German Intelligence First Developed Attacks Against Tor
Online anonymity represents a serious problem for government and law enforcement agencies; it has been debated a long about the difficulties to investigate when suspects use anonymizing networks and communication platforms leveraging on end-to-end encryption.
Now secret documents reveal that the German spy agency BND has developed a system to monitor the Tor network and unmask Tor users. According to the report, the BND warned federal agencies of the possibility to track users even when they are hiding their identities behind the popular anonymizing network.
According to the documents, German cyber spies handed a prototype of this technology over to the NSA due to their long-term collaborations.
Harald Fechner, the head of the BND's Signals Intelligence Directorate until his retirement in June 2009, testified in the German parliamentary committee investigating the NSA spying scandal two years ago.
Fechner was the head of a cyber army composed of more than a thousand spies that were involved in surveillance operation; the spies were intercepting communication streams via radio waves, telephone cables and tapped fiber-optic cables.
Under the SIGINT Directorate, there is a secret hacker unit focused on "operative technological attacks on IT systems "all over the world.
The group was called Unit 26E (Operational Support and Listening Technology), then it was first renamed in "Working Group TX "(IT Operations) and finally "Sub-Directorate T4"(Cyber Intelligence).
The existence of the unit was revealed in 2008 when it infiltrated the computer network of the Afghan Ministry of Trade accessing emails of the minister (considered an ally) and emails from the German journalist Susanne Koelbl.
During a trip to the US at the time of President George W. Bush, a BND agent operating under the initials "H.F." was the NSA's guest at the headquarters in Fort Meade, attending the annual SIGINT Development Conference.
H.F. was there to present an attack on the Tor network devised by the BND hackers to unmask the Tor users.
The Tor network was widely used to circumvent surveillance and censorship. Unfortunately, it is also abused by cybercriminals, terrorists and government agencies.
At the time, unmask Tor users was a shared goal for intelligence agencies of western countries.
The BND hackers from Unit 26E were inspired by the explanation of the Tor network provided by Tor project leader Roger Dingledine at the CCC Congress and in a police station in Stuttgart.
In March 2008, the BND agency filled in its partners from the USA and UK.
"When a foreign delegation visited Munich, the SIGINT unit presented "the anonymity network Tor and a possible disbandment of the anonymity feature," the BND writes in its internal report. To implement the plan, the BND hoped for "an international cooperation with several foreign intelligence agencies."" states the Netzpolitik.org website.
Both NSA and GCHQ intelligence agencies offered support to the project; meantime the BND planned to set up its own Tor exit node server for testing purpose.
In April, the agent H.F. presented hacking technique devised by its unit to the peers at the anti-terror coalition of the European spy agency club SIGINT Seniors Europe.
Afterwards, he was invited to the SIGDEV conference by the NSA at its headquarters. The presentation shocked the other agencies, it was a success, and other experts started reviewing the attack presented by the researcher.
A week later, H.F. was again invited by the NSA, he participated with the colleague "M.S. ", at a meeting held at the BND's Bad Aibling station in Bavaria, where the NSA liaison unit SUSLAG has a building for its activity in German.
H.F., M.S. and NSA peers made a video conference to share further details about the project.
The BND experts reported to the NSA peers about the possibility to "penetrate the Tor network," likely referring the possibility to exploit a design choice behind Tor publicly specified.
The hackers were thinking of infiltrating the Tor network with "a global passive" infrastructure composed of their own nodes. One of the secret documents warns:
"If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit. "
The research community have proposed different approaches for the statistical analysis of the traffic and correlation attacks; the intelligence agencies implemented it exploiting their ability to monitor the overall traffic on a global scale.
The BND hackers decided to implement the hacking technique proposed by a group of researchers at an American university, so they planned to set up their own Tor network in a lab to explore the feasibility of the technique.
On the other end, the NSA agreed to contact the researchers at the American university to test their technique.
The BND set up a test network and developed a "proof of concept" for the attack, the goal was to allow the SIGINT chief Harald Fechner to present the technique in October during a meeting with the NSA Director Keith Alexander.
Unfortunately, an internal reorganization of the German hacker unit allocated the experts that worked on the project in two different areas.
Months later, the new US President Barack Obama was elected and pushed the project started again on both sides pushed by the US intelligence.
The BND continued its work with the intent to offer the system to the NSA and to receive in turn technology from the "field of cryptanalysis "that would allow its agents to decipher encrypted communications.
The BND ordered M.S. to write up a concept paper that was completed in just one month was presented on 20 February 2009.
The 16-page document "concept for tracking internet traffic, which has been anonymized with the Tor system ."
"To justify the attack on Tor, M.S. quoted a law enforcement conference in Berlin from this year that took place under the motto 'WWW – the virtual crime scene.' For the chapter on "How the Tor network works," the author kept it simple, he copied the text from Wikipedia and took images from the Tor website." Reported Netzpolitik.
"Precisely how the BND plans to "chop "Tor is unfortunately redacted in the document we obtained. But as before, the spy agency refers to public research. To implement the attack, it is likely that the spies run their own servers in the Tor network. M.S. points to passive snooping servers, which are presumably operated by the NSA, and emphasizes the "protection of the anonymity" of the spy agencies."
The concept paper was a success, a team of GCHQ cyber spies visited the BND headquarters on 11 March 2009 where they had a meeting to discuss the development of SIGINT cooperation, with a specific focus on anonymity services.
The meeting was led by the SIGINT chief Harald Fechner; the British experts were very interested in contributing to the project.
A few days after the meeting Fechner met the NSA and GCHQ in the US, he gave them the results of their analysis and in turn received the technology his unit was interested.
At this point, NSA and GCHQ scientists collaborated to devise a method to monitor users on the Tor network.
One and a half years later, the BND warned German federal agencies not to use Tor; the 'IT operations' unit published a report with the eloquent title "The anonymity service Tor does not guarantee anonymity on the internet." The six-page paper was sent to the chancellery, ministries, secret services, the military and police agencies on 2 September 2010.
According to the executive summary of the report, Tor is "unsuitable" for the following activities:
- obfuscating activities on the internet.
- circumventing censorship measures.
- computer network operations for intelligence services.
The BND assumes "a very high level of surveillance within the network," including the possibility that a persistent attacker can "set up their own so-called exit nodes for monitoring."
According to the BND, only a small portion of Tor users is interesting in preserving anonymity, in most of the cases the anonymizing network is abused to conceal activities.
"Tor is predominantly used to conceal activities, where users are not convinced of the legality of their actions. The number of Tor users who aim at preserving anonymity out of mere privacy considerations is relatively small." states the BND.
According to the BND, spy agencies and law enforcement agencies worldwide "have ways to counter anonymity. One of them is to set up own Tor nodes and monitor those intensively to gather intelligence and evidence",
The German intelligence warned its agencies of the presence of rogue Tor nodes installed by other agencies for surveillance purposes.
"Some agencies have already reported about installing their own Tor nodes and using the logged data for different projects and criminal investigations." continues the BND.
The BND believes that the US intelligence operates many rogue Tor nodes, many of them are located "near Washington, D.C.".
"Users of anonymity software expect a level of disguise, which known and widely used anonymity services do not provide." concluded the BND.
The BND concern was justified, the efforts of the British team is documented in the GCHQ's internal wiki that was published by German magazine Der Spiegel from the Snowden leaks. The British intelligence goal is to de-anonymize Tor users if given some traffic from a Tor exit node, […] find the IP address of the user associated with that traffic."
The British intelligence started working on the project in December 2010; it efforts were focused on "an entry-exit correlation attack."
GCHQ experts worked analyzing traffic entering the Tor network and outgoing from it running its own Tor servers.
"As early as June 2011, they finalized an 18-page study and source code in the statistical programming language R, completed by a presentation with slides."
The intelligence agencies did not target only the Tor infrastructure, at least since 2013 the NSA and GCHQ were able to hack Firefox-based Tor Browser to compromise the user's system under the project code name Egotistical Giraffe.
Figure 1 - Egotistical Giraffe documentation
The BND hackers continued their research on how to hack the Tor networks, but according to the documents obtained by German media outlet, in June 2012 were still facing problems for unmasking users on the popular anonymizing network.
"While visiting Washington in June 2012, a delegation asked the NSA if they could "identify" or "decrypt" Tor. The American answer did not satisfy them. In the assessment of the trip, the Germans write that the visit was "strategically important," but "was more about relationship management."
In October 2013, whistleblower Edward Snowden released a classified NSA document, titled 'Tor Stinks' in which the intelligence agency admitted to being able de-anonymize only a small fraction of Tor users manually.
"We will never be able to de-anonymize all Tor users all the time' but 'with manual analysis, we can de-anonymize a very small fraction of Tor users'"
The document also revealed that NSA was working to degrade the user experience to dissuade people from using the Tor browser.
The NSA strategy relies on the following principles to unhinge Tor anonymity.
Figure 2 - NSA Tor Stinks project
- Infiltrate Tor network running its Tor nodes. Both the NSA and GCHQ run Tor nodes to track traffic back to a specific user, the method is based on the circuit reconstruction from the knowledge of the 'entry, relay and exit' nodes between the user and the destination website.
- Exploiting zero-day vulnerability of Firefox browser bundled with Tor, with this technique NSA was able to get the user's IP address. In this way, the FBI arrested the owner of Freedom Hosting service provider accused of aiding and abetting child pornography.
- NSA also uses web cookies to track Tor user widely; the technique is effective also for Tor Browser. The cookies are used to analyze the user's experience on the Internet, the intelligence agency owned or controlled a series of a website that could read last stored cookies from the browser on the victim's machine. With this technique, the agency collects user's data including the IP address. Of course, expert users can avoid this type of control in numerous ways, for example using a dedicated browser for exclusive Tor navigation, using only the official preconfigured Tor bundle or properly managing the cookies stored on their machine.
Documents leaked by Snowden show that the NSA is using online advertisements, i.e., Google Ads to make their tracking sites popular on the internet.
Fortunately, the Tor community also continues to contribute and improve the project, according to project leader Roger Dingledine spy agencies are still not able to unmask Tor users.
"We as a society need to confront the fact that our spy agencies seem to feel that they don't need to follow laws. And when faced with an attacker who breaks into Internet routers and endpoints like browsers, who takes users, developers, teachers, and researchers aside at airports for light torture, and who uses other ‚classical' measures – no purely technical mechanism is going to defend against this unbounded adversary." concluded Dingledine.
References
http://www.spiegel.de/media/media-35541.pdf
http://securityaffairs.co/wordpress/18397/hacking/tor-anonymity-tor-stinks.html
https://www.eff.org/it/document/2013-10-04-guard-egotistical-giraffe
What should you learn next?
https://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document