Patching up security holes in Tor network

A lot has been said about Tor – software project that enables its users to browse the web in anonymity and with their location protected. And not only that. Many websites and services are only available via the Tor network. These are called Hidden Services/Servers (around 30.000 of which are being run daily) and their uses range from services for citizens of countries that restrict and censor online communciations, through transmission of sensitive information, all the way to illegal projects and organizations, such as The Silk Road, a black market website which used to mediate drugs and arms trade in staggering volumes. Tor is controversial, to say the least.

In any case, Tor has been the topic of many academic discussions and deliberations, occupying a host of digital security experts and computer scientists. The paper presented here is one such instance, titled Enhancing Traffic Analysis Resistance for Tor Hidden Services with Multipath Routing by Lei Yang and Fenguj Li from The University of Kansas. Their paper won the Best Paper award at the Securecomm 2015 – 11th EAI International Conference on Security and Privacy in Communication Networks.

In this paper, the authors propose a multipath routing scheme for Tor hidden servers to defend against traffic analysis attacks. It is argued that Tor’s hidden services are particularly vulnerable to this kind of attack, which correlates communication patterns, deducing information about its participants, their IP addresses and locations in particular. In a traffic analysis, a statistical comparison of various traffic features, such as packet timings and counts, is performed. For a service that is supposed to provide sender-receiver unlinkability, that is quite a problem.

Tor operates via a network of six routers, nodes, and relays run by volunteers, which serve as jumping points for information from one to the next, until it reaches the desired receiver. Each node is only aware of the previous one and the next in line, obscuring the complete link between the original sender and the final receiver. If you have been wondering why hidden services are particularly vulnerable to traffic analysis attacks, the answer is simple: a new set of six nodes for each hidden service is randomized every 24 hours, but for the duration of that entire day. Additionally, nodes for hidden servers are flagged as such, and researchers have demonstrated that it is possible to take up these nodes for a specific day by brute forcing their key generation. This is opposed to a new set of nodes selected for every single connection to an ordinary (i.e. unhidden) server. The number of nodes which an attacker needs to take over in order to perform a reliable statistical traffic analysis would rise immensely. However, gaining control over the entry and the exit node, in addition to several more inbetween, for a single hidden server for a day, is not unheard of. Plus, the more nodes the attacker can track, the lower the latency on the observed traffic, and the more reliably can he or she connect the dots.

Yang and Li have stated that there are two ways of addressing this security issue – 1. to prevent the adversary from taking control of the entry and the exit node, and 2. to reduce the success rate of traffic analysis when the adversary has already been successful in gaining control over these nodes. In their paper, they proposed an approach for the latter.

They developed a multipath routing scheme for Tor hidden servers, which transfers data through multiple circuits between the hidden server and a special server rendezvous point. This system is able to exploit flow splitting and flow merging to eliminate identifiable patterns of the original flow thanks. The flow is split inside an anonymous tunnel connecting the last node and a new rendezvous point selected by the hidden server. This tunnel is comprised of multiple circuits, and is created by the hidden server upon client’s request. The different network dynamics across these multiple routes is what throws off the traffic analysis.

Yang and Li tested this system experimentally on the Shadow simulator. The results of this tested have shown that the scheme can effectively mitigate the risk of traffic analysis even when robust watermarking techniques are employed.

If you wish to take a closer look at how this scheme works, we recommend checking out the full paper at EUDL.