How Tor Users Can be Unmasked without Decryption
Tor (The Onion Router) is in trouble, big trouble.
People known as “Spies”, interested only to get into others network and collect information have put Tor in danger of being intercepted again.
Digital attacks developed by security researchers at MIT (Massachusetts Institute of Technology) proved to be highly accurate and effective in unmasking Tor hidden services in the Deep Webb.
Table of Content
Tor network is a useful tool for citizens under dictatorial regimes, hackers and journalists. It is also used by criminals interested to hide their identity when surfing the Internet. Tor network uses a plethora of relays and nodes to make tracking difficult and mask its users.
A path called “circuit” is used to rout and encrypt the connection when any user is connected to Tor. At first the request reaches what is known as a “Guard” or the entry node, where the real IP address of the user is known. Then it travels through all the hops and the communication circuit ends through the “exit nodes”.
Anyway, monitoring Tor traffic passively, an attacker could figure out any hidden service accessed by a user and in some cases, even reveal the servers that host the sites on Tor network. So in order to protect your connection it’s better to use Tor over a VPN conjunction.
Unmasking Identities without Cracking Encryption
Qatar Computing Research Institute and Net Security team from MIT claimed recently that exploiting a new vulnerability they found in the Tor’s Guard gateway someone could determine Tor’s hidden services are accessed by a user.
According to them, it is possible to masquerade Tor’s Guard Gateways so that the attacker’s ‘setup’ node would act as the Entry node and the user’s packets will travel through it. Researchers published a proof-of-concept attack where this method was described as “Circuit Fingerprinting“.
Including series of passive attacks, this type of biometric behavior allows spies to unmask Tor users with 88 percent accuracy even without decrypting the Tor traffic.
Other than revealing the digital footprint of a Tor user, this new approach also discloses the hidden services accessed by a Tor user; just analyzing the pattern of the data packets and the traffic data.
Therefore encryption does not help users hide their identity from others as this technique is not cracking the encryption of Tor network.
Is This Vulnerability Real?
The question raised by Roger Dingledine, Tor project leader, is asking how genuine the accuracy of this Traffic fingerprinting method is. The question leaves both users and researchers puzzled.
So far Tor is still a popular option for people interested to protect their anonymity while browsing the internet. But as time goes by and new reports of successful breaches will be presented the phenomenon will be reduced. To get a better results we suggest using TOR over a VPN with ours Anonymous VPN solution.
The MIT News article stated that the Tor project representatives were suggested a fix which might be added to the next version of it.