Tor Project and the new anti-tampering measures for its software

Tor Project revealed how the organization has conducted a three-year long work to improve its ability to detect fraudulent software.

The experts at the Tor Project are working to improve the resilience of the anonymizing network to cyber attacks, in particular, they aim to quickly detect any surveillance activity conducted by tempering the Tor system.

The researchers fear that the US Government could interfere with the Tor project by requesting the organization to turn over critical information that would compromise the security of the network and cause in de-anonymization of the users.

Mike Perry from the Tor Project, highlighted that the organization has never received a legal demand to place a backdoor in its source code, nor have we received any requests to hand over cryptographic signing material.

The Tor Browser is an open source, this means that everyone could analyze it, the organization also implements several mechanisms to ensure the security and integrity of its software.

Now the experts want more, they are exploring further improvements to eliminate single points of failure, so that even if a threat actor obtains our cryptographic keys, the anonymizing network would be able to detect the anomalous activity. The development team behind the Tor Project is designing the system in such a way to make visible any change to the original source code.

“For this reason, regardless of the outcome of the Apple decision, we are exploring further ways to eliminate single points of failure, so that even if a government or a criminal obtains our cryptographic keys, our distributed network and its users would be able to detect this fact and report it to us as a security issue.” wrote Mike Perry.

“From an engineering perspective, our code review and open source development processes make it likely that such a backdoor would be quickly discovered.” he added.

To distribute a tampered version of the Tor Browser it would be required the access to two cryptographic keys:

the SSL/TLS key that secures the connection between a user and Tor Project servers; plus the key used to sign a software update.
the key used to sign a software update;

“Right now, two keys are required, and those keys are not accessible by the same people,” explained Perry. “They are also secured in different ways.”

Even if a persistent attacker is able to obtain the two keys, in theory, users would be able to check the software’s hash and discover any modification by checking it.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Privacy, Tor Project)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.