View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Tor users at risk of unmasking, says Princeton

Academics find way to sniff networks through one end of communication.

By Jimmy Nicholls

Traffic on the anonymity network Tor can be unmasked by observing one end of a communication route, according to research from Princeton University in New Jersey.

Academics from Princeton developed a suite of attacks named Raptor that exploits certain properties of Internet routing through the use of autonomous systems in order to uncloak those using the network to protect their privacy.

This is achieved partly through taking advantage of the fact that different border gateway protocols (BGP) paths might be used to send or receive traffic, making it more likely it will be intercepted in at least one direction.

It also relies on the fact that BGP paths change over time due to router failures and moving peer relationships, which provides some indication of who is using the Tor, and the "inherent insecurity" of the paths themselves, which can be hijacked or intercepted.

As part of the research the Princeton academics demonstrated the feasibility of these attacks, with the use of asymmetric BGP paths yielding a 95% successful traffic correlation with no false positives.

"Our experimental results show that Raptor attacks present a serious threat to the security of anonymity systems," the academics said, writing in a white paper.

"Our work highlights the dangers of abstracting network routing from the analysis of anonymity systems such as Tor, and motivates the design of next generation anonymity systems that resist Raptor."

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

They also recommended that the Tor Project, which runs the network, monitors routing to check whether users are being attacked, as well as implement more measures to secure routing.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU