Researchers Able to Analyze Tor Traffic Without Breaking Encryption
MIT researchers have discovered that with relatively little effort, certain information about Tor (The Onion Router) packets can be revealed. By simply monitoring the packets being relayed by a Tor node, the researchers were able to differentiate between Web-browsing circuits, introduction-point circuits, and rendezvous point circuits.
The researchers also concluded that it was possible to identify hidden services by looking at their packets, without breaking any encryption. The implication is that a spy computer somewhere in the Tor chain could very easily identify traffic going to and from certain websites. Encrypted or not, such information on certain darknet sites might change everything. Child pornography could potentially become much more difficult to hide and traffic.
The researchers have recommendations for improving the security of Tor, however. They say that sending dummy packets and making all circuits look the same would solve the problem of circuit identification. According to a visiting scientist at MIT, Mashael AlSabah:
We recommend that they mask the sequences so that all the sequences look the same. You send dummy packets to make all five types of circuits look similar.
There have long been grumblings that Tor is not the most secure way to communicate. Other protocols have even risen to serve the same purpose. However Tor remains the most well-known and accessible way for people to avoid repression and censorship, and it is still a first recommendation when someone is looking for a way around being tracked.
Images from Shutterstock.