In The Onion Router (TOR) system, anonymity is provided by router services run by TOR users who volunteer their computational resources. Scalability concerns stem from the TOR design because volunteers lack an incentive to participate. A payment scheme has been previously introduced which aims at providing economic incentives for volunteers in hopes of increasing both reliability of and participation in TOR. We show that this payment scheme breaks sender-receiver anonymity through a traffic analysis intersection attack and is also vulnerable to traffic injection attacks, enabling TOR exit nodes to unnoticably cause an increase in traffic, and therefore payments, from the client. We simulate our intersection attack on the payment scheme and discuss directions for an improved design.
@misc{par-csci5471,
title = {On {PAR} for Attack},
author = {Arnold, Chris and Jansen, Rob and Lin, Zi and Parker, James},
year = {2009},
howpublished = {Unpublished report},
note = {Informal},
}