Hackers promise to break Tor on a $3,000 budget

Hackers promise to break Tor on a $3,000 budget.

-- Tom

 

Together with other presentations mentioned here: https://www.wilderssecurity.com/threads/10-disturbing-attacks-at-black-hat-usa-2014.365547/ there will be, I hope, some interesting reports coming from this year's Black Hat.

 

That sounds like it costs a bit more than 3000$ and it seems to take an awful lot of time... For a government agency this is not a real issue, but they suggest that everyone can do it...

 

Notice that they said they could "deanonymize Tor users", not break Tor itself. I'd expect to see something similar to the attack on the browser bundle that was used against Silk Road or some other attack on the browser that would cause it to leak identifiable data or cause it to attempt to connect out directly instead of through Tor. If it was a direct attack against Tor itself, it wouldn't require a couple of months to get results.

 

Given the language, this is probably some sort of malign relay attack. And/or perhaps they've come up with a new way to rapidly DoS relays.

Edit: As I noted off-topic on the big NSA thread, I'm guessing followup on these:

Johnson et al. (2013) Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries
http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf

Jansen et al. (2014) The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network
http://www.robgjansen.com/publications/sniper-ndss2014.pdf

 

6 months? Is this if they can target the same person through an email or some identity and follow them for 6 months? I don't see how they could compare traffic. Wouldn't they need to have access to all entry and exit nodes?

 

It's easier (worse) than that

The adversary just runs a bunch of relays. It allows some to mature, and get the entry guard flag. The rest it manages to become middle and exit relays, by providing higher bandwidth but not quite enough uptime reliability to get the entry guard flag. Then it just watches the Tor conversations using its relays, and compares traffic patterns among them all.

When it sees matching conversations from two of its relays, it checks Atlas to determine whether all four remote communications partners are known Tor relays. If both of these relays have a partner that's not a known Tor relay, it suspects that they are the entry guard and exit node for a circuit. If only one of these two relays has a partner that's not a known Tor relay, the adversary suspects it's either the entry guard or the exit node for a circuit. It's not hard to determine whether non-relay partners are users or content servers.

When they say "that 80% of all types of users may be deanonymized", they're not talking about targeted attacks. They're just deanonymizing circuits at random. The targeting comes in through looking at user IPs and/or content servers in the circuits that they've deanonymized. But once they have one of a user's entry guards, they can easily focus on them.

Edit: I can be so dyslexic I've fixed the part about figuring out relay roles.

 

Let me see if I understand this. If they see two connections on any two of their own relays that look like they are using the same amount of bandwidth (or whatever they use to compare), they assume that this is the same person. (Or can they see traffic from other Tor nodes, too?) And if they happen to own the entry node, they can see the IP address of that person? Then you also mentioned that if they own the entry server then they can examine the content? I thought that was all encrypted.

Is a relay the same as a node?

I am wondering about all of this. Steve Topletz made a claim like this when Xerobank was first out. I spoke to him once. He was on a voip phone and I spoke to him briefly. Anyway, he said that Tor wasn't safe and that he could spend a few thousand dollars and buy a bunch of Tor relays and deanonymize people. But that was like 5 years or so ago. So maybe this is not so new. And maybe it isn't as easy as it sounds.

Anyway, what will they do when they find that the connection coming into the entry node is from a VPN, which is coming from another VPN? That changes the story a little, I think.

 

Right. Their relays participate in many Tor circuits. For each circuit, they know public IP addresses for adjacent participants (other relays, users or content servers). They do traffic analysis using in-circuit cell traffic (which they see as relays) rather than Internet-level TCP traffic (which an observer can see between relays). I gather that using cell data is much cleaner, because cell size is constant and there's no retransmission chaos.

For each of their relays/nodes/ORs, they only see traffic that passes through it.

Yes. They know that a relay is an entry guard or an exit node when one of its circuit partners is not another Tor relay. Then they check out the IP address, and determine whether it's a user or a content server.

No, they can only see content if their relay is an exit, and the content isn't end-to-end encrypted.

Yes. As far as I know, relay = node = OR (onion relay). But some people use "relay node" to mean "middle node"

Well, it's certainly not easy. Attackers need many skills. But it's far easier now to rent, setup and manage numerous servers, by using AWS and other cloud services.

Right. There's no malign relay attack for VPNs The adversary would need to work back through the VPN chain. Global adversaries could attempt traffic analysis.

 

Here's a few reasons why I think this is much ado about not-much-of-anything...

For one thing...

Silk Road Author Arrested Due to Bad Operational Security [NOT a flaw or break in Tor.]

And further,

How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID

...which Schneier basically summed up multiple times as "the NSA can't break Tor, and it pisses them off." Call me Mr. Skeptical, but if the top minds in the field with an $11 Billion annual budget can't do it, I have a little bit of a hard time believing a couple of dudes at Black Hat and just enough money to buy a Segway will do it.

 

For adversaries with numerous fast relays, it's apparently not too hard over several months to become an entry guard for most Tor users, and identify their IP addresses. But that's not such a big deal. After all, ISPs and VPN providers see who's using Tor. Even so, Tor traffic is encrypted to the exit node, so neither entry guards nor ISPs and VPNs can see content or IPs of content servers.

What is hard is targeting the activity of particular Tor users, or deanonymizing Tor users who are accessing particular content servers. There are just too many Tor users, and they change circuits too often.

 

Sounds like FUD to me. Total FUD.

 

Either way, the solution to this type of attack lies with us. What would make such an attack possible is the small number of exits and relays. If users increased the number of relays by a factor of 10, that kind of attack would become much harder and extremely expensive. Once again, the ball is in our court.

 

And the court of Austria, too, evidently...

https://www.wilderssecurity.com/threads/tor-exit-node-operator-prosecuted-in-austria.365628/

How many nodes are you operating, btw?

 

The Austrian case is sad, but it doesn't set precedent , even in Austria.

 

The talk has been canceled by the investigators.

It's apparently a new bug, and it's being patched.

See https://lists.torproject.org/pipermail/tor-talk/2014-July/033954.html and following messages.

 

I hate it when these "talks" get cancelled. The "tin foil" in me always wonders if someone doesn't want a vulnerability exposed so that it can be exploited. I personally have great confidence in the TOR system.

 

According to Black Hat, it was pulled at the request of lawyers for Carnegie-Mellon University. The researchers work in the CERT Division of CMU's Software Engineering Institute (SEI). Apparently, aspects of their work hadn't been cleared for public release.

https://www.cert.org/about/

Maybe the NSA doesn't want the vulnerability exposed.

In any case, Roger Dingledine has written:

https://lists.torproject.org/pipermail/tor-talk/2014-July/033956.html

 

http://arstechnica.com/security/2014/07/tor-developers-vow-to-fix-bug-that-can-uncloak-users/

 

See the 2014-07-27 blog post from arma[0]:

| 3.6.3 is an update to other components, like the browser. The Tor
| version remains the same.
|
| Sit tight, there's another update coming. But that said, the next
| update won't be urgent, since the underlying issue isn't one where
| we need to put out a patch to the code. More details soon!

[0] https://blog.torproject.org/blog/tor-browser-363-released

 

Tor security advisory: "relay early" traffic confirmation attack
https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack

 

Attack on Tor Has Likely Stripped Users of Anonymity.

Note: This article essentially references message #21's Tor security advisory: "relay early" traffic confirmation attack link on the torproject.org blog.

-- Tom

 

It really irritates me how some researchers do stuff like this, seemingly without regard for the consequences. It's as though they start to see exploitation as an end unto itself.

Services like Tor may be largely the province of hobbyists and criminals in the more affluent nations; in other places they're the best means of communication and information gathering for political activists. De-anonymizing Tor users en masse could have terrible political consequences, and terrible personal consequences for citizens of oppressive regimes. Even in the first world it might make things more dangerous for journalists.

Thanks so much for opening up Pandora's box, guys...

 

"BOSTON Reuters - Tor, the Internet privacy protecting service, said on Wednesday it discovered a compromise on its network that indicated somebody was trying to monitor the activity of its users.

"While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected," Tor said in a blog entry.....

Tor revealed details of the attack after researchers at Carnegie Mellon University said they had developed a method of identifying hundreds of thousands of Tor users.

Those researchers had planned to detail their technique at next week's Black Hat hacking conference in Las Vegas. The university canceled the talk after Tor developers complained to Carnegie Mellon."

The blog post said that it was not sure how much information the attackers were able to obtain in their efforts to monitor traffic on Tor.

It advised users to upgrade to the latest version of its software, which addresses the vulnerability that the attackers had exploited in this particular case, but said that may not guarantee the anonymity of users.


http://www.reuters.com/article/2014/07/30/us-privacy-software-attack-idUSKBN0FZ1RZ20140730

Sorry if a dupe

 

I Do Not Believe the Title of this thread accurately reflects current events

"Tor admits hackers have unmasked 'anonymous' users

The Tor Project, which operates an anonymous internet browsing network used worldwide by human rights activists and criminals alike, has warned users that an unprecedented hack may have revealed information on their browsing habits"


http://www.telegraph.co.uk/technolo...ts-hackers-have-unmasked-anonymous-users.html