Researchers at the Hackers To Hackers Conference in Brazil will detail a method of hijacking the TOR anonymity network, potentially putting its users at risk, while The Tor Project accuses one of the researchers of irresponsible disclosure.
The presentation combines work done by Eric Filiol of the Grand École D’Ingenieurs Paris-Laval (ESIEA) on ‘dynamic cryptographic backdoors‘ with what the researchers descrbe as “protocol vulnerabilities” in the Tor network. The result is a method for “tak(ing) over a significant part of the TOR network,” and eaves dropping on traffic sent to and from compromised TOR nodes.
In a presentation at the CanSecWest Conference in Vancouver in March, Filiol described a method to extract data from secured networks by exploiting the fact that many encryption algorithms rely on standard operating system components (like the Microsoft Cryptographic API) to generate their secret keys. By using specially tailored malware, Filiol demonstrated, it is possible to access and modify the cryptographic algorithm on-the-fly in the host’s memory. While not perfect, the method is capable of weakening the encryption used in a network like Tor to the point that an attacker can intercept and decipher the cipher text.
At Hackers to Hackers, Filiol and fellow researchers Oluwaseun Remi-Omosowon and Leonard Mutembei will demonstrate a method for hijacking part of a Tor network using self propagating malicious program to infect Tor nodes, then forcing network traffic through the nodes they control using denial of service attacks on uninfected nodes.
According to information posted online, the researchers were able to test their method on a test Tor deployment and on the actual Tor network and found that they could “take over a significant part of the Tor network” and siphon off sensitive data from compromised nodes.
In a post on a Tor Project discussion list, spokesman Andrew Lewman accused Filiol of refusing to speak to the Tor Project about his findings or work with them to repair the holes prior to his talk at Hackers to Hackers.
“This article is full of hyperbole, but short on facts. We are in the dark as much as everyone else,” Lewman wrote. “Eric has refused to talk to us in any responsible manner.”
Lewman said that the method described by Filiol seems to rely more on exploitation of weaknesses in Microsoft Windows than of a weakness in Tor. “If true, this sounds like a better exploit on MS Windows than on Tor. Tor has to run inside an operating system, and if that operating system is compromised then everything that runs inside it will be compromised as well,” he wrote.
The Tor network is a widely used anonymity service online. This isn’t the Tor Project’s first brush with security concerns. A number of the network’s servers were compromised in early 2010 prompting the Tor Poject to require its users to upgrade to a more secure client. Tor has also been the target of oppressive regimes in the Middle East and Asia, which have sought to compromise its security to gain information on political activists who use the network to communicate securely and protect their identities. Recently, hackers who were responsible for compromising the Dutch certificate authority Diginotar are believed to have forged certificates for The Tor Network that could have been used to launch convincing man in the middle attacks that could fool Internet users into thinking they were connecting to the actual Tor Web site.