The embargo of our paper "Timeless Timing Attacks and Preload Defenses in Tor's DNS Cache" has been lifted (@pulls).
https://www.usenix.org/conference/usenixsecurity23/presentation/dahlberg
We show that a remote attacker can probe the state of DNS caches at Tor exit relays without false positives; we also provide short-term mitigations (merged), and evaluate a long-term defense with privacy-preserving DNS cache measurements at exits operated by @dfri (@ln4711 @jn9999 @eliasr). Ironically, the long-term defense could boost cache-hits by 2-3x.
@eliasr: embargo here refers to the paper not being openly accessible despite being accepted for publishing, with the motivation to coordinate around mitigations and defenses in the following (at the time confidential) TROVE:
https://gitlab.torproject.org/tpo/core/tor/-/issues/40674