Selective Cross Correlation in Passive Timing Analysis Attacks against Low-Latency Mixes

A mix is a communication proxy that hides the relationship between incoming and outgoing messages. Routing traffic through a path of mixes is a powerful tool for providing privacy. When mixes are used for interactive communication, such as VoIP and web browsing, attackers can undermine user privacy by observing timing information along the path. Mixes can prevent these attacks by inserting dummy packets (cover traffic) to obfuscate timing information in each stream. A recently proposed defense called adaptive padding makes cover traffic more effective by ensuring that statistically unusual gaps between packets are partially filled in with dummy packets. In this work, we propose Selective Cross Correlation (SCC), an attack that an eavesdropper could employ to de-anonymize users despite the use of adaptive padding. The main insight of our approach is that, with the defense, the timings at one end of the stream are effectively a subset of the timings at the other end of the stream. By considering the network conditions, an appropriate correlation window can be found and used to effectively remove the cover traffic, thereby enabling us to correlate both ends of the stream. We have conducted real network experiments and have found that SCC greatly improves attacker effectiveness over prior techniques against the defense. With SCC, the attacker is nearly as successful as when no defense is applied. This attack demonstrates the need for more robust defenses against statistical timing attacks.