TOR Network Isn’t So Anonymous
A new study says it is possible to unmask 81% of TOR users.
A recent research project claims it is possible for a well-funded and powerful entity such as a nation-state to identify up to 81% of people using the so-called TOR anonymity network. The technique relies on traffic analysis and depends on injecting a traffic pattern, such as an HTML file, then monitoring traffic at the exit node.
The study was conducted by a team led by Sambuddho Chakravarty, now with Indraprastha Institute of Information Technology in Delhi, India, while he was a student at Columbia University, New York. According to the paper, costly and time-consuming packet-level traffic analysis is the most accurate means for unmasking anonymous users, but the 81% accuracy is actually achievable using the less accurate but more time-efficient NetFlow monitoring technology built into Cisco routers.
The full methodology described in the paper requires a well-funded and powerful organization such as the NSA or another government-funded agency, but according to the paper, a single autonomous system was able to monitor 39% of randomly generated TOR circuits.
The technique exploits the fact that TOR is designed for low latency. It is unclear at this point whether the TOR creators will have a fix for foiling this monitoring ploy or if another alternative anonymity tool will rise to replace the popular TOR. In either case, the anonymity arms race has started another chapter.