\begin{kaupaper}[
    author={%
      \textbf{Rasmus Dahlberg} and
      Tobias Pulls
    },
    title={%
      Timeless Timing Attacks and Preload Defenses in Tor's DNS Cache
    },
    reference={%
      USENIX Security (2023)
    },
    summary={%
      Tor relays cache resolved domains with constant time-to-live values not to
      reveal information about past exit traffic while boosting performance.  We
      show that this caching strategy and its implementation in the live Tor
      network can be exploited by a \emph{timeless timing attack} that leaks if a
      domain is (not) cached.  Further, the time that a domain was inserted into
      the cache can be inferred by repeated probes.  Our attack prototype's
      experimental evaluation in real conditions shows that there are neither
      false positives nor false negatives (10M~repetitions).  Thus, it is useful
      for instantiating a real-world website oracle without requiring any special attacker
      capabilities or reach (just a modest computer that can create a Tor
      circuit).  One of our mitigations has been merged in Tor: probabilistic
      time-to-live values that make the time-of-insertion fuzzy.  Long-term,
      Tor's DNS cache could be redesigned to \emph{preload} the same domains at all
      exits.  Such preloading would eliminate all (timeless) timing attacks in
      Tor's DNS cache because the same domains would always be (un)cached across
      different circuits.  To retain performance within the same circuit, we
      propose that the preloaded domains should be complemented by a dynamic
      same-circuit cache that is not shared across circuits.  Our
      four-month-long DNS cache measurement at two 100~Mbit/s exit relays
      informs on today's baseline performance.  It is compared to a preloaded
      DNS cache based on different variations of three popularity lists: Alexa,
      Tranco, and Umbrella.  A preloaded DNS cache can be as performant as today
      with similar resource usage or significantly improve cache-hit ratios by
      2-3x. However, the increased cache-hit ratios have the cost of modest
      increases in memory and resolver load.
    },
    participation={\vspace{-.25cm}
      Tobias and I collaborated closely from start to finish with the following
      exceptions.  I did most implementation work.  Volunteers from DFRI---a
      Swedish non-profit and non-partisan organization that promotes digital
      rights---operated our exit relays.  Tobias did most DNS cache data
      analysis.  Tobias also had the initial idea, which was refined with
      feedback~from~Roger~Dingledine.
    },
    label={
      paper:tlwo
    },
]
  \maketitle
  \begin{abstract}
    \input{src/tlwo/src/abstract}
  \end{abstract}

  \input{src/tlwo/src/introduction}
  \input{src/tlwo/src/background}
  \input{src/tlwo/src/tor-cache}
  \input{src/tlwo/src/attack}
  \input{src/tlwo/src/short}
  \input{src/tlwo/src/long}
  \input{src/tlwo/src/related}
  \input{src/tlwo/src/conclusion}
  \input{src/tlwo/src/acknowledgements}
  \input{src/tlwo/src/availability}
  
  \bibliographystyle{plain}
  \bibliography{src/tlwo/src/ref}
\end{kaupaper}