Professional Documents
Culture Documents
OSINT Analysis of The TOR Foundation
OSINT Analysis of The TOR Foundation
Maxence Delong1 , Eric Filiol2 , Clément Coddet3 , Olivier Fatou4 , Clément Suhard5
Abstract— This research paper is a study on the TOR technical analysis of the TOR network and the Tor foundation
Foundation and the TOR Network. Due to the blind confidence which tends to prove that their alleged independency is far
over this network and this foundation we have collect data from being so clear and acceptable. The paper is organized as
and gather information in open sources to understand how it
is organized. We discovered that the US government is very follows. We first explain and analyze in the second section
active through the financial aspect and development aspect. what are the TOR directory authorities, what their role is
arXiv:1803.05201v1 [cs.CR] 14 Mar 2018
Furthermore, we discovered that some critical points of the and how they are managed. In the third section, we explore
TOR network are running by unknown people who have special and expose the internal organization of the TOR foundation
nodes and the foundations never talks about them. and which projects are related to it. In the fourth section
we present the results of our deep financial analysis of the
I. INTRODUCTION
TOR foundation funding. It clearly shows that the alleged
The TOR Project (http://www.torproject.org) is the most independency is actually not true. Finally, before concluding
famous project about privacy and anonymity online. Simply, we present in the fifth section a few technical aspects that
it is another network where everybody has only the knowl- strongly mitigate the claim that the TOR foundation manage-
edge of his direct neighbor. From this very simple principle, ment is suitable for a maximal security and anonymity of the
the TOR network routes packets through at least three nodes TOR network. All resources presented in the present paper
that ensure that the sender does not know the receiver and (high definition graphs especially) as well as many others
conversely. In this network, you can access hidden services are available on the Blog laboratory (Filiol et al. 2017).
which are web service not indexed by search engines. Those
II. D IRECTORY AUTHORITY
services are used by several kinds of people and some of
them are using the TOR network (and the services provided) A. What is the goal of this node ?
because it is their only way to communicate in a safe and In this part, we will talk about the directory authorities (see
anonymous way. https://svn.torproject.org/svn/tor/tags/
In a country where there is a lot of censorship, journalists tor-0_2_1_4_alpha/doc/spec/dir-spec.txt
can use the TOR network in order to bypass it. In the official for details). The purpose of these specific nodes is to handle
website of the TOR project, it is claimed that the TOR the complete network to maintain a list of “currently-
network is also used by the military to “protect their com- running” nodes (this list is refreshed every thirty minutes,
munications”. From those perpectives, over the years people so it is not really “currently-running”). All those running
have developed a big confidence in the TOR network and nodes are stored in a public file named “consensus”. This
in the foundation which control and manage this network. file is distributed in order to tell all nodes what is the state
Officially, this foundation has no link with US government of the network, which nodes are running or not.
(any other one) and is independent (Dingledine, 2017). There Each thirty minutes, any node on the TOR network needs
is a growing feeling that this may not be the case. Recurrent to go register itself at one or more directory authorities.
questions arise that put this apparent independency into If a node becomes down or have an issue, it will not be
question: what if the US government was behind the TOR able to register itself on a directory authority. Once each
network and somehow controls it? The recent dismantling node has been registered, the directory authority will vote
of Silk road 2.0 by the FBI (Leinwand Leger, 2014) still is to create a new consensus file. The vote is the action of
not explained from a technical point of view and growing defining the consensus weight of each node in function of the
suspicions suggest that a partial control at least by the US advertised bandwidth, the real bandwidth and the date/time
government over the foundation cannot be discarded. Hence, since the node is registered. The consensus weight is one of
if true, the protection of the communication will no longer the most important information in the consensus file because
be true and the confidence in this network should not be it will define the new bandwidth assigned to each node. As
warranted. In fact, the TOR project is an implementation of we prove on other research paper (Filiol et al., 2018), the
a concept born in the US Naval Research Laboratory (Gold- bandwidth is the most important key parameter of the TOR
schlag et al., 1996; Syverson et al., 1997). Paul Syverson network because we can target specific nodes to take the
is the designer of the routing protocol and was part of the control of a major part of the traffic. Those nodes (Filiol et
original development team of the TOR network. Hence the al., 2017) are the principal weakness of the TOR network
TOR infancy was clearly linked with the US government and because they define the future state of the network. If we
still is. shut down all those nodes, the TOR network will continue
In this paper, we present the results of a deep OSINT and to work but will be less and less efficient due to the changes
which cannot be specified to the other nodes without the directory authorities and the smaller ones are each version
consensus file. in the TOR source code.
Currently, there are nine directory authorities, eight for all At the beginning, all directory authorities (three at the
the nodes and one especially for the bridges (called Bridge time) were owned by the same person on the same IP
Authority). Bridges are non-public nodes whose purpose is address but on different ports (Moria1, Moria2 and Moria3).
mostly to enable censorship bypassing. Only the TOR foun- At this time, only Moria1 is still active. Since 2006, one
dation does know the exact list. These directory authorities (still active) directory authority was released every two years
(bridges authority included) are hard-written in the source (except for 2008, we have two directory authorities). In order
code with their IP address, their port and their fingerprint. of appearance, we have Dizum (tor-0.1.1.18, April 2006),
The concern is that we do not know who is responsible Gabelmoo (tor-0.2.0.16, January 2008), Dannenberg (tor-
and manages these nodes. No information is available on 0.2.0.18, January 2008), Maatuska (tor-0.2.2.14, July 2010),
the website of the TOR Project and the only information Faravahar (tor-0.2.3.23, October 2012) and Longclaw (tor-
available is in the Changelog file, but we only have derived 0.2.6.2, December 2014). In total, there is seven directory
information about the node and not the owner of the node. authorities and Moria1 still active with the bridge authority.
The purpose of our study is to see the different changes of The bridge authority has changed over time. At first, Tonga
directory authorities through versions and which is the actual appears in the version tor-0.2.0.6 in August 2007 to be
the owner of each node. We wanted to see the link between replaced by Bifroest in the version tor-0.2.9.2 in August
owners of directory authority and the TOR Project and how 2016. Aside all of these directory authorities, five others
they can justify the possession of specific nodes. directory authorities came and left few versions after. Since
the last change (Tonga to Bifroest), no other changes were
B. Evolution of directory authorities through version made in the current version (tor-0.3.2.1, September 2017).
To do this part of our study, we download all versions of Now, let us focus on the nine directory authorities which
the TOR Project since the beginning. The last version we are present in the last version. Table 1 summarizes how the
study is the version tor-0.3.0.3-alpha released the February different versions of the TOR network are using all those
3rd, 2017. No changes were made between the last version directory authorities.
and the version tor-0.3.2.1-alpha. We use the Maltego
Number of versions % (456 in total)
Software to do a graph of directory authorities for each Moria 1 435 95%
version. The graph is given in Figure 1. The big nodes are Dizum 270 59%
the directory authorities which were used for most of the Gabelmoo 226 49%
versions. With this classification, we will see which directory Dannenberg 223 49%
Maatuska 166 36%
authorities are the more relevant to study. Faravahar 110 24%
Longclaw 74 16%
Bifroest 47 10%
TABLE I
N UMBER OF VERSION USING THOSE DIRECTORY AUTHORITIES