Dissecting Tor Bridges: A Security Evaluation of their Private and Public Infrastructures

Bridges are onion routers in the Tor Network whose IP addresses are not public. So far, no global security analysis of Tor bridges has been performed. Leveraging public data sources, and two known Tor issues, we perform the first systematic study on the security of the Tor bridges infrastructure. Our study covers both the public infrastructure available to all Tor users, and the previously unreported private infrastructure, comprising private nodes for the exclusive use of those who know their existence. Our analysis of the public infrastructure is twofold. First, we examine the security implications of the public data in the CollecTor service, identifying several pieces of data that may be detrimental for the security of bridges. Then, we measure security relevant properties of public bridges. Our results show that the 55% of public bridges that carry clients are vulnerable to aggressive blocking; that 90% of bridge clients use default bridges that are trivial to identify; that the concurrent deployment of Pluggable Transports in bridges reduces the security of the most secure transports; and that running non-Tor services in the same host as a bridge may harm its anonymity. To study the private infrastructure, we use an approach to discover 694 private bridges on the Internet and a novel technique to track bridges across IP changes. We are first to measure the size of the private bridge population (35% discovered bridges are private) and to report existence of infrastructures that use private proxies to forward traffic to backend bridges or relays. We use a novel clustering approach to analyze the different infrastructures using proxies and bridges, examining its hosting and security properties. We provide an extensive discussion on the security implications of our findings.

[1]  Vitaly Shmatikov,et al.  The Parrot Is Dead: Observing Unobservable Network Communications , 2013, 2013 IEEE Symposium on Security and Privacy.

[2]  Nicholas Hopper,et al.  On the risks of serving whenever you surf: vulnerabilities in Tor's blocking resistance design , 2009, WPES '09.

[3]  Ian Goldberg,et al.  SkypeMorph: protocol obfuscation for Tor bridges , 2012, CCS.

[4]  Nick Feamster,et al.  Identifying and Characterizing Sybils in the Tor Network , 2016, USENIX Security Symposium.

[5]  Eric Wustrow,et al.  ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.

[6]  Nicholas Hopper,et al.  Routing around decoys , 2012, CCS.

[7]  Thomas Ristenpart,et al.  Protocol misidentification made easy with format-transforming encryption , 2013, CCS.

[8]  Stefan Lindskog,et al.  How the Great Firewall of China is Blocking Tor , 2012, FOCI.

[9]  Vinod Yegneswaran,et al.  StegoTorus: a camouflage proxy for the Tor anonymity system , 2012, CCS.

[10]  George Danezis,et al.  PrivEx: Private Collection of Traffic Statistics for Anonymous Communication Networks , 2014, CCS.

[11]  Ian Goldberg,et al.  BridgeSPA: improving Tor bridges with single packet authorization , 2011, WPES.

[12]  Vern Paxson,et al.  Blocking-resistant communication through domain fronting , 2015, Proc. Priv. Enhancing Technol..

[13]  Juan Caballero,et al.  CARONTE: Detecting Location Leaks for Deanonymizing Tor Hidden Services , 2015, CCS.

[14]  Ming Yang,et al.  Extensive analysis and large-scale empirical evaluation of tor bridge discovery , 2012, 2012 Proceedings IEEE INFOCOM.

[15]  J. Alex Halderman,et al.  A Search Engine Backed by Internet-Wide Scanning , 2015, CCS.

[16]  Vern Paxson,et al.  SoK: Towards Grounding Censorship Circumvention in Empiricism , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[17]  Aditya Akella,et al.  Seeing through Network-Protocol Obfuscation , 2015, CCS.

[18]  Rob Jansen,et al.  Safely Measuring Tor , 2016, CCS.

[19]  Philipp Winter,et al.  ScrambleSuit: a polymorphic network protocol to circumvent censorship , 2013, WPES.

[20]  Vitaly Shmatikov,et al.  No Direction Home: The True Cost of Routing Around Decoys , 2014, NDSS.

[21]  W. Timothy Strayer,et al.  Decoy Routing: Toward Unblockable Internet Communication , 2011, FOCI.

[22]  Nick Feamster,et al.  Examining How the Great Firewall Discovers Hidden Circumvention Servers , 2015, Internet Measurement Conference.