Researchers from Massachusetts Institute of Technology (MIT) have discovered a vulnerability in Tor which, if exploited, could reveal hidden application services with accuracy up to 88%.
Researchers from MIT and Qatar Computing Research Institute (QCRI) managed to breach the anonymity of the Tor network. Their study will be presented at the Usenix Security Symposium this summer.
The researchers proved that an attacker can sneak into the server, or gain access to the information of a specific Tor user. This is possible according to the researchers by analyzing the movement patterns of encrypted data passing through one computer located on the Tor network.
Tor comes from the initials of "The Onion Router." Onion, meaning onion, is a parabolic word used to indicate how the service works, wrapping each communication in various layers of encryption (like the onion). This supposedly does not allow information to be disclosed without going through all the layers of encryption.
Hidden services now are websites that use the Tor network to protect itself in a similar way that the network protects users.
For the Tor network to work, it is necessary for computers to exchange a large amount of data during creation one connectionς σε μια κρυφή υπηρεσία.
The researchers showed that by simply looking for the patterns of the number of packets passing in each direction through a secret "guard" service, a machine learning algorithm could determine the circuit with 99% accuracy. ”
So the researchers were able to decipher data through the association of traffic.
In addition, they were able to connect with a number of different hidden services proving that with a similar analysis of traffic streams they could locate these services with 88% accuracy.
David Goulet, developer of the ToR project, said:
"At the moment we are considering countermeasures for a possible improvement of the secret services, but I think we need more concrete evidence to determine the issue."
The full press release of the MIT for the study of MIT and QCRI is available from the link below.