Related papers: Attacking and Improving the Tor Directory Protocol

Attacking and Improving the Tor Directory Protocol

URL: http://arxiv.org/abs/2503.18345v1
Date: Mon, 24 Mar 2025 05:04:41 GMT
Title: Attacking and Improving the Tor Directory Protocol
Authors: Zhongtang Luo, Adithya Bhat, Kartik Nayak, Aniket Kate,
Abstract summary: The Tor network enhances clients' privacy by routing traffic through an overlay network of volunteered intermediate relays.<n>The protocol is expected to be secure even when a minority of those authorities get compromised.<n>The current consensus protocol is flawed, allowing only a single compromised authority to create a valid consensus document with malicious relays.
Score: 14.733204402684215
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: The Tor network enhances clients' privacy by routing traffic through an overlay network of volunteered intermediate relays. Tor employs a distributed protocol among nine hard-coded Directory Authority (DA) servers to securely disseminate information about these relays to produce a new consensus document every hour. With a straightforward voting mechanism to ensure consistency, the protocol is expected to be secure even when a minority of those authorities get compromised. However, the current consensus protocol is flawed: it allows an equivocation attack that enables only a single compromised authority to create a valid consensus document with malicious relays. Importantly the vulnerability is not innocuous: We demonstrate that the compromised authority can effectively trick a targeted client into using the equivocated consensus document in an undetectable manner. Moreover, even if we have archived Tor consensus documents available since its beginning, we cannot be sure that no client was ever tricked. We propose a two-stage solution to deal with this exploit. In the short term, we have developed and deployed TorEq, a monitor to detect such exploits reactively: the Tor clients can refer to the monitor before updating the consensus to ensure no equivocation. To solve the problem proactively, we first define the Tor DA consensus problem as the interactive consistency (IC) problem from the distributed computing literature. We then design DirCast, a novel secure Byzantine Broadcast protocol that requires minimal code change from the current Tor DA code base. Our protocol has near-optimal efficiency that uses optimistically five rounds and at most nine rounds to reach an agreement in the current nine-authority system. We are communicating with the Tor security team to incorporate the solutions into the Tor project.

Related papers

CP-Guard: Malicious Agent Detection and Defense in Collaborative Bird's Eye View Perception [54.78412829889825]
Collaborative Perception (CP) has shown a promising technique for autonomous driving.<n>In CP, ego CAV needs to receive messages from its collaborators, which makes it easy to be attacked by malicious agents.<n>We propose a novel method, textbfCP-Guard, that can be deployed by each agent to accurately detect and eliminate malicious agents in its collaboration network.
arXiv Detail & Related papers (2024-12-16T17:28:25Z)
CryptoFormalEval: Integrating LLMs and Formal Verification for Automated Cryptographic Protocol Vulnerability Detection [41.94295877935867]
We introduce a benchmark to assess the ability of Large Language Models to autonomously identify vulnerabilities in new cryptographic protocols. We created a dataset of novel, flawed, communication protocols and designed a method to automatically verify the vulnerabilities found by the AI agents.
arXiv Detail & Related papers (2024-11-20T14:16:55Z)
ParTEETor: A System for Partial Deployments of TEEs within Tor [6.668496876628325]
ParTEETor is a Tor-variant system that uses partial deployments of trusted execution environments to thwart known attacks. We evaluate ParTEETor for security, performance, and privacy.
arXiv Detail & Related papers (2024-08-26T21:23:19Z)
The Latency Price of Threshold Cryptosystem in Blockchains [52.359230560289745]
We study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols. Existing approaches for threshold cryptosystems introduce a latency overhead of at least one message delay for running the threshold cryptographic protocol. We propose a mechanism to eliminate this overhead for blockchain-native threshold cryptosystems with tight thresholds.
arXiv Detail & Related papers (2024-07-16T20:53:04Z)
Pessimism of the Will, Optimism of the Intellect: Fair Protocols with Malicious but Rational Agents [0.6990493129893112]
We present a game-based framework for the study of fairness protocols. It is based on the notion of strong secure equilibria, and leverages the conceptual and algorithmic toolbox of game theory.
arXiv Detail & Related papers (2024-05-29T10:15:36Z)
A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z)
Robust and Actively Secure Serverless Collaborative Learning [48.01929996757643]
Collaborative machine learning (ML) is widely used to enable institutions to learn better models from distributed data. While collaborative approaches to learning intuitively protect user data, they remain vulnerable to either the server, the clients, or both. We propose a peer-to-peer (P2P) learning scheme that is secure against malicious servers and robust to malicious clients.
arXiv Detail & Related papers (2023-10-25T14:43:03Z)
Resilient Consensus Sustained Collaboratively [6.090550359575682]
We present the design of our Power-of-Collaboration protocol, which guards existing PoS/BFT blockchains against long-range attacks. PoC guarantees fairness and accountability and only marginally degrades the throughput of the underlying system.
arXiv Detail & Related papers (2023-02-05T07:33:57Z)
Is Semantic Communications Secure? A Tale of Multi-Domain Adversarial Attacks [70.51799606279883]
We introduce test-time adversarial attacks on deep neural networks (DNNs) for semantic communications. We show that it is possible to change the semantics of the transferred information even when the reconstruction loss remains low.
arXiv Detail & Related papers (2022-12-20T17:13:22Z)
Towards Flexible Anonymous Networks [0.5735035463793009]
We propose a new software architecture for volunteer-based distributed networks. FAN shifts the dependence away from protocol tolerance without losing the ability for developers to ensure the continuous evolution of their software.
arXiv Detail & Related papers (2022-03-07T22:58:36Z)
ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning [80.85273827468063]
Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable. We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts. We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
arXiv Detail & Related papers (2021-03-23T15:04:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.