Tor, a free software and an open network that helps Internet users defend against traffic analysis, has grown massively in the post-Snowden era. While Tor has been praised for providing privacy and anonymity to vulnerable Internet users such as political activists fearing surveillance and arrest, ordinary web users seeking to circumvent censorship, and people who have been threatened with violence or abuse by stalkers, law enforcement has been less supportive, citing that online anonymity may enable criminal activity.
Edward Snowden’s disclosed files suggest that the National Security Agency (NSA) and the Government Communications Headquarters (GCHQ) have been studying and investigating in Tor studies for ways to penetrate online anonymity.
In 2014, the US government paid Carnegie Mellon University to run a series of poisoned Tor relays to de-anonymise Tor users. A 2015 research paper outlined an attack effective, under certain circumstances, at decloaking Tor hidden services. Most recently, 110 poisoned Tor hidden service directories were discovered probing .onion sites for vulnerabilities, most likely in an attempt to de-anonymise both the servers and their visitors. As a result, “80 percent of all types of users may be de-anonymised by a relatively moderate Tor-relay adversary within six months”, reported in a 2013 study by researchers at the US Naval Research Laboratory.
To cope with these increasing challenges, five projects, similar to the Tor Project, are in place, striving to develop stronger anonymity systems against state surveillance.
The first one is the Anonymous Quanta Project, or “Aqua” in its short form. Aqua is an anonymous file-sharing network design. Based on Aqua, Herd is an anonymous voice-over-IP network design. According to Herd’s developers, the first Herd nodes online and ready for users in 2017. Both projects have incorporated incremental advances in anonymity technology.
Similar to Aqua, the Riffle Project’s main use-case is anonymous file-sharing. If successfully deployed, Riffle would not only complement Tor, but perhaps even make it faster by giving users sharing large files a more secure alternative.
Vuvuzela and its second iteration Alpenhorn, aim to offer anonymous, metadata-free chat.
The Dissent Project is based on a dining cryptographers algorithm, or “DC-net.” Combined with a verifiable-shuffle algorithm, Dissent offers the most anonymous design currently under investigation by researchers. Its high latency and low bandwidth make it most suitable for dissidents.
Inspired by the Dissident Project was Riposte, which maintains the strong anonymity properties of a DC-net, including resistance to both traffic analysis and to disruption attacks by malicious clients, but scales to millions of users. Although it introduce higher latency, the trade-off is acceptable especially when Riposte is designed for microblogging uses.
If you’re planning a trip to the Deep Web with Tor, then possibly check out a couple of VPNs to protect your privacy.