Import PhD thesis

1 files changed, 69 insertions, 0 deletions

diff --git a/summary/src/tlwo/main.tex b/summary/src/tlwo/main.tex
new file mode 100644
index 0000000..09110c4
--- /dev/null
+++ b/summary/src/tlwo/main.tex
@@ -0,0 +1,69 @@
+\begin{kaupaper}[
+    author={%
+      \textbf{Rasmus Dahlberg} and
+      Tobias Pulls
+    },
+    title={%
+      Timeless Timing Attacks and Preload Defenses in Tor's DNS Cache
+    },
+    reference={%
+      USENIX Security (2023)
+    },
+    summary={%
+      Tor relays cache resolved domains with constant time-to-live values not to
+      reveal information about past exit traffic while boosting performance.  We
+      show that this caching strategy and its implementation in the live Tor
+      network can be exploited by a \emph{timeless timing attack} that leaks if a
+      domain is (not) cached.  Further, the time that a domain was inserted into
+      the cache can be inferred by repeated probes.  Our attack prototype's
+      experimental evaluation in real conditions shows that there are neither
+      false positives nor false negatives (10M~repetitions).  Thus, it is useful
+      for instantiating a real-world website oracle without requiring any special attacker
+      capabilities or reach (just a modest computer that can create a Tor
+      circuit).  One of our mitigations has been merged in Tor: probabilistic
+      time-to-live values that make the time-of-insertion fuzzy.  Long-term,
+      Tor's DNS cache could be redesigned to \emph{preload} the same domains at all
+      exits.  Such preloading would eliminate all (timeless) timing attacks in
+      Tor's DNS cache because the same domains would always be (un)cached across
+      different circuits.  To retain performance within the same circuit, we
+      propose that the preloaded domains should be complemented by a dynamic
+      same-circuit cache that is not shared across circuits.  Our
+      four-month-long DNS cache measurement at two 100~Mbit/s exit relays
+      informs on today's baseline performance.  It is compared to a preloaded
+      DNS cache based on different variations of three popularity lists: Alexa,
+      Tranco, and Umbrella.  A preloaded DNS cache can be as performant as today
+      with similar resource usage or significantly improve cache-hit ratios by
+      2-3x. However, the increased cache-hit ratios have the cost of modest
+      increases in memory and resolver load.
+    },
+    participation={\vspace{-.25cm}
+      Tobias and I collaborated closely from start to finish with the following
+      exceptions.  I did most implementation work.  Volunteers from DFRI---a
+      Swedish non-profit and non-partisan organization that promotes digital
+      rights---operated our exit relays.  Tobias did most DNS cache data
+      analysis.  Tobias also had the initial idea, which was refined with
+      feedback~from~Roger~Dingledine.
+    },
+    label={
+      paper:tlwo
+    },
+]
+  \maketitle
+  \begin{abstract}
+    \input{src/tlwo/src/abstract}
+  \end{abstract}
+
+  \input{src/tlwo/src/introduction}
+  \input{src/tlwo/src/background}
+  \input{src/tlwo/src/tor-cache}
+  \input{src/tlwo/src/attack}
+  \input{src/tlwo/src/short}
+  \input{src/tlwo/src/long}
+  \input{src/tlwo/src/related}
+  \input{src/tlwo/src/conclusion}
+  \input{src/tlwo/src/acknowledgements}
+  \input{src/tlwo/src/availability}
+  
+  \bibliographystyle{plain}
+  \bibliography{src/tlwo/src/ref}
+\end{kaupaper}