We reported last week that Russia has offered a $110,000 prize for ‘cracking’ Tor, and also how a research team working for Carnegie-Mellon University and CERT had a talk which claimed to deanonymize Tor users cancelled on the advice of lawyers.
Well, in a recent blog post, Tor co-creator Roger Dingledine warned that an attack has been successfully detected which may have allowed the attackers to identify Tor users,
‘On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks.
The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4. While we don’t know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected.’
The known vulnerability has now been patched, but,
‘Unfortunately, it’s still unclear what “affected” includes. We know the attack looked for users who fetched hidden service descriptors, but the attackers likely were not able to see any application-level traffic (e.g. what pages were loaded or even whether users visited the hidden service they looked up). The attack probably also tried to learn who published hidden service descriptors, which would allow the attackers to learn the location of that hidden service. In theory the attack could also be used to link users to their destinations on normal Tor circuits too, but we found no evidence that the attackers operated any exit relays, making this attack less likely. And finally, we don’t know how much data the attackers kept, and due to the way the attack was deployed (more details below), their protocol header modifications might have aided other attackers in deanonymizing users too.’
As for who is responsible, suspicion lies at the door of the Carnegie-Mellon researchers whose Black Hat 2014 talk got cancelled a couple of weeks ago,
‘They haven’t answered our emails lately, so we don’t know for sure, but it seems likely that the answer to Q1 [“Was this the Black Hat 2014 talk that got canceled recently?”] is “yes”.’
Dingledine goes on, however, to note that if this is indeed the case, then it is at least preferable to the information falling into more worrying party’s hands,
‘In fact, we hope they *were* the ones doing the attacks, since otherwise it means somebody else was.’
If the researchers were at fault, then it was a most irresponsible way in which to carry out research, a point likely understood by the Carnegie-Mellon University lawyers when they insisted that the conference talk be cancelled.
The blog post also notes that while known malicious Tor relays have been replaced, it is possible that others exist which have yet to be detected, and that malicious relays might have injected ‘the signal at any points besides the HSDir position.’