Researchers from Massachusetts Institute of Technology (MIT) have discovered a vulnerability in Tor which, if exploited, could reveal hidden application services with accuracy up to 88%.
Researchers from MIT and the Qatar Computing Research Institute (QCRI) managed to break the anonymity of the Tor network. Their study will be presented on Usenix Security Symposium to be held this summer.
Researchers have shown that an attacker can secretly enter the server, or access the information of a specific Tor user. This is possible, according to the researchers, to analyze the traffic patterns of encrypted data passing through a computer located on the Tor network.
Tor, comes from the initials of “The Onion Router.” Onion, which means onion, is a word that is used parabolically to show how it works service, which wraps each communication in several layers of encryption (like an onion). This is supposed to prevent information from being revealed without going through all the layers of encryption.
Hidden services now are websites that use the Tor network to protect itself in a similar way that the network protects users.
For the Tor network to work, it is necessary for computers to exchange a large amount of data during creation of a connection to a hidden service.
The researchers showed that by simply looking for the patterns of the number of packets passing in each direction through a secret "guard" service, a machine learning algorithm could determine the circuit with 99% accuracy. ”
So the researchers were able to decipher data through the association of traffic.
Furthermore, they were able to connect to a number of different hidden services proving that with a similar traffic analysis streams they could identify the services in question with 88% accuracy.
David Goulet, developer of Tor project said:
"At the moment we are considering countermeasures for a possible improvement of the secret services, but I think we need more concrete evidence to determine the issue."
The full press release of the MIT for the study of MIT and QCRI is available from the link below.