Friday, 07 October 2016 06:37

Researchers Discover How To Break Tor Anonymity


The Tor network has become the most widely used system for online anonymity.

It has been used by journalists, lawyers, and other professionals, and people residing in countries with repressive regimes to hide their Internet browsing habits, for over a decade.

In addition, websites hosting content that may be considered subversive have used Tor to conceal the actual location of their web servers.

However, researchers at the Massachusetts Institute of Technology (MIT) and Qatar Computing Research Institute (QCRI) have come up with a smart way to break Tor anonymity without even touching its onion encryption system.

They discovered that an adversary can deduce the server location of a hidden service or the actual source of the data coming to a particular user, by studying the traffic patterns of the encrypted data moving through one computer in the Tor network.

The researchers, led by Albert Kwon, a graduate student of computer science and electrical engineering, will demonstrate Tor’s vulnerability this summer at the Usenix Security Symposium.

How Tor Provides Anonymity

Basically, the Tor network is made up of Internet users who have installed the Tor software.

To provide anonymity to users, their Internet requests are wrapped in many layers of encryption and sent to a randomly selected Tor-enabled computer.

This computer is called the guard.

The guard will remove the initial layer of encryption and send the request to another randomly selected Tor-enabled computer which will peel off the next encryption layer.

The final Tor-enabled computer will take the last layer of encryption off and expose the final destination of the original user’s request.

The last computer is called the exit. No computer in the encryption chain knows both the source and destination of the request.

In addition, Tor’s hidden services allow users to hide the actual address of their servers through the use of Tor routers called “introduction points”.

Users’ browsers can therefore connect to those “introduction points” so that the provider of the hidden service can publish information without revealing any location details.

Once a browser and hidden host establish a connection through the introduction point, a Tor circuit is formed.

How an Attacker Can Break Tor Anonymity

Albert Kwon and his fellow researchers at MIT and QCRI revealed that an attacker can break Tor anonymity by ensuring that his computer becomes a guard on the Tor network or circuit.

This can be done by connecting many computers to the network so that one of them will eventually be randomly selected as a guard.

Then the computer can be used to snoop and study the data being passed back and forth in the circuit.

The researchers demonstrated that machine-learning algorithms, in programs installed on a guarded computer, could study this data and reveal whether the circuit was for ordinary anonymous web browsing or for a connection to a hidden service, with 99% accuracy.

In addition, they showed that a computer that becomes a guard for a hidden service can use the analysis of traffic patterns to reveal the actual identity of the host of the service, with 88% accuracy.

All these could be done without attempting to decode Tor’s encryption.


Effective Tor anonymity is vital for the protection of freedom of expression online.

So this revelation of Tor’s vulnerability is critical.

The researchers have suggested the use of dummy packets to make every type of circuit look similar.

With this new discovery, Tor’s developers have proposed the concealing of fingerprints of various circuits in future versions of the software so that attackers will not be able to study them successfully.

Source : Dark Web News


World's leading professional association of Internet Research Specialists - We deliver Knowledge, Education, Training, and Certification in the field of Professional Online Research. The AOFIRS is considered a major contributor in improving Web Search Skills and recognizes Online Research work as a full-time occupation for those that use the Internet as their primary source of information.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.