Publication Details

Wiangsripanawan, R., Susilo, W. & Safavi-Naini, R. (2007). Design principles for low latency anonymous network systems secure against timing attacks. L. Brankovic, P. Coddington, J. Roddick, C. Steketee, J. Warren & A. Wendelborn In Australasian Information Security Workshop 2007 (Privacy Enhancing Technologies), 30 Jan - 2 Feb, Ballarat, Australia. Conferences in Research and Practice in Information Technology, 68 183-191.


Low latency anonymous network systems, such as Tor, were considered secure against timing attacks when the threat model does not include a global ad- versary. In this threat model the adversary can only see part of the links in the system. In a recent paper entitled Low-cost traffic analysis of Tor, it was shown that a variant of timing attack that does not require a global adversary can be applied to Tor. More impor- tantly, authors claimed that their attack would work on any low latency anonymous network systems. The implication of the attack is that all low latency anony- mous networks will be vulnerable to this attack even if there is no global adversary.

In this paper, we investigate this claim against other low latency anonymous networks, including Tarzan and Morphmix. Our results show that in con- trast to the claim of the aforementioned paper, the at- tack may not be applicable in all cases. Based on our analysis, we draw design principles for secure low la- tency anonymous network system (also secure against the above attack).