A joint American-Israeli team of cybersecurity researchers have developed a new Tor client, Astoria, capable of safeguarding a user’s privacy, even from the NSA.
With internet anonymity becoming more and more difficult to establish, people have often used Tor, the anonymizing network to prevent their activity from being tracked. However, with powerful intelligence agencies backed with near limitless funding and aggressive capabilities such as the NSA, Tor isn’t as safe as first thought of, from the watchful, careful eyes of surveillance, regardless of the source. To combat and counter this, Israeli-American researchers have developed and built Astoria, a new Tor client that specifically focuses and succeeds at defeating anonymous systems that’s set up to intrude into Tor’s anonymity.
Tor is used by those banking online for higher privacy, as well as journalists and individuals in countries without free-speech laws where they could be jailed or worse for yielding their rights to fundamental speech.
How Tor works
- A user opens the Tor browser/client to connect to the network through an entry node.
- The user’s Internet traffic is then encrypted before passing through a middle relay and then again with an exit relay. This user-relay connection is known as a circuit. All of this is done to reach a website, any website anonymously.
- When the above relays occur, the website receiving the ping and connection from the user only knows an anonymous Tor user being connected and nothing about the actual person connecting to the website.
- There are over 6,000 entry nodes in the network, making it nearly impossible to know who is connected and using Tor.
The above encryption is flawed however. With “timing attacks” an adversary or eavesdropper can take control of the entry and exit relays of the Tor network. When this happens, researchers say that users are de-anonymized on Tor within mere minutes.
The research paper also states that 58 percent of Tor circuits are compromised and vulnerable to network-level ‘intruders’ such as the Britain’s Government Communications Headquarters (GCHQ) and the NSA.
Astoria. The most secure Tor client ever.
Astoria, the researchers claim, reduces the number of these vulnerable circuits from 58 percent to a mere 5.8 percent. At its core, Astoria has an algorithm designed to predict attacks with high accuracy and then securely select specific relays that decreases the probability of “timing attacks.”
“In addition to providing high-levels of security against such attacks, Astoria also has performance that is within a reasonable distance from the current Tor client,” the researchers wrote. “Unlike other AS-aware Tor clients, Astoria also considers how circuits should be built in the worst case—i.e., when there are no safe relays that are available. Further, Astoria is a good network citizen and works to ensure that the all circuits created by it are load-balanced across the volunteer driven Tor network.”
While Astoria provides multiple security options, it’s both most effective and most usable when at its highest security level, the researchers say, so “Astoria is a usable substitute for the vanilla Tor client only in scenarios where security is a high priority.”
The full research paper is available to read here.