Impact of replacing TCP by QUIC in Tor on website fingerprinting resistance
More Info
expand_more
Abstract
Privacy is a human right, yet, people’s behavior on the web is constantly tracked. Tor, an anonymity network, is an effective defence against tracking. However, Tor’s multiplexing of logically independent data streams into a single TCP connection causes issues. Tor with QUIC has been implemented as an alternative with better performance but it has not been studied whether and by how much QUIC increases the vulnerability to timing-based attacks.
The most threatening attacks are website fingerprinting attacks, which can track a Tor user by only controlling the guard node, first of the relays that forward traffic in Tor. In this work, Tor with QUIC is evaluated against website fingerprinting attacks with various levels of defences active. Without defences, Tor is vulnerable to website fingerprinting for both TCP and QUIC but the attacks are more effective on QUIC. On the positive side, defences against website fingerprinting remain effective for QUIC in that they decrease the effectiveness of the attack by a
similar fraction as for TCP.