Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Security Upgrade. Show all posts
Tor Network
Algorithm Cyber Security Security Upgrade Tor Network

Tor Network to Roll Out New Encryption Algorithm in Major Security Upgrade

 

The developers of the Tor network are preparing to replace one of the project’s oldest encryption systems in an effort to defend users against increasingly sophisticated cyberattacks. Tor confirmed that the relay encryption algorithm known as “tor1” will be retired and replaced by a new design called Counter Galois Onion, or CGO. Tor1 has been in use since the early 2000s and encrypts the traffic that travels between the relays that form a user’s circuit inside the Tor network. 

Although the system has been widely relied on for more than two decades, researchers say its design now presents several weaknesses, including exposure to so-called “tagging attacks.” These attacks allow an adversary to alter traffic at one relay and then look for predictable patterns further along the circuit that could help trace a user. The algorithm also reuses the same AES keys throughout a circuit and provides only a small authentication field, which Tor developers say has led to a non-negligible probability of forged data passing undetected. 

CGO has been designed to eliminate these issues. According to Tor, the new protocol adds forward secrecy to messages, prevents tampering, and brings encryption standards in line with modern cryptography. Tor explained in a technical post that the system ensures that if a message is modified, that message and all subsequent messages in the circuit become unreadable. The Tor Project described the upgrade as an effort to “defend users against a broader class of online attackers and form the basis for more encryption work in the future.” 

CGO is already implemented in Arti, Tor’s Rust-based client. A C version is in development to support the current relay infrastructure, since Rust relays are not yet deployed across the network. Developers have not provided a timeline for when CGO will arrive in the Tor Browser, noting that they are still tuning performance for modern processors. They acknowledged that CGO will likely be slower than tor1 initially, though optimizations are ongoing. 

The upgrade represents one of the most significant changes to Tor’s core cryptography in years. While the network is widely associated with the dark web and illicit markets, it is also used by journalists, activists and residents of authoritarian states seeking safe access to information. Tor’s history includes involvement from both government research institutions and privacy advocates, and the project continues to position encryption as a key protection against online surveillance.
Read more »
Subscribe to: Comments (Atom)