Hackers attacked the infrastructure of Tor, the anonymizing service, earlier this month in an incident that may have compromised a number of hidden services, according to an announcement posted today by the Tor Project's director, Roger Dingledine.
Dingledine said that it's possible the attack wasn't carried out with malicious intent, although the effect is harmful in any case, potentially weakening Tor's encryption and making it more vulnerable to a state actor attempting to compromise it.
"If the attack was a research project, it was deployed in an irresponsible way because it puts users at risk indefinitely into the future," he said, suggesting that the researchers behind a recently-cancelled talk scheduled for Black Hat 2014 may be behind the attack.
"In fact, we hope they were the ones doing the attacks, since otherwise it means somebody else was," Dingledine wrote.
The researchers in question are part of a team at Carnegie Mellon University that "works closely with the Department of Homeland Security," according to a Washington Post report by Andrea Peterson from last week on the cancellation of the Black Hat talk.
Tor operates as a large-scale proxy network, encrypting and routing web communications through a series of randomized hosts around the world to protect the identities of users and obfuscate their activities from surveillance. Tor also provides the option of so-called hidden services, which uses servers configured to only accept incoming connections from the Tor network, allowing for secure email and the like.
Tor is reliant on volunteers to host relay nodes, allowing anyone to sign up and turn their computer into a part of the network. The attackers took advantage of this facet of Tor, adding relays running malicious software to the system, specifically targeting hidden services. Malicious relays sent specially encoded extra data in signal headers, allowing other attacking nodes to identify which users were requesting which hidden service.
It's a type of traffic correlation attack, according to Tor -- the principle is to modify the message sent into the system and watch for a message with that modification coming out the other end. It's a bit more sophisticated than previous attempts, however, which targeted application-level payloads, rather than headers.
"Those attacks don't work in the other direction (from the exit relay back towards the client), because the payload is still encrypted at the entry guard," Dingledine wrote. "But because this new approach modifies ('tags') the cell headers rather than the payload, every relay in the path can see the tag."
The Tor project has since removed the offending nodes, and pushed a software update that prevents the specific type of attack used from functioning. The principle, however, remains intact, and Dingledine warned that similar techniques are likely viable.
"So the good news is traffic confirmation attacks aren't new or surprising," he said. "But the bad news is that they still work."