Security

Forensic Investigation of the OneSwarm Anonymous Filesharing System

Free registration required

Executive Summary

OneSwarm is a system for anonymous p2p file sharing in use by thousands of peers. It aims to provide Onion Routing-like privacy and BitTorrent-like performance. The authors explain several flaws in OneSwarm's design and implementation through three different attacks available to forensic investigators. They prove that the current design is vulnerable to a novel timing attack that allows just two attackers attached to the same target to determine if it is the source of queried content. When attackers comprise 15% of OneSwarm peers, they expect over 90% of remaining peers will be attached to two attackers and therefore vulnerable. Thwarting the attack increases OneSwarm query response times, making them longer than the equivalent in Onion Routing.

  • Format: PDF
  • Size: 584.29 KB