Researchers are currently testing a new technique that could help protect the Tor Browser against de-anonymization exploits.
The technique in part responds to many governments’ ongoing efforts to compromise Tor and in the process reveal its users’ true identities.
To do so, many state-sponsored actors–including hackers associated with the FBI–attempt to exploit software vulnerabilities. They also launch “code reuse” attacks, where they exploit a memory leak to reuse code libraries present in the browser.
These types of exploits are generally easier than injecting new malicious code into the browser. To pull off a code reuse exploit, attackers need to know where certain functions reside in an application’s memory. In most cases, browsers only randomize the location of the code libraries but not specific functions, which makes it possible for bad actors to still find what they’re looking for.
But researchers are hoping to change that. In an article (PDF) published in the Proceedings on Privacy Enhancing Technologies journal, a group of researchers reveal they are testing “selfrando,” an advanced randomization technique which could help protect the Tor Browser against de-anonymization exploits:
“Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers. The Tor Project decided to include our solution in the hardened releases of the Tor Browser, which is currently undergoing field testing.”
The technique works by randomizing the memory address at which each individual function runs. If an attacker can’t find an individual piece of code in the Tor Browser, the logic goes, they can’t exploit a memory corruption bug.
Selfrando is still undergoing testing, but things look promising so far. Researchers have observed an insignificant (<1%) dip in performance as a result of their technique, which doesn’t require developers to change their build tools or processes. As the team explains in their paper:
“In most cases, using selfrando is as easy as adding a new compiler and linker flags to your existing build scripts.”
The researchers will present their findings in July at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.
For more information on selfrando, please view the team’s paper here.
News of this technique comes less than one month after the Tor Project announced the first stable release in the 6.0 series of its privacy-focused web browser.