Karlstad University researchers have made the anonymity network Tor safer2020-01-22
The anonymity network Tor, used daily by millions of users around the world, is important for people in vulnerable situations, for instance in order to avoid surveillance or control. Two Karlstad University researchers have now identified flaws in Tor’s anonymity function and contributed to technologies that make the network safer for users.
The purpose of Tor is to allow users to surf the internet anonymously without information about visited webpages being registered. Despite this function, the flaws that the researchers have detected could make it possible in certain cases for attackers to see what webpages a user has visited.
“When a page is downloaded via Tor, a great many internet-based activities take place. For instance, domain names are checked, images are retrieved, and advertising agencies are contacted for ads. If an attacker is able to see a small part of this information, it can be used to boost attacks based on artificial intelligence. Potential attackers could for instance be countries that want to monitor their citizens or censor access to certain webpages”, says Tobias Pulls, Senior Lecturer in Computer Science at Karlstad University, who has made this discovery together with the doctoral student Rasmus Dahlberg.
More reliable technologies
In the past, technologies that use AI to analyse encrypted Tor traffic have been considered quite unreliable for attackers to use.
“Now that we have a better understanding of how attacks can be made more reliable, we can create better protection”, says Tobias Pulls. “We have contributed to small changes in the Tor network which are expected to make it more difficult for attackers to access the information, which is a short-term solution. In the long term, Tor will require new types of protective functions. We are working hard to develop such functions right now.”
Can Tor be trusted?
Tobias Pulls says that users can still trust Tor as a safe network for surfing anonymously.
“All other alternatives are clearly inferior, for instance if you use VPN or if you just surf the internet as usual.”
The Tor developers have shown great interest in the results and embraced the researchers’ suggestions for improvements. They also published an article in the official Tor blog when the scientific article was published. The article, “Website Fingerprinting with Website Oracles”, will be presented at the top-ranking conference PETS (Privacy Enhancing Technologies Symposium) in Montreal, Canada, in July.
This research has been funded by the Swedish Internet Foundation and the Knowledge foundation. Read the article published in the Tor blog here and the scientific article here.