Experts from the Massachusetts Institute of Technology (MIT) and the Qatar Computing Research Institute (QCRI) have identified a vulnerability that affects the anonymity of the Tor network. A breach in the system allows you to identify hidden servers with an accuracy of 88 percent.
The Onion Router (Tor) is software created for the anonymity of Internet users. The system redirects traffic through a network of servers installed worldwide. The intermediate Tor nodes are the volunteer computers. Since packets passing between two nodes contain only information about nodes, the source and destination are effectively impersonal and protected from interception.
The Tor system allows you to visit Internet sites that cannot be detected by conventional search tools like Google, as well as by directly entering the website address. These hidden sites are part of the so-called Dark Web, which is often used to carry out illegal activities.
To date, there are about 5,000 Tor servers installed voluntarily in the world. These are computers of ordinary users who are concerned about their privacy on the Internet, journalists, lawyers, human rights activists, as well as computer hackers.
The Tor system implements onion routing technology, where packets are repeatedly encrypted and then sent through several network nodes. Each computer decrypts the "upper" layer of cipher (by analogy with cleaning the onions) and learns the future path of the packet. The rest of the computers act in a similar way. Thus, the intermediate nodes do not know the source, destination, or content of the packet.
According to IBTimes, the researchers developed computer algorithms that allow you to determine the type of traffic with 99 percent accuracy. It was discovered that without hacking into the Tor encryption system, you can find out whether it was a regular web request, an entry point (access to a hidden site) or a meeting point (simultaneous connection of several users to a hidden site).
A similar analysis of traffic allows you to identify the coordinates of Tor services with an accuracy of 88 percent.
The results of the study will be presented at the 24th Symposium on the security of computer systems and networks USENIX Security in Washington, DC, August 12-14.
The researchers recommend that the creators of Tor mask the sequence by sending dummy packets so that all types of strings look the same. According to them, this will help increase the anonymity of the network, but there is still no convincing evidence that this will completely eliminate the found vulnerability.
However, the thousands of sites displayed using browsers for anonymous Internet surfing do not hide from the Memex system, which was developed by the DARPA agency.
The article is based on materials .
Comments
Post a Comment