A French researcher claims that he and two colleagues have found a serious hole in the security of Tor, the encrypted “darknet” widely used to protect privacy on the Web and to shield dissidents and others from monitoring and eavesdropping. The assertion has created a mix of concern and outrage in the Internet privacy community, particularly over the researcher's lack of disclosure to the foundation that manages Tor’s code base.

Eric Filiol, head of the Operational Cryptography and Computer Virology lab at the École Supérieure d’Informatique, Electronique, Automatique (ESIEA) in Paris, will discuss the exploit in a presentation at the Hackers to Hackers Conference in Sao Paulo, Brazil on October 29. Called “How to take over the Tor network operationally,” the talk will describe how “it is possible to take over a significant part of the Tor network by combining the concept of dynamic cryptographic backdoors with some protocol weaknesses found in the Tor network.”

The attacks developed at ESIEA were tested on 50-node simulated Tor network—and on part of the Tor network itself. "Those attacks rely mainly on the fact that the cryptography used in Tor is weakly implemented," Filiol wrote.

Filliol is currently traveling to Brazil to deliver his presentation and was not available to comment to Ars Technica.

Disclosure ethics



Tor, originally known as "the onion router," uses a set of protocols and an army of “relay” systems scattered across the Internet to pass traffic from a user’s computer in encrypted form to a distant gateway system. There it emerges back onto the "regular" Internet, hiding the original user's IP address and other data. The Tor network also supports "hidden services," which can be used to create hidden websites or other Internet services that exist only within the Tor network, obscuring them from the wider Internet. Some governments don't like either part of this functionality, and thus take pains to block access to Tor.

Filiol told the French technology site ITespresso that he and his team had been able to create a complete topographical map of the Tor network, discovering “hidden nodes” in the network—the unlisted Tor bridge relays that provide access to users whose ISPs block access to known Tor relays. He also claimed that the researchers were able to defeat the encryption of the Tor network, creating a virus that could essentially take control over a section of it. Half of the systems on the Tor network run Windows, Filiol said, and about a third of those systems are potentially vulnerable.

Filiol isn’t revealing any of his team’s attack methods yet, saying he’s holding details back until after he presents them at Hackers to Hackers and the PacSec conference in November.

“I have decided not to disclose anything for fairness purposes [with regard to] H2HC & PacSec organizers,” he wrote on Twitter yesterday. “Otherwise why attend hacking conferences?”

In a blog post on Monday, the Tor Foundation disputed some of Filiol’s assertions about the makeup of the network. The statement on the “rumors of Tor’s compromise” argued that Filiol’s data was significantly flawed. Filiol allegedly over-counted the number of Tor relays—the systems that provide the anonymizing routing for users of the Tor service—and under-counted the number of hidden Tor bridges. The Tor Project team also remarked that Filiol and his team had not shared any information with the Tor Foundation about the nature of the attack they had developed. “They have not talked to us, nor shared any data with us—despite some mail exchanges where we reminded him about the phrase ‘responsible disclosure.'”

In an earlier e-mail sent to the tor-talk email list after the ITespresso story, Tor Foundation executive director Andrew Lewman complained that Filiol “has refused to talk to us in any responsible manner. This article is full of hyperbole, but short on facts.” Lewman speculated that the exploit Filiol had used should more likely be characterized as a Windows attack, rather than one on Tor itself.

By way of reply to Lewman’s complaint, Filiol wrote on Twitter, “[The] Tor foundation asked (not to say require) technical details in advance without proposing to work under NDA. So guess what happened?” He said in another post that he was “fed up” with the Tor Foundation’s complaints and speculations, and urged people to attend his presentations to make up their own minds about the validity of the attack.

Filiol’s work has drawn criticism before. In 2003, he published a paper claiming that the AES encryption algorithm could be broken through a simple ciphertext block attack, but he later modified his claims. A team of researchers trying to replicate his results found that even his modified claims could not be reproduced. One Luxembourg-based security expert complained on Twitter, “Every few years, Eric Filiol claims an amazing infosec discovery which turns out to be nonsense.”