Researchers develop Tor client that could withstand timing attacks

American and Israeli researchers have developed a new Tor client that should protect users against so-called timing attacks. This attack method makes it possible to discover the identity of a user.

In timing attacks, which come in various variants, an attacker can sometimes discover the identity of a Tor user within minutes by gaining control over both the entry nodes and the exit relays. According to researchers, about 58 percent of the current Tor infrastructure is vulnerable to this type of attack, while in China this percentage could rise to 86 percent. There are fears that intelligence agencies such as the NSA and GCHQ will use these attack techniques to de-anonymize Tor users.

In an effort to protect users from timing attacks, US and Israeli researchers have developed a new Tor client. The client, called Astoria, would be able to reduce the number of vulnerable Tor connections in practice from 58 percent to 5.8 percent.

According to the makers, Astoria contains an algorithm that is more selective with making Tor connections via relays because it can better ‘predict’ certain attacks, such as timing attacks. If no secure relays are found, the algorithm chooses a random relay over the Tor network. In addition, Astoria would offer better load balancing to use the Tor network more efficiently.

Although timing attacks can never be completely prevented due to the design of the Tor network, Tor software developers try to counter such attacks by making them as expensive as possible. Software like Astoria should help with that, although the makers say that their Tor client is only useful in practice if a security level higher than that of the regular Tor client is required.