Adversaries monitoring Tor traffic crossing their jurisdictional border and reconstructing Tor circuits
This addresses security vulnerabilities in Tor for users and network operators, but it is incremental as it builds on existing threat models with new analysis.
The paper tackles the problem of passive adversaries monitoring Tor traffic at jurisdictional borders to track and reconstruct user-server relationships, showing that a single adversary can connect incoming and outgoing traffic and cooperating adversaries can reveal parts of the Tor network.
We model and analyze passive adversaries that monitors Tor traffic crossing the border of a jurisdiction an adversary is controlling. We show that a single adversary is able to connect incoming and outgoing traffic of their border, tracking the traffic, and cooperating adversaries are able to reconstruct parts of the Tor network, revealing user-server relationships. In our analysis we created two algorithms to estimate the capabilities of the adversaries. The first generates Tor-like traffic and the second analyzes and reconstructs the simulated data.