Tor onion hardening will be tear-inducing for feds

The University of California wants to defeat deanonymisation with a hardened version of the Tor browser.

The uni boffins are with the Tor Project testing an address space layout randomisation (ASLR) -esque technique dubbed Selfrando.

It is hoped the technique described in the paper Selfrando: Securing the Tor Browser against De-anonymisation Exploits [PDF] will help to frustrate deanonymisation efforts by government agencies.

Selfrando, currently under testing in hardened Tor versions, is described as an "enhanced and practical load-time randomisation technique" that defends against exploits, namely that allegedly used by the FBI.

"Our solution significantly improves security over standard ASLR techniques currently used by Firefox and other mainstream browsers," the boffins say.

"It has negligible run-time overhead, a perfectly acceptable load-time overhead, and it requires no changes to protect the Tor Browser.

"Moreover, Selfrando can be combined with integrity techniques such as execute-only memory to further secure the Tor Browser and virtually any other C/C++ application."

The nine-strong research team is composed of Mauro Conti; Stephen Crane; Tommaso Frassetto; Andrei Homescu; Georg Koppen; Per Larsen; Christopher Liebchen; Mike Perry, and Ahmad-Reza Sadeghi.

They cite the 2013 attacks in which the FBI compromised Tor hidden services servers to deliver an exploit to de-anonymise users.

The exploit abused an use-after-free vulnerability in Firefox to gain arbitrary code execution.

"The main payload of the exploit collected the MAC address and the host name from the victim machine and sent the data to an attacker-controlled web server, bypassing Tor," they write.

"That message also included a unique ID provided by the booby-trapped page in order to correlate a specific user to a specific visit."

The team will now work to improve Selfrando's operating specific features including thread-local storage support, something relied on in Firefox’s default heap allocator jemalloc.

Tor Browser developers have expressed desire to use that new allocator. ®