selfrando hardens the Tor browser
Paper published at PETS 2016
CYSEC researchers Tommaso Frassetto, Christopher Liebchen and Ahmad-Reza Sadeghi have collaborated with Immunant, Inc., University of California Irvine, and the Tor Project to integrate new software security research into the hardened version of the Tor Browser. Their defense, called „selfrando“, strengthens the Tor Browser against attempts to hack and de-anonymize Tor users.
Tor users, such as activists, journalists, and whistleblowers, use the Tor Browser to preserve their anonymity online. Obviously the Tor Browser is an enticing target for hackers, including nation-states, attempting to de-anonymize and track Tor users. In the hardened Tor Browser series, the Tor Project is testing new defenses to proactively protect Tor users from attacks on their browser.
The most powerful attacks against browsers such as the Tor Browser aim to remotely exploit a victim using state-of-the-art techniques known as “code reuse”. Essentially, an attacker pieces together bits of the target program into malware that controls the victim’s computer meaning that the attacker does not need to inject code to the victim’s machine at first place. Selfrando defends modern software against this class of exploits by randomizing the internals of the software. Without knowing these randomized details, an attacker has a much harder time constructing a reliable (code-reuse) attack.
Selfrando significantly increases security without sacrificing performance or compatibility. It does not require changes to software build tools or processes and adds less than 1% performance overhead. In practice, selfrando is completely unnoticeable to users while significantly increasing security.
The researchers behind selfrando will present their project in July at the Privacy Enhancing Technologies Symposium (PETS) during the Security & Privacy Week in Darmstadt, Germany.