Tor provides anonymity to millions of users around the globe which has made it a valuable target for malicious actors. As a low-latency anonymity system, it is vulnerable to traffic correlation attacks from strong passive adversaries such as large autonomous systems (ASes). In preliminary work, we have developed a measurement approach utilizing the RIPE Atlas framework -- a network of more than 11,000 probes worldwide -- to infer the risk of deanonymization for IPv4 clients in Germany and the US. In this paper, we apply our methodology to additional scenarios providing a broader picture of the potential for deanonymization in the Tor network. In particular, we (a) repeat our earlier (2020) measurements in 2022 to observe changes over time, (b) adopt our approach for IPv6 to analyze the risk of deanonymization when using this next-generation Internet protocol, and (c) investigate the current situation in Russia, where censorship has been intensified after the beginning of Russia's full-scale invasion of Ukraine. According to our results, Tor provides user anonymity at consistent quality: While individual numbers vary in dependence of client and destination, we were able to identify ASes with the potential to conduct deanonymization attacks. For clients in Germany and the US, the overall picture, however, has not changed since 2020. In addition, the protocols (IPv4 vs. IPv6) do not significantly impact the risk of deanonymization. Russian users are able to securely evade censorship using Tor. Their general risk of deanonymization is, in fact, lower than in the other investigated countries. Beyond, the few ASes with the potential to successfully perform deanonymization are operated by Western companies, further reducing the risk for Russian users.

翻译：Tor为全球数百万用户提供匿名性，使其成为恶意行为者的有价值目标。作为一种低延迟匿名系统，它容易受到来自强大被动对手（如大型自治系统ASes）的流量关联攻击。在前期工作中，我们开发了一种利用RIPE Atlas框架（全球超过11,000个探针的网络）的测量方法，以推断德国和美国IPv4客户端去匿名化的风险。本文中，我们将该方法应用于更多场景，提供Tor网络中潜在去匿名化风险的更全面图景。具体来说，我们（a）在2022年重复了先前（2020年）的测量以观察随时间的变化，（b）将该方法适配到IPv6以分析使用这一下一代互联网协议时的去匿名化风险，以及（c）调查俄罗斯当前局势，该地自俄罗斯全面入侵乌克兰开始后审查加剧。根据我们的结果，Tor以一致的质量提供用户匿名性：尽管具体数字因客户端和目的地而不同，但我们能够识别出具有实施去匿名化攻击潜力的ASes。对于德国和美国的客户端，整体图景自2020年以来并未改变。此外，协议（IPv4与IPv6）并未显著影响去匿名化风险。俄罗斯用户能够使用Tor安全地规避审查。事实上，他们的去匿名化总体风险低于其他被调查国家。此外，少数具有成功实施去匿名化潜力的ASes由西方公司运营，进一步降低了俄罗斯用户的风险。