41

Tor is known to encrypt the transferred content and the meta information by layering the encryption.

I know there have been correlation attacks that deanonymized some users by federal agencies.

Why do they not take over the system?

There are ~7000 Relays, which seems quite few.

enter image description here

If they provide 14,000 further relays they would be able to decrypt a great deal of information and reveal the identities of users and hidden services.

So why don't they?

Anko
  • 189
  • 10
N. Nowak
  • 585
  • 4
  • 13
  • 41
    Why are you assuming they don't? To quote J. Applebaum, one of the TOR founders: (I'm paraphrasing from memory): "I think these days we have to assume: if the NSA want's be in a given system, they are in." – fgysin Feb 22 '16 at 10:09
  • 7
    You also have to think that if even one of the relays used in a circuit isn't controlled by a federal agency then the whole attack is useless. – RoraΖ Feb 22 '16 at 12:48
  • You also have to consider the difference between anonymity and confidentiality. Done right, encryption provides confidentiality, but by itself, encryption cannot really provide anonymity. For anonymity, you need additional technology (such as multiple layers of encryption used with onion routing -- exact how much depends on your adversary's capabilities). – user Feb 22 '16 at 13:57
  • 18
    How do you know that half of these 7000 relays isn't run by the NSA already? – Dmitry Grigoryev Feb 22 '16 at 15:25
  • 2
    If people are willing to do something nefarious out in the open because they think no one can see them then why destroy that facade? – MonkeyZeus Feb 22 '16 at 15:30
  • 24
    This question isn't a good fit for this site. "Why doesn't the FBI take over the system?" How is anyone here supposed to answer that question? We don't work at the FBI, and if we did, we probably wouldn't be allowed to answer that question in public. Any answer you get will be speculation or opinion. We frown on opinion-based questions (see [help/dont-ask]). Can you rephrase the question to ask an answerable, technical question? Perhaps it would be better to ask "Is there any technical barrier to taking over the system?" or "How much would it cost to...?" – D.W. Feb 22 '16 at 18:35
  • TOR is owned and run by the US military. If the FBI don't take over the system, it's because the President, who is in charge of both, doesn't want them to. End of. – Ben Feb 22 '16 at 19:50
  • 2
    There is https://tor.stackexchange.com, which is probably better suited for answering these types of questions. – Xiong Chiamiov Feb 22 '16 at 20:10
  • @RoraΖ That's not correct. IIRC, if you have the entry and egress nodes, you've compromised the anonymity regardless of how many nodes lie between them (which is why they don't normally bother using more than 1 intermediate node.) – reirab Feb 22 '16 at 21:48
  • @RoraZ That's why "a large number of relays" and "a great deal of information" - not *all* information. – user253751 Feb 22 '16 at 21:53
  • 1
    It's worth remembering that Tor is a US Navy project. Aimed primarily at giving dissidents an internet that dictators cannot monitor. As much as it would help law enforcement to de-anonymise Tor it is also in the interest of the US government to keep it anonymous. – slebetman Feb 23 '16 at 05:42
  • 7
    @slebetman It is in the interest of the US government to keep anyone other than the US government from being able to deanonymize it. – user253751 Feb 23 '16 at 07:37
  • 1
    @immibis: Yup. Fortunately the Tor developers are smart people and realise that any ability the US government develops to de-anonymise Tor can and will be copied by hostile governements/organisations. Therefore we have this weird arms race between government funded Tor developers and government funded law enforcement hackers. Since Tor is open source it is very easy to keep track of improvements they've made over the years overcome vulnerabilities. – slebetman Feb 23 '16 at 07:45

2 Answers2

47

They might do it already, there is a known technique to dedicate malicious and powerful nodes to the network to be able to take control of some of the traffic.

Tor does not advertise itself to be able to protect against adversaries that have control over a fair part of the internet. While there are techniques to check the validity of the nodes if you have control over the internet(a fair part of the network) you can de-anonymize nodes.

Under Tor's website, the FAQ page :
What attacks remain against onion routing?

it is possible for an observer who can view both you and either the destination website or your Tor exit node to correlate timings of your traffic as it enters the Tor network and also as it exits. Tor does not defend against such a threat model.

In a more limited sense, note that if a censor or law enforcement agency has the ability to obtain specific observation of parts of the network, it is possible for them to verify a suspicion that you talk regularly to your friend by observing traffic at both ends and correlating the timing of only that traffic. Again, this is only useful to verify that parties already suspected of communicating with one another are doing so. In most countries, the suspicion required to obtain a warrant already carries more weight than timing correlation would provide.

Furthermore, since Tor reuses circuits for multiple TCP connections, it is possible to associate non anonymous and anonymous traffic at a given exit node, so be careful about what applications you run concurrently over Tor. Perhaps even run separate Tor clients for these applications.

About Tor network takedown:
They may not have enough incentives to block the whole system. After all it's a highly decentralized, international network of nodes. If you shut down a node, another one will pop up so it's not trivial to take the whole thing down.

There are also obfuscation techniques Tor uses to hide itself from ISPs and censorship systems. They can't flip a switch and then Tor is down.

About adding malicious nodes to decrypt the traffic, it's not trivial either. You don't need any relay node, you need an exit node to get access to unencrypted traffic (Another layer of encryption may still be present, e.g. HTTPS). Tor also monitors exit nodes for malicious activity and actively blocks them. I'm not saying your provided scenario is not possible, I'm just saying it's not trivial.

Silverfox
  • 3,369
  • 2
  • 19
  • 39
  • Thanks for the quick answer! That still makes me wonder: Why are there still hidden services then? They seem to struggle to shut them down. – N. Nowak Feb 22 '16 at 09:34
  • 9
    @N.Nowak its hidden against your company, your government possibly, your local police department, your governments censorship system but not hidden from say NSA. So I believe those who can take it down don't have the incentives to do so. – Silverfox Feb 22 '16 at 09:51
  • 13
    Assuming the NSA can de-anonymize all TOR traffic: If the NSA takes down a single drug market or whatever without a plausible description how they did it, that doesn't require breaking TOR anonymity, most people will stop using TOR. So they might take down some people selling marijuana at the cost of not being able to eavesdrop on terrorists. Sounds not reasonable. Being able to spy on TOR users is a very very valuable resource. You don't 'spend' it on taking down college kids smoking weed. – Josef Feb 22 '16 at 10:40
  • 2
    It's really about the juncture of 3 things -> Crime Seriousness, Political Pressure and National Security. Even for worst crimes, serial murders, drug rings, pedophile rings etc, NSA won't get involved. NSA might get involved if there is political pressure. However in the case of National security issues, NSA will definitely get involved ( might even share top secret information with CIA, M15, Mossad etc). They don't get involved with other agencies (FBI etc) to reduce the risk of leaks of classified surveillance programs. – a20 Feb 22 '16 at 12:37
  • 4
    Secondly, it's always a common pattern to disguise the true source of your Intelligence under a believable false cover story, and also to feed the story out through sister agencies, to reduce the chances of exposure of programs and operatives. – a20 Feb 22 '16 at 12:46
  • 11
    @a20: Indeed. One of the paradoxes of intelligence is that "excpetionally high-value sources have no value", because if you use the intelligence gathered from those exceptionally high-value sources, everybody immediately knows that the intelligence could have come only from that single source, and thus the source stops being a source (at least, maybe even stops being alive). This was the dilemma the Allies faced after cracking the Enigma: warn innocent civilians about German bombing raids and risk the Germans wondering how they got that information or knowingly let innocent people die but … – Jörg W Mittag Feb 22 '16 at 13:28
  • 8
    … protect the intelligence source? – Jörg W Mittag Feb 22 '16 at 13:28
  • 1
    Re "About Tor network takedown": in addition to what you've mentioned, it's kind of ineffective to take down the stuff you [spend money funding](https://www.torproject.org/about/sponsors.html.en) as a government... – user2428118 Feb 22 '16 at 21:09
  • @user2428118 there are many branches of government and they rarely agree on anything. – rjdown Feb 23 '16 at 00:16
  • 1
    @a20 Well, almost correct. We actually do know that the NSA gets involved with (or did get involved with) using their spying powers against run-of-the-mill criminals. See ["Parallel Reconstruction"](https://www.techdirt.com/articles/20140203/11143926078/parallel-construction-revealed-how-dea-is-trained-to-launder-classified-surveillance-info.shtml). What's a bunch of perjury and constitutional desecration between federal agencies, right? :/ – HopelessN00b Feb 23 '16 at 08:20
  • @HopelessN00b, right, that's what I was referring to in my second comment - the misdirection and misinformation. In Silkroad's case for example, I would put money down that NSA was involved, even though official stories fed out to Wired and elsewhere point to other agencies. – a20 Feb 23 '16 at 08:40
1

Even IF the NSA could take Control of all exits to gain unencrypted data, it would be a bit different for hidden services.

hidden services have a usually quite hard to memorize .onion URL, the reason for that is simple. in the URL is a hash of the public key of the hidden service server

This means the data is encrypted once more, similar if it wuld use HTTPS, except for the fact that there are no domain names, but that the domain name ITSELF acts as the "certificate", because the pubkey of the other side can be hashed and checked against the domain name already, so if you obtained the URL securely you can be sure that the other side does have the real keys

(which doesnt mean it isnt compromised thruogh either having gotten the key from the provider of the service or a hash collision, since it is just the first 80 bits of the SHA-1)

That makes Hidden Services a lot less vulnerable than browsing standard plaintext HTTP Sites with Tor, because all nodes including the exit just see it encrypted.

Be Reminded that when all odes are taken over the connection is no longer anonymous (as long as a single node remains secure they cannot fully connect you because of the fact that each node only knows his direct neighbor of both sides in the connection), so it is possible to link see that your IP has visited a Site, but still, as long as no data is unseen, you can at least TRY to deny it (e.g. a hacker in your WLAN)

My1
  • 394
  • 2
  • 12
  • True, and the main point of using Tor is anonimity and if they can find out that you visited a specific hidden service it's game over. – Silverfox Feb 23 '16 at 11:34
  • but then all nodes need to be taken over. just the exit node will give unencrypted traffic on a non-secure site, possibly revealing even more information than when being on an HTTPS/Hidden Service, because each traffic only knows the IP of the next node. also Added new paragraph – My1 Feb 23 '16 at 12:42