by danielabrozzoniThis blog post comes from the research of naiyoma and me.It is currently possible to identify nodes running on multiple networks by analyzing their ADDR responses. Below, we’ll share highlights from our attack attempts - while deliberately avoiding too much detail about the methodology - and discuss some possible solutions.This fingerprint attack can hurt network privacy and enable more critical scenarios; for example, it could expose network bridges then to be targeted in partitioning attacks or to gather sensitive metadata.This attack is not outstanding; for instance, #28760 outlines a different approach with the same objective, and a separate research paper demonstrates how ADDR timestamps can be exploited to infer network topology. However, we believe that addressing the attack would make a reasonable incremental step towards network security.
pull down to refresh
related posts
33 sats \ 0 replies \ @Scoresby 23 Jun
This is kind of a cool attack, and I'm glad they are thinking about how to mitigate it. I don't think very many people are running their node on both clearnet and tor, but the people who are are the bridges that keep the two networks from partitioning. Not good if they are easy to attack.
reply