Follow Us on WhatsApp | Telegram | Google News

Researchers Design new Tor client to avoid NSA attacks

Table of Contents
Tor client, Astoria - Tor client, Download Astoria

Security researcher from American and Israeli academics have developed a new anonymity Tor client called "Astoria" which is specially designed to avoid threat of intelligence like NSA and GCHQ.

Earlier there are many claims made that hackers and researcher have broke the Tor anonymity but till yet we have not yet seen the live demonstration. However, 58 percent of Tor circuits are vulnerable to network-level attackers, such as the NSA or Britain’s Government Communications Headquarters (GCHQ), so the new client, Astoria will make the Tor more stronger.

Tor, commonly called The Onion Router, started out as a project of the U.S. Naval Research Laboratory, but is now developed and maintained by a nonprofit organization called The Tor Project. The software allows users to access resources on the Internet masking their real IP (Internet Protocol) addresses. The encrypted traffic of a user is being routed through multiple relays in the network. Tor does not share your identifying information like your IP address and physical location with websites or service providers on the receiving end because they don't know who is visiting.

But something called "timing attacks" change the situation. When an adversary takes control of both the entry and exit relays, research shows they can potentially deanonymize Tor users within minutes.

About New client - Astoria
The new Tor client- Astoria reduces the number of vulnerable circuits from 58 percent to 5.8 percent. The new solution is the first designed to beat even the most recently proposed asymmetric correlation attacks on Tor.

Tor Astoria uses an algorithm which is designed to more accurately predict attacks and then accordingly chooses the best and secure route to make a connection that mitigate timing attack opportunities.

Researcher says that - 
Astoria adroitly considers how circuits should, be made “when there are no safe possibilities,” how to safely balance the growing bandwidth load across the Tor network, and how to keep Tor’s performance “reasonable” and relatively fast even when Astoria is in its most secure configuration.
By choosing relays based on lowering the threat of eavesdropping by autonomous systems and then choosing randomly if no safe passage is possible, Astoria aims to minimize the information gained by an adversary watching an entire circuit.
“Unlike other AS-aware Tor clients, Astoria also considers how circuits should be built in the worst case—i.e., when there are no safe relays that are available. Further, Astoria is a good network citizen and works to ensure that the all circuits created by it are load-balanced across the volunteer driven Tor network.” - researcher added. 

Currently Tor group have not published the download link of the Astoria, but hope it will soon available for download. You can read the full researcher paper about the Astoria from here
Read Also
Post a Comment