We introduce an attack against encrypted web
traffic passing over the first hop – between client and Tor gateway
– of the Tor network. The attack makes use only of packet timing
information on the uplink and so is impervious to packet padding
defences. In addition, we show that the attack is robust against the
randomised routing used in Tor. We demonstrate the effectiveness
of the attack at identifying the web sites being visited by a Tor
user, achieving mean success rates of 68%. As well as being of
interest in its own right, this timing-only attack serves to highlight
deficiencies in existing defences and so to areas where it would be
beneficial for Tor and VPN designers to focus further attention
