"Super Nodes" in Tor: Existence and Security Implication

Tor (the second generation onion routing) is arguably the most popular low-latency anonymous communication system now. In this paper, we reexamine the anonymity of Tor based on our observation of “super nodes”. These nodes are more available and reliable than other nodes and provide high bandwidth for assisting the system in both performance and stability. We first confirm their existence by analyzing the life cycles of node IP addresses and node bandwidth contributions via two correlation approaches, on a set of self-collected data and a set of real data from the Tor official collection. We then analyze the effect of super nodes on the anonymity of Tor, discuss attacks that exploit such knowledge, and verify our analysis with real data to show potential damages. Furthermore, we investigate new attacks that exploit the knowledge of super nodes. Our simulation results show that these attacks can greatly damage the anonymity of Tor.

Author(s):

Chenglong Li    
Tsinghua National Lab for Information Science and Technology (TNList), Beijing
China

Yibo Xue    
Research Institute of Information Technology (RIIT), Tsinghua University, Beijing
China

Yingfei Dong    
Department of Electrical Engineering, University of Hawaii, Honolulu
United States

Dongsheng Wang    
Research Institute of Information Technology (RIIT), Tsinghua University, Beijing
China