A new study has revealed that a hacker or a nation-sponsored bad actor can degrade the performance of the Tor network for a few thousand dollars per month.
The research, conducted by Georgetown University and the US Naval Research Laboratory, analyzes the cost for slowing down the Tor network through different methods.
Tor is the most popular anonymous communication system ever deployed, with an estimated eight million daily active users. These users depend on Tor to anonymize their connections to Internet services and distributed peers, and also to circumvent censorship by local authorities that control network infrastructure.
Tor is used by ordinary citizens and businesses to protect their privacy online, by journalists and activists to more freely access and contribute digital content, and by criminals to perform illegal activities while avoiding identification.
However, relatively understudied but arguably more viable is the threat of denial-of-service (DoS). The Threat of Denial-of-Service: Bandwidth-based DoS against Tor is a relatively understudied but relevant threat
According to the researchers, their DoS attacks either can be outsourced to third party “stresser” services that will flood a target with packets for an amortized cost of $0.74/hr. per Gbit/s of attack traffic, or utilize lightweight Tor clients running on dedicated servers at an amortized cost of $0.70/hr. per Gbit/s of attack traffic.
Nation-states are known to sponsor DoS attacks, and the ease of deployment and low cost of our attacks suggest that state actors could reasonably run them to disrupt Tor over both short and long timescales. We speculate that nation-states may, e.g., choose DoS as an alternative to traffic filtering as Tor continues to improve its ability to circumvent blocking and censorship [32]. Non-state actors could also reasonably deploy the attacks since they require only a few servers or can be completely outsourced.
According to the researchers, they were able to demonstrate the feasibility of several bandwidth DoS attacks through live-network experimentation and high-fidelity simulation while quantifying the cost of each attack and its effect on Tor performance.
First, they explored an attack against Tor’s most commonly used default bridges (for censorship circumvention) and estimate that flooding those that are operational would cost $17K/mo. and could reduce client throughput by 44% while more than doubling bridge maintenance costs.
Secondly, they explored attacks against the TorFlow bandwidth measurement system and estimate that a constant attack against all TorFlow scanners would cost $2.8K/mo. and reduce the median client download rate by 80%.
Thirdly, they explored how an adversary could use Tor to congest itself and estimate that such a congestion attack against all Tor relays would cost $1.6K/mo. and increase the median client download time by 47%.
Finally, they analyzed the effects of Sybil DoS and deanonymization attacks that have costs comparable to those of their attacks.
According to the researchers, these methods do not affect the Tor network entirely but are enough to discourage users from using it because of its poor performance.