--- # System prepended metadata title: 'Onions Got Puzzled: On the Challenges of Mitigating Denial-of-Service Problems in Tor Onion Services' tags: [NT140] --- # Onions Got Puzzled: On the Challenges of Mitigating Denial-of-Service Problems in Tor Onion Services > Nhan_laptop --- >In this blog, I will present the concept of DoS, its impact on Onion Services, and several experimental testbeds for this attack. >Main resources: https://www.usenix.org/conference/usenixsecurity25/presentation/lee ## Motivations and Overview. As we know, in the Tor network, we cannot identify the source IP due to sender anonymity. Therefore, if a denial-of-service (DoS) attack occurs, how can we prevent it? In 2023, given the persistent risks of DoS attacks on Tor onion services and the technical difficulties in applying traditional DoS defenses, the Tor community officially recommended the adoption of client puzzles in August 2023 to mitigate specific types of DoS attacks, including introduction-flooding attacks. However, there are essential vulnerabilities in the current client puzzle solution for Tor onion services. Attacks on the current client puzzle mechanism in the Tor network are cheaper and more efficient than similar attacks on normal networks. What has happened, and why did it occur? This appears to contradict the expected security level of the Tor network. ## **Denial-of-service attack (DoS)** resource: - https://www.cloudflare.com/learning/ddos/glossary/denial-of-service/ - https://en.wikipedia.org/wiki/Denial-of-service_attack ## Concept ![image](https://hackmd.io/_uploads/rJsPBFqhWe.png) A denial-of-service (DoS) attack is a form of cyberattack in which a malicious actor attempts to render a computer system or device unavailable to its intended users by disrupting its normal operation. Such attacks typically operate by overwhelming the target with a high volume of requests, thereby preventing legitimate traffic from being processed and resulting in a denial of service to additional users. A DoS attack is generally characterized by being launched from a single source. ![image](https://hackmd.io/_uploads/Sy0qHFchWe.png) A distributed denial-of-service (DDoS) attack is a variant of DoS in which the attack originates from multiple distributed sources, often coordinated through a botnet. ### Method Some attacks we usually meet. #### **Buffer overflow attacks** ![image](https://hackmd.io/_uploads/SybhBKcnWe.png) A buffer overflow occurs when a program writes more data to a memory buffer than it can hold, spilling over into adjacent memory, causing crashes or allowing code execution. As a [DoS attack](https://www.google.com/search?q=DoS+attack&sca_esv=232604508b79d53c&rlz=1C1GCEA_enVN1203VN1203&sxsrf=ANbL-n5m2dg692b9s_KkKLFWiDeQQevjJg%3A1775728561394&ei=sXfXabLbF7TLqfkPyv__-A4&biw=767&bih=695&ved=2ahUKEwjd9Mu4wOCTAxVFnGMGHeFFPMEQgK4QegQIARAB&uact=5&oq=the+concept+of+Buffer+overflow+attacks+of+DoS&gs_lp=Egxnd3Mtd2l6LXNlcnAiLXRoZSBjb25jZXB0IG9mIEJ1ZmZlciBvdmVyZmxvdyBhdHRhY2tzIG9mIERvUzIFEAAY7wUyBRAAGO8FMggQABiiBBiJBTIFEAAY7wVIpCRQ-xBY8SJwA3gBkAEBmAGIBKABwBOqAQgyLjExLjUtMrgBA8gBAPgBAZgCCqACxgbCAgoQABiwAxjWBBhHmAMAiAYBkAYIkgcDMy43oAeCQrIHAzAuN7gHvQbCBwQwLjEwyAcPgAgA&sclient=gws-wiz-serp), this technique **floods a system with excessive data to consume memory, causing software instability or system failure** #### Flood attacks ![image](https://hackmd.io/_uploads/B1Z6HK5nZx.png) Flood attacks in Denial-of-Service (DoS) are **cyberattacks that overwhelm a target system (server, network, or application) with an excessive volume of traffic, rendering it unavailable to legitimate users**. By saturating bandwidth or consuming system resources, these attacks force services to become slow or completely unresponsive ### **ICMP flood** ![image](https://hackmd.io/_uploads/S1fy8Yc3Zl.png) An ICMP flood, commonly known as a **ping flood**, is a type of Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack in which an attacker attempts to overwhelm a target device with an immense volume of ICMP Echo Request packets (pings). The goal is to exhaust the target’s bandwidth and processing resources, making it unable to respond to legitimate network traffic. Variations and Related Attacks: - **Smurf Attack:** A specific, older type of attack where the attacker sends ICMP packets with a **spoofed** (faked) source IP address (the victim's IP) to a network broadcast address. All devices on that network respond to the victim, magnifying the attack. - **Ping of Death:** Attackers send oversized ICMP packets (>65,535 bytes). When reassembled, this causes a buffer overflow, which can freeze or crash older operating systems ### SYN flood ![image](https://hackmd.io/_uploads/r1xQx8Y5hWx.png) A SYN flood is a type of [Denial-of-Service (DDoS) attack](https://www.google.com/search?q=Denial-of-Service+%28DDoS%29+attack&sca_esv=ac692c75a76bde75&rlz=1C1GCEA_enVN1203VN1203&biw=697&bih=663&sxsrf=ANbL-n6tRJnU4uoIsDCL0oYIr9nLupmROg%3A1775790150662&ei=RmjYaaaGKLW84-EPy9eu6QI&ved=2ahUKEwjd-MrMpuKTAxXqzzgGHYE3LDYQgK4QegQIARAB&uact=5&oq=the+concept+of+SYN+flood+&gs_lp=Egxnd3Mtd2l6LXNlcnAiGXRoZSBjb25jZXB0IG9mIFNZTiBmbG9vZCAyCBAAGIAEGKIEMggQABiABBiiBEjvFFAAWKcTcAB4AZABAJgBjwGgAZACqgEDMC4yuAEDyAEA-AEC-AEBmAICoAKeAsICBxAhGAoYoAGYAwCSBwMwLjKgB68DsgcDMC4yuAeeAsIHAzItMsgHB4AIAQ&sclient=gws-wiz-serp&mstk=AUtExfCxiD8aWR3xxaAfu-_TMzlv-3EVj8S3VjzNoZsc1OWpEu3tYjquylqg6Yh5wsPVDRCUXvlw79C-TB9N78uA2sPpogb71Xir3QZuKBtXLq5xJmvFE6DGWrAdg1XsjfQUIpEFIE0MGXhSS-oo0QoSOsQ9p_cWueT12vJRgsZihfaYzdTohK8ukoqbUZn8Vskv5TUvHSlAmG7IuVHmJumszIlVnvTNuVIYAyQAqt50pSl3tROO6FllhplsrScwSLe22Tazzl2_tWBUvGyN7tKoj5is&csui=3) that exploits the TCP three-way handshake to overwhelm server resources. Attackers send numerous SYN (synchronization) requests, often with spoofed IP addresses, but never send the final ACK (acknowledgment) packet, leaving connections "half-open". This consumes server capacity, preventing legitimate users from connecting ### DoS Mitigation Techniques ![image](https://hackmd.io/_uploads/r11fIF92Zg.png) There are several techniques to prevent ( we cannot clearly protect our services from this attacks) the above attacks, such as: - **Use Cloud-Based Mitigation Centers:** Services like Cloudflare, AWS Shield, or Akamai can absorb large-scale volumetric attacks by filtering traffic through distributed data centers. - **Rate Limiting:** Restrict the number of requests a server accepts over a specific time window, which helps mitigate brute force and API-targeting DoS attempts. - **Web Application Firewall (WAF):** Deploy a WAF to filter malicious HTTP traffic and protect against application-layer attacks (Layer 7). - **Anycast Network Diffusion:** Utilize network providers that use Anycast to spread attack traffic across multiple servers, preventing a single server from becoming overwhelmed. - [**Identify and Filter Traffic](https://www.google.com/search?q=Identify+and+Filter+Traffic&sca_esv=ac692c75a76bde75&rlz=1C1GCEA_enVN1203VN1203&biw=697&bih=663&sxsrf=ANbL-n7KoWOhwdhTxtmeO1nuy0u9QikLTA%3A1775790359294&ei=F2nYaanYEbip4-EPkub7kAs&oq=Ho&gs_lp=Egxnd3Mtd2l6LXNlcnAiAkhvKgIIADIEECMYJzIHECMY8AUYJzIEECMYJzIIEAAYgAQYsQMyCxAAGIAEGLEDGIMBMggQLhiABBixAzIIEAAYgAQYsQMyCBAuGIAEGLEDMggQLhiABBixAzILEAAYgAQYigUYsQNIsxhQAFiVCnAGeAGQAQSYAcMBoAH5CaoBAzEuN7gBA8gBAPgBAZgCCqAC1AXCAgsQABiABBiKBRiRAsICBRAuGIAEwgIFEAAYgATCAhAQABiABBiKBRhDGLEDGIMBwgIKEAAYgAQYigUYQ8ICEBAuGIAEGIoFGEMYsQMYgwHCAg0QABiABBiKBRhDGLEDwgIKEC4YgAQYigUYQ8ICEBAuGIAEGIoFGEMYxwEY0QOYAwCSBwM2LjSgB5lksgcDMC40uAesBcIHBTItOS4xyAc9gAgB&sclient=gws-wiz-serp&mstk=AUtExfBF9HgHMcS2fh8mr7H0ItlGSE1jA8yFLL59-22mRZUcReYTDrU-AXL_O6D9lyyGXmBJALD1C8J1u3FLxlHG-2tnZUBOqE2xX-mWB6VBrPV4WQs_CmzvUn8KEDl53t19EkUGq2aJ3uNjKzTWzI7wKeQ1aOxkTh979jpEucztXLDgvfyxiCG6Ua1qY1z0TUs2I3UvVXzeJj7reu-4w7aXwNgXY2Pzs_kgtHcWLYKrHWo8sADcolaRYHckpfWPVQLSHA3C4hk2MonXKTCxLzYG_Ghk&csui=3&ved=2ahUKEwiz-N7vp-KTAxUI1DgGHQNFPXYQgK4QegQIAxAF):** Use tools to analyze traffic patterns in real-time, identifying abnormal requests or "bad traffic" to block. - [**Reduce the Attack Surface](https://www.google.com/search?q=Reduce+the+Attack+Surface&sca_esv=ac692c75a76bde75&rlz=1C1GCEA_enVN1203VN1203&biw=697&bih=663&sxsrf=ANbL-n7KoWOhwdhTxtmeO1nuy0u9QikLTA%3A1775790359294&ei=F2nYaanYEbip4-EPkub7kAs&oq=Ho&gs_lp=Egxnd3Mtd2l6LXNlcnAiAkhvKgIIADIEECMYJzIHECMY8AUYJzIEECMYJzIIEAAYgAQYsQMyCxAAGIAEGLEDGIMBMggQLhiABBixAzIIEAAYgAQYsQMyCBAuGIAEGLEDMggQLhiABBixAzILEAAYgAQYigUYsQNIsxhQAFiVCnAGeAGQAQSYAcMBoAH5CaoBAzEuN7gBA8gBAPgBAZgCCqAC1AXCAgsQABiABBiKBRiRAsICBRAuGIAEwgIFEAAYgATCAhAQABiABBiKBRhDGLEDGIMBwgIKEAAYgAQYigUYQ8ICEBAuGIAEGIoFGEMYsQMYgwHCAg0QABiABBiKBRhDGLEDwgIKEC4YgAQYigUYQ8ICEBAuGIAEGIoFGEMYxwEY0QOYAwCSBwM2LjSgB5lksgcDMC40uAesBcIHBTItOS4xyAc9gAgB&sclient=gws-wiz-serp&mstk=AUtExfBF9HgHMcS2fh8mr7H0ItlGSE1jA8yFLL59-22mRZUcReYTDrU-AXL_O6D9lyyGXmBJALD1C8J1u3FLxlHG-2tnZUBOqE2xX-mWB6VBrPV4WQs_CmzvUn8KEDl53t19EkUGq2aJ3uNjKzTWzI7wKeQ1aOxkTh979jpEucztXLDgvfyxiCG6Ua1qY1z0TUs2I3UvVXzeJj7reu-4w7aXwNgXY2Pzs_kgtHcWLYKrHWo8sADcolaRYHckpfWPVQLSHA3C4hk2MonXKTCxLzYG_Ghk&csui=3&ved=2ahUKEwiz-N7vp-KTAxUI1DgGHQNFPXYQgK4QegQIAxAH):** Limit exposure by hiding origin servers behind CDNs or load balancers, restricting direct access to critical infrastructure ## Tor Network - Onion Services ### The basic architecture of Tor Network Tor is a distributed overlay network designed to anonymize low-latency TCP-based applications such as web browsing, secure shell, and instant messaging. The network is built of a number of servers, called **relays** (also called “onion routers” or “ORs” in some older documentation). To connect to the network, a client needs to download an up-to-date signed directory of the relays on the network. These directory documents are generated and signed by a set of semi-trusted **directory authority** servers, and are cached by the relays themselves. (If a client does not yet have a directory, it finds a cache by looking at a list of stable cache locations, distributed along with its source code.) When you want to access a regular website (the clear web) through Tor, your data does not travel directly. Instead, it is wrapped in three layers of encryption, like three layers of an onion, and passes through a “circuit” consisting of three randomly selected relay nodes: - **Guard Node (Entry Node):** This is the first relay. It knows your real IP address, but it is blind to the content you are sending and does not know where you want to go, because the data is encrypted. - **Middle Node:** This relay receives data from the Guard Node and forwards it onward. It does not know who you are, does not know your IP address, and also does not know the final destination. It only knows the relay before it and the relay after it. - **Exit Node:** This is the last relay. It removes the final layer of encryption and sends your request to the destination website (for example, facebook.com). The destination website will think that the Exit Node is you, and it will have no knowledge of your real IP address. ![image](https://hackmd.io/_uploads/ryR7Ltq2We.png) In short, the core idea of the Tor network is to distribute trust. No single node in the network has the full picture of both who you are and what you are doing ### Onion Services If the ordinary Tor network helps users remain anonymous when accessing the web, then Onion Services (formerly called Hidden Services) take it one step further: they keep both the user and the service provider anonymous. These are the websites with the `.onion` domain. Unlike regular websites, they are not hosted on any fixed IP address that everyone can see. **The Rendezvous Protocol** — how the client and server find each other: Because neither side knows the other’s IP address, how do they connect? Tor creates a kind of “shady matchmaking” mechanism in six steps. This is the part that our project (OnionFlation) is attacking: ![image](https://hackmd.io/_uploads/rkFwUY92Wl.png) - **Setting up Introduction Points (IPs):** The Onion Service (the server) selects several random nodes on the Tor network to act as its “ambassadors.” The server builds Tor circuits to these nodes and says, “If anyone wants to find me, send a message through here.” - **Publishing the Descriptor:** The server creates a descriptor containing the list of these Introduction Points (and, if it is under attack, a proof-of-work requirement as well!). The server signs it and uploads it to the directory servers. - **Client lookup:** When you enter a `.onion` address in your browser, the Tor client downloads that descriptor to learn which Introduction Points it should contact. - **Creating a Rendezvous Point (RP):** The client randomly selects a node on the Tor network to serve as the “meeting point.” It builds a circuit to that node and gives it a secret value called a rendezvous cookie. - **Sending the Introduction (Introduction Phase — THIS IS WHERE WE ATTACK):** The client builds a circuit to the server’s Introduction Point and sends an Introduce message. This message contains the location of the rendezvous point (RP), the secret cookie, and, importantly, the result of your proof-of-work computation. - **Rendezvous:** The server receives the introduction through the Introduction Point and verifies that the proof of work is valid. If everything checks out, the server builds a circuit to the rendezvous point chosen by the client and presents the secret cookie. The two sides connect successfully and begin exchanging end-to-end encrypted data through this rendezvous point. > To be continued ## References 1. https://spec.torproject.org/intro/index.html