=Paper=
{{Paper
|id=Vol-2144/paper4
|storemode=property
|title=Security Threats and Attacks on Tor
|pdfUrl=https://ceur-ws.org/Vol-2144/paper4.pdf
|volume=Vol-2144
|authors=Maria Khan,Muhammad Saddique,Muhammad Zohaib,Imran Ahmad
}}
==Security Threats and Attacks on Tor==
https://ceur-ws.org/Vol-2144/paper4.pdf
Security Threats and Attacks on Tor
Maria Khan, Muhammad Saddique, Muhammad Zohaib
Umar Pirzada, Afzaal Ali, Bilal Wadud Electrical and Electronics Engineering Department
Cecos University of IT & Emerging Sciences Near East University, North Cyprus
Peshawar, Pakistan e.m.xohaib@gmail.com
Icrg.csit@gmail.com
Imran Ahmad
Faculty of Computing, Riphah International University
Lahore, Pakistan
imran.ahmad@riphah.edu.pk
Additional systems were also developed on the as-
sumption that a mix will take low latency traffic. To
Abstract anonymize the conversation of phone calls ISDN mixes
[10], is designed, and for anonym zing web-mixes [12],
The Internet is in use nowadays all over the it also follows the same pattern. At the University of
world. While using the Internet, the identi- Dresden the Java Anon Proxy (JAP) is based on this
ties of the sender and receiver are not hid- idea and it is fulfilled and running.
den; to hide the sender and receiver iden-
tities anonymous communication was intro- Tor is a connected network for anonymizing TCP
duced. There are many anonymous commu- streams over the Internet [1]. It can report boundaries
nication systems developed but, the Onion in design of previous Onion Routing [2-5], by build-
Router (Tor) is the most deployed anonymous ing up unspoiled forward confidentiality, then bottle-
communication system that provides online neck control, then data purity or integrity, then cus-
anonymity and privacy. There are vast se- tomizable exit policies, then index servers, and then
curity threats/attacks on Tor that are to be location-hidden services using meeting points. Tor
considered. In this article, the current attacks works on real-world internet, which requires no spe-
on Tor - an effort to categorize them for fur- cial power or core adjustments, and needs little si-
ther analysis are discussed. multaneity or direction between nodes, and delivers
a sane compromise between efficiency, usability and
1 Introduction anonymity. With the constant and even ever increas-
ing attention that TOR is witnessing, we provide, in
David Chaum first introduced Anonymous communi- this paper, a fresh view of the security threats and at-
cation networks as a building block for anonymity. In tacks on TOR. These attacks are groups in categories
the sending and receiving of a message the mix acts based on their types Section 2, provides a literature
as a keep-convey relay that is used to veil the link be- review. While the design goals and non-design goals
tween sender and receiver [6]. Here the few mix based of Tor are outlined in section 3. The threat model for
designs that have been proposed and carried out for Tor is presented in section 4. Section 5 overviews Tor
secret email are the best particularly Babel [7], Mix- design. And section 6 presents the different types of
master [8], and the fresher Mix minion [9]. For e-mail, security threats/attacks against Tor. In section 7, we
their latency is acceptable, but for web, browsing it is conclude the paper.
un-suitable for communicating applications.
Copyright c by the paper’s authors. Copying permitted for 2 Literature Review
private and academic purposes.
In: A. Editor, B. Coeditor (eds.): Proceedings of the XYZ
Before onion routing, an implementation based on
Workshop, Location, Country, DD-MMM-YYYY, published at a simple model by David Chaum of the University
http://ceur-ws.org of California, Berkeley [13], was introduced to solve
�the problem of source and destination identification duce prohibitive intervals. Tor requires few conforma-
through traffic analysis. To hide the identity of sender tion decisions as potential. And finally, on all common
from the receiver entity, Chaum mix was introduced. platforms Tor should be easy to implement; No vari-
In this approach, we have all sent back and forth all the ation is required for the operating system to make it
traffic from sender to receiver which goes over a proxy unidentified (Tor currently runs on Linux, UNIX, and
that is able to disinfect the sender and/or the receiver others).
information if needed; however, since the sender is the
Mobility: In the real world it is used and its design is
main focus of the problem then the receivers identity
deployed. For example, asking more bandwidth than
is kept as it. In this case to keep the path of sender
volunteers want to give so that it should not be costly
and receiver identities, the only thing is the proxy.
to run, by giving permission to attackers to join onion
While sending the information to receiver the message
routers in illegal events. Moreover, it should not put
is encrypted and decrypted by the series of public and
a burden on operators, for core patches, or different
private keys of Chaum mixes.
proxies for each protocol nor should it be problematic
A. Onion routing: Onion routers are special proxies or expensive to implement. —In addition, there is no
that forward/relay the data between sender and re- need for non-anonymous parties (just like websites) for
ceiver. A normal user-level process is run by each our software to be run. This goal cannot be achieved
router without any special privileges. There is a TLS for known users talking to unidentified servers.
connection between onion routers. The onion routers
Flexibility: The protocol is well identified and also flex-
accept TDC data streams and mingle them through
ible, so Tor could be a platform for future research.
the circuits. The exit router of the circuit is linked to
We have many open issues in low-latency anonymous
the destination.
networks, just like making dummy traffic or stopping
B. TOR: The Second Generation Onion Routing: Tor Sybil attacks [19], it can be solved freely from the prob-
[14, 15, 16], the onion router, is the largest and the lems, which are dug up by Tor. Hopefully future sys-
most deployed anonymous communication system in tems will not be necessary to recreate Tors design.
the present era. It is used in more than 78 countries
with 6755 relays to give online secrecy and privacy. In
recent years, Tor has become a research hotspot in the 3.2 Non-goals:
anonymous communication systems world.
In preferring simple and deployable designs, it also has
openly delayed numerous imaginable goals, because
3 Design Goals/Non-Goals Of Tor they are answered in some place, or because they have
3.1 Design Goals: not been answered yet.
No protocol standardization: Tor has no-protocol nor-
Systems designed for anonymity are lowlatency, to fol-
malization like Privoxy. If a sender wants to be uniden-
low to annoy attackers from joining communication
tified from the other party while using difficult and
partners, or from joining many communications to or
random protocols e.g. HTTP, Tor has to be wrapped
from a specific user. For this purpose; however, some
with filtering proxy like Privoxy to cover difference be-
ideas have been introduced Tors development.
tween clients and remove protocol features that reveal
Simple design: In simple design the parameters of se- identity. With this portion Tor is capable of providing
curity and the protocol design are well-understood. In services that are not known to the network but enough
simple design extra features execute implementation to the server such as SSH. Similarly, Tor is unable to
and difficulty expenses; and by accumulation unver- add tunneling for protocols like UDP; this should be
ified methods to the design risks mobility, legibility, provided by some other service if possible.
and simplicity of security examination. The purpose of
Not protected against end-to-end attacks: Tor doesnt
Tor is to utilize a reserved and non-variant system that
completely resolve correlation attacks. Some solutions
mingles the best known ways to protective anonymity.
are still proposed such as running your own onion
Usability: Due to anonymity, systems hide users router.
among users, and it is a weak system if it has a low
Non steganography: Tor does not hide who is attached
number of users because a system which has less users;
to the network.
and thus, provides less anonymity. Usability is not
only versatility but also a defense requirement [17, Not peer-to-peer: In a non-peer-to-peer distributing
18]. Therefore, Tor not only needs adapting to context surrounding where Tarzan and Morph Mix aim to scale
aware applications. Moreover, Tor should not intro- with many small life servers, many of them are con-
�trolled by an opponent. But there are still some de- tunnel each node knows only the previous node and
batable issues in this method [20, 21]. the upcoming node in the path. In reality, the first
entry node knows the beginning of the tunnel, but it
4 Threat Model does not identify the destination, and the exit node
knows the destination but not the beginning. But if
During the analytical study of anonymity designs a the nodes are observed they can do the traffic analysis
worldwide passive opponent is the most regularly as- to find the link of tunnel.
sumed threat. But similar to other applied low-latency
systems, In Tor we have no safety against such a strong In Tor nodes are filed with the index service which
opponent. As another possibility, we consider an oppo- is reliable. In Tor each node shows its own IP address,
nent who can monitor some part of the network traffic. its public key and its exit policies for proving services.
In Tor an opponent can remove, introduce, modify, or In a span of time one can find the bandwidth value
postpone traffic. And in Tor the opponent can control that is found by looking for the highest bandwidth
his own onion routers. In addition, an opponent can perceived by the node. Uptime of each node is also
also adjust certain portions of the onion router. The upheld by directory server. Tor route creation algo-
objective of an opponent is to identify both the sender rithm, implemented by the Tor beginner will have to
and receiver. In low-latency anonymity systems lay- choose all nodes with better policies and then it can
ered encryptions are used. While an adversary can choose a random node from the list, with the group
observe both the ends so a passive attack can settle influenced by the specified bandwidth.
a doubt that client is communicating with server, but Wright et al, [10, 11], firstly describes guard nodes
only if the effectiveness/timing and volume architec- which can defend against the predecessors attack. For
tures of the traffic on the connection are sufficiently its path each client can select three nodes and can
distinct. While active attackers can induce timing sig- select entry nodes from all of Guard nodes based on
natures on the traffic to compel distinct architectures. a high uptime that has a bandwidth over a certain
Now an adversary wants to make a link with a client threshold value.
through her communication associates; an adversary
can also try to make the profile behavior of client. The 6 Types of Security Threats/Attacks
adversary can also accumulate passive attacks by de-
On Tor
tecting the edges of the traffic and correlating traffic
coming and leaving the network by looking for packet 6.1 Passive Attacks:
size, timing. By negotiating routers or keys an ad-
versary can also mount active attacks; or by repro- Tracking users traffic: by monitoring users connection
ducing traffic; particularly refusing service to trustable show not show his/her data but will show the similar
routers to move users to compromised routers, or re- traffic patterns.
fusing services to users to observe the data stoppage
somewhere else in the network too; or through intro- Monitoring users data: Data at the end is encrypted,
ducing designs into traffic that can be traced later. An not the connection. In order to hide application data
opponent can compel and undermine the index servers traffic, Tor can use Privoxy and filtering services.
to provide users opposing opinions of network status. Selections distinguish ability: Tor allows clients to se-
Moreover, the adversary can exert an effort to mini- lect configuration selection. With this clients who are
mize the networks reliability by compromising relays fewer might give up maximum anonymity by looking
or by introducing damaging activities from coherent different.
nodes and an opponent is struggling to make them
reserve; thus making the network unreliable flushes End-to-end timing correlation: the safety currently
users to other communication systems having mini- presented against such analysis to hide the link be-
mum anonymity, where they can compromise them tween the OP and the first entry node by running a
easily. Tor relay or behind the firewall.
End-to-end size correlation: observing the data pack-
5 Thor Design ets will be useful in the analysis of end points of traffic.
Tor works on the principle of onion routing [1]; the
data is moved forward through a number of nodes with 6.2 Active Attacks:
layers of encryption, one layer is removed by each node
in the network. In a telescoping fashion the tunnel is Compromise keys: An attacker who comes to know a
constructed and routed across the network. In the relays identity key replaces that relay forever.
�Run a recipient: An opponent controlling a web server onion routers to create a denial-of-service attack. If
knows the timing outlines of the users who are linking the looping phase attack is successful, then the ma-
to it, and can introduce random outlines in its replies. licious onion routers are more likely to be selected in
circuits, because the other legitimate onion routers are
Run an onion proxy: Sometimes, it might be necessary
busy. This advantage of the adversary can be used to
for the proxy to execute remotely. Identification of
execute further attacks.
onion proxy is the identification of all the links that
will occur as a consequence. AS and global level attacks: An autonomous system is
an independent network, and an Internet that consists
Denial of service: An attacker can over load the ran-
of these ASes. For instance, when sending a message
dom nodes to cut off its link from the network.
using Tor, the traffic goes through different multiple
autonomous systems. More importantly, if both the
6.3 Index Directory Attacks: entry and exit onion routers are located at the same
AS, then a statistical correlation attack can be per-
Destroy index servers: If some index servers vanished, formed on the AS-level [26], [27].
the remaining can still convey the details of the net-
work and create a consensus index. If most of them
6.5 Traffic and time analysis based attacks:
are destroyed, then the directory will not have enough
signatures for the users. Low-Cost Traffic Analysis of Tor: presents an attack
Subvert an index server: By hijacking a directory that includes traffic-analysis techniques and how an
server, an opponent can influence the last index to initiators, otherwise, unrelated streams can be linked
some extent. back. The term low-cost means that the attacker is
not required to be a global adversary, in fact only a
partial view of the network is assumed.
6.4 Attacks against meeting points:
A cell counter based attack against Tor: introduces a
Make many requests: An opponent can cut off the Bob traffic analysis based active watermarking technique
service by overloading his entry points with requests. that reveals the communication partners in a Tor cir-
cuit.
Compromise a meeting point: A meeting point is not
going to respond further on a circuit, since all data Browser-Based Attacks on Tor: presents a time based
traffic is encrypted going through the meeting point attack that exploits browser behavior when tampering
with a session key which is a mutual key of Alice and HTTP traffic [28-32]. A Practical Congestion Attack
Bob [22, 23]. on Tor Using Long Paths: is an attack that reveals an
entire path of a user in a modern Tor network.
Circuit clogging attack: In a circuit clogging attack,
the premise is that a client creates a circuit and con- Passive-Logging Attacks against Anonymous Commu-
nects to a server using that circuit. The server or parts nications: Systems examine a predecessor attack and
of the content of the server (for example an advertising an intersection attack. The predecessor attack pro-
frame) is malicious. The malicious content alternates vides probability values to reveal the users identity.
between sending a lot of data and sending very little In intersection attack the adversary keeps a list of ad-
data. The three Tor relays that show an increase in dresses that have been active when the victim has con-
network latency in the monitoring are most likely: the tacted his destination.
three relays used in the circuit by the client. A detec-
tion scheme for clients is also proposed. If it detects a 7 Conclusion
high and unexpected increase in network latency, the
This paper described the complete architecture of Tor;
user can disconnect from the server and destroy the
i.e., its circuit establishment and workings. Moreover,
affected circuit [24].
some attacks are described, which had been conducted
Sniper Attack: Denial of service (DoS) attack against on Tor to confirm that when two parties are communi-
Tor that may be used to anonymously and selectively cating with each other over Tor by observing patterns,
disable arbitrary Tor relays. The attack can be used such as timing and volume of traffic, they can disable
to deanonymize hidden services by selectively disabling Tors network
relays, heavily influencing paths to those in control of
the adversary [25]. References
Entry and exit onion router selection attacks: The ma- [1] Roger Dingledine, Nick Mathewson and Paul
licious onion proxy creates loops in circuits to target Syverson. Tor: the second-generation onion
� router, in Proceedings of the 13thconference [11] Rainer Bohme, George Danezis, Claudia
on USENIX Security Symposium - Volume Diaz, Stefan Kopsell and Andreas Pfitzmann.
13, 2004, pp. 2121. Mix cascades vs. peer-to-peer: Is one concept
superior. In Privacy Enhancing Technologies
[2] David Goldschlag, Michael Reed and Paul (PET 2004), Toronto, Canada, May 2004.
Syverson. Hiding routing information, infor-
mation Hiding, first international workshop, [12] Oliver Berthold, Hannes Federrath and Ste-
Springer Verlag LNCS 1174, on May 1996, fan Kopsell. Web Mixes: A system for
pp. 137150. anonymous and unobservable Internet ac-
cess. Designing Privacy Enhancing Technolo-
[3] Michael Reed, Paul Syverson and David gies, volume 2009 of LNCS, Springer-Verlag,
Goldschlag. Anonymous connections and July 2000, pp. 115129.
onion Routing. IEEE Journal on Selected Ar-
eas in Communications, 16(4), on May 1998, [13] David Chaum. Untraceable electronic mail,
pp. 482494. return addresses, and digital pseudonyms.
ACM Communication, volume 24(2), on
[4] Paul Syverson, Michael Reed and David 1981, pp. 8488.
Goldschlag. Onion Routing access configura-
tions. In DARPA Information Survivability [14] https://www.torproject.org/ accessed on 24
Conference and Exposition (DISCEX 2000), December, 2017.
volume 1, pp. 3440.
[15] Roger Dingledine, Nick Mathewson and Paul
[5] Paul Syverson, Gene Tsudik, Michael Reed Syverson. Tor: the second-generation onion
and Carl Landwehr. Towards an Analysis of router, in Proceedings of the 13thconference
Onion RoutingSecurity. Workshop on Desig- on USENIX Security Symposium - Volume
nIssue in Anonymity and Un observability, 13, 2004, pp. 2121.
Springer-Verlag, LNCS 2009, on July 2000, [16] David Goldschlag, Michael Reed and Paul
pp. 96114. Syverson. Hiding Routing Information, in
[6] David Chaum. Untraceable electronic mail, Proceedings of Information Hiding: First In-
return addresses, and digital pseudonyms. ternational Workshop, Ed. Springer-Verlag,
Communications of the ACM 24(2), on LNCS 1174, May 1996.
February 1981, pp.8488. [17] Alessandro Acquisti, Roger Dingledine and
Paul Syverson. On the economics of
[7] George Danezis, Roger Dingledine and Nick
anonymity, in Springer-Verlag, LNCS 2742,
Mathewson. Mix minion: Design of a type
2003, pp. 84-88.
III anonymous remailer protocol. In IEEE
Symposium on Security and Privacy, Berke- [18] Bassam Zantout and Ramzi Haraty. I2P
ley, CA, 11-14 May 2003. Data Communication System. Proceedings of
the Tenth International Conference on Net-
[8] Ceki Gulcu and Gene Tsudik. Mixing E-mail
works (ICN 2011), St. Maarten, The Nether-
with Babel. In Network and Distributed Secu-
lands Antilles, pp. 401-409, January 2011.
rity Symposium, NDSS 96, San Diego, Cali-
fornia, on February 1996, pp. 216. [19] Michael Freedman and Robert Morris.
Tarzan: A peer-to-peer anonym zing network
[9] Ulf Moeller, Lance Cottrell, Peter Palfrader layer. In 9th ACM Conference on Com-
and Len Sassaman. Mixmaster protocol ver- puter and Communications Security (CCS
sion 2. Technical report, Network Working 2002),Washington, DC, on November 2002,
Group, on May 25 2004. pp. 193-206.
[10] Andreas Pfitzmann, Birgit Pfitzmann and [20] Marc Rennhard and Bernhard Plattner.
Michael Waidner. ISDN-mixes: Untrace- Practical anonymity for the masses with
able communication with very small band- morph mix, in Springer-Verlag. LNCS (forth-
width overhead. Conference on Communi- coming), 2004, pp. 233-250.
cation in DistributedSystems, volume 267
of Informatik-Fachberichte, Springer-Verlag, [21] John Douceur. The Sybil Attack. In Proceed-
February 1991, pp. 451463. ings of the 1st International Peer To Peer
� Systems Workshop (IPTPS), on Mar 2002, Traffic Analysis and Assuring Data Integrity
pp. 251-260. in Anonymous Systems. Computers in Hu-
man Behavior Journal. Volume 51, Part B,
[22] Roger Dingledine, Nick Mathewson and Paul October 2015, Pages 780791.
Syverson. Tor: the second-generation onion
router, in Proceedings of the 13thconference [32] Ramzi A. Haraty and Bassam Zantout. The
on USENIX Security Symposium - Volume TOR Data Communication System A Sur-
13.USENIX Association, 2004, pp. 2121. vey. Proceedings of the Sixth IEEE In-
ternational Workshop on Performance Eval-
[23] Juha Salo. Recent Attacks On Tor. Aalto uation of Communications in Distributed
University, T-110.5290 Seminar on Network Systems and Web based Service Architec-
Security Fall 2010, updated on 2012-05-06. tures (PEDISWESA2014). Madeira, Portu-
gal. June 2014.
[24] Chan Tin, Jiyoung Shin and Jiangmin Yu
. Revisiting Circuit Clogging Attacks on
Tor Availability. Reliability and Security
(ARES), 2013 Eighth International Confer-
ence on 2-6 Sept. 2013, pp. 131 140.
[25] Rob Jansen, FlorianTschorschz, Aaron John-
son and Bjorn Scheuermannz. The Sniper At-
tack: Anonymously Deanonymizing and Dis-
abling the Tor Network. NDSS 14, on 23-26
February 2014, San Diego, CA, USA.
[26] Steven Murdoch and George Danezis. Low-
cost traffic analysis of Tor, Published in Se-
curity and Privacy. 2005 IEEE Symposium,
on 8-11 May 2005, pp. 183 195
[27] B. Zantout and R. A. Haraty. A Compara-
tive Study between BitTorrent and NetCamo
Data Communication Systems. International
Journal of Computational Intelligence and
Information Security. March 2010. Volume 1,
Number 2, 2010.
[28] R. A. Haraty and B. Zantout. The TOR Data
Communication System. Journal of Com-
munications and Networks. ISSN 1229-2370.
Volume 16, pp. 415-420, August 2014.
[29] Abdul Nasser El-Kassar and Ramzi A.
Haraty. El Gamal Public-key Cryptosys-
tem Using Reducible Polynomials over a Fi-
nite Field. Proceedings of the 13th Interna-
tional Conference on Intelligent & Adaptive
Systems and Software Engineering (IASSE-
2004). Nice, France. July 2004.
[30] Ramzi A. Haraty, Abdul Nasser El-Kassar
and Bilal Shebaro. A Comparative Study
of RSA-based Digital Signature Algorithms.
Journal of Mathematics and Statistics. ISSN:
1549-3644. Volume 2, Number 1. 2006.
[31] R. A. Haraty and B. Zantout A
Collaborative-based approach to Avoiding
�