Astoria: The New NSA-Beating Tor Client
Ashley Allen / 10 years ago
International intelligence agencies, such as the US National Security Agency (NSA), may have developed the ability to peel back the layers of The Onion Router network some time ago, but hackers and activists are determined to preserve their anonymity, developing a new Tor client that even the NSA can’t crack. The Astoria client should pose government spies their biggest challenge yet.
Astoria allows users to mask their identities by passing traffic between an encrypted middle relay and exit relay circuit, routed through 6,000 network nodes. With other Tor clients, anonymity can be compromised though “timing attacks”; gaining control over the entry and exit relays, with 58% of Tor circuits vulnerable to such attacks. Astoria reduces that number of vulnerabilities from 58% to 5.8%.
Included within the Astoria client is an algorithm designed to predict and counter relay attacks, patching vulnerabilities before they can be exploited. The client is thus able to always create the most secure circuit while balancing performance. Though “timing attacks” – commonly used by the NSA and GCHQ to crack Tor anonymity – can never be protected against entirely due the way Tor is constructed, Astoria makes it as difficult as possible for them to succeed.
“In addition to providing high-levels of security against such attacks, Astoria also has performance that is within a reasonable distance from the current Tor client,” Astoria’s developers write. “Unlike other AS-aware Tor clients, Astoria also considers how circuits should be built in the worst case—i.e., when there are no safe relays that are available. Further, Astoria is a good network citizen and works to ensure that the all circuits created by it are load-balanced across the volunteer driven Tor network.”
Astoria is not yet available for download, only being revealed in a research paper by its developers, but it is expected to be released soon.
Thank you The Daily Dot for providing us with this information.