ONION ROUTING HAS SEVERAL WEAKNESSES. FOR ONE, IT DOES NOT PROVIDE MUCH TO DEFEND AGAINST TIMING ANALYSIS. IF AN ATTACKER OBSERVES A RELATIVELY UNDER-LOADED ONION ROUTER, HE OR SHE CAN LINK INCOMING/OUTGOING MESSAGES BY OBSERVING HOW CLOSE TOGETHER IN TIME THEY ARE RECEIVED AND RE-SENT. HOWEVER THIS CAN BE OVERCOME BY BUFFERING SEVERAL MESSAGES AND THEN TRANSMITTING THEM USING A PSEUDORANDOM TIMING ALOGRITHM. ONION ROUTING NETWORKS ARE ALSO VULNERABLE TO INTERSECTION ATTACKS AND PREDECESSOR ATTACKS. INTERSECTION ATTACKS RELY ON THE FACT THAT ONION ROUTERS PERIODICALLY FAIL OR LEAVE THE NETWORK; THUS, ANY COMMUNICATION PATH THAT REMAINS FUNCTIONING CANNOT HAVE BEEN ROUTED THROUGH THOSE ROUTERS THAT LEFT, NEITHER CAN IT INVOLVE ROUTERS THAT JOINED THE NETWORK RECENTLY. IN A PREDECESSOR ATTACK, AN ATTACKER WHO CONTROLS AN ONION ROUTER KEEPS TRACK OF A SESSION AS IT OCCURS OVER MULTIPLE PATH REFORMATIONS (PATHS ARE PERIODICALLY TORN DOWN AND REBUILT). IF AN ATTACKER OBSERVES THE SAME SESSION OVER ENOUGH REFORMATIONS, HE WILL TEND TO SEE THE FIRST ROUTER IN THE CHAIN MORE FREQUENTLY THAN ANY OTHER ROUTER.
