Traffic on the anonymity network Tor can be unmasked by observing one end of a communication route, according to research from Princeton University in New Jersey.
Academics from Princeton developed a suite of attacks named Raptor that exploits certain properties of Internet routing through the use of autonomous systems in order to uncloak those using the network to protect their privacy.
This is achieved partly through taking advantage of the fact that different border gateway protocols (BGP) paths might be used to send or receive traffic, making it more likely it will be intercepted in at least one direction.
It also relies on the fact that BGP paths change over time due to router failures and moving peer relationships, which provides some indication of who is using the Tor, and the "inherent insecurity" of the paths themselves, which can be hijacked or intercepted.
As part of the research the Princeton academics demonstrated the feasibility of these attacks, with the use of asymmetric BGP paths yielding a 95% successful traffic correlation with no false positives.
"Our experimental results show that Raptor attacks present a serious threat to the security of anonymity systems," the academics said, writing in a white paper.
"Our work highlights the dangers of abstracting network routing from the analysis of anonymity systems such as Tor, and motivates the design of next generation anonymity systems that resist Raptor."
They also recommended that the Tor Project, which runs the network, monitors routing to check whether users are being attacked, as well as implement more measures to secure routing.