack of security guarantees in the Border Gateway Protocol (BGP). In response, recent works suggest alternative Tor path selection methods prefering Tor nodes with higher resilience to active BGP attacks.In this work, we analyze the implications of such proposals. We show that Counter-RAPTOR and DPSelect are not as secure as thought before: for particular users they allow for leakage of user’s location. DPSelect is not as resilient as widely accepted as we show that it achieves only one third of its originally claimed resilience and, hence, does not protect users from routing attacks. We reveal the performance implications of both methods and identify scenarios where their usage leads to significant performance bottlenecks. Finally, we propose a new metric to quantify the user’s location leakage by path selection. Using this metric and performing large-scale analysis, we show to which extent a malicious middle can fingerprint the user’s location and what kind of confidence it can achieve. Our findings shed light on the implications of path selection methods on the users’ anonymity and the need for further research.
Document type :
Conference papers
Complete list of metadata
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, November 22, 2021 - 3:39:55 PM
Last modification on : Monday, November 22, 2021 - 4:37:34 PM
Long-term archiving on: : Wednesday, February 23, 2022 - 8:01:06 PM


 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2023-01-01

Please log in to resquest access to the document


Distributed under a Creative Commons Attribution 4.0 International License




Asya Mitseva, Marharyta Aleksandrova, Thomas Engel, Andriy Panchenko. Security and Performance Implications of BGP Rerouting-Resistant Guard Selection Algorithms for Tor. 35th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2020, Maribor, Slovenia. pp.219-233, ⟨10.1007/978-3-030-58201-2_15⟩. ⟨hal-03440868⟩



Record views