Are Tor Developers Profiting from Users Under the Guise of DDoS Protection?

The anonymous Tor network, designed to protect users from surveillance and censorship, has long been the target of large-scale DDoS (Distributed Denial of Service) attacks. The largest of these began in June of last year and continued through May. While the attack no longer poses a significant threat, DDoS abuse remains a serious issue, reducing the network’s performance and raising concerns about its security.

Tor has used “onion routing” technology to protect user privacy for over 20 years. This technology routes internet traffic through a series of nodes, encrypting it in such a way that it’s difficult for an attacker to determine a user’s real public IP address. This allows Tor clients to reliably hide their identities and protect themselves from tracking. However, the system is not without its flaws.

For a long time, Tor has been the number one target for governments and various adversaries who deliberately try to degrade its performance, pushing more users to seek faster-often less secure-alternatives.

Proof-of-Work: A New Defense Against DDoS

To counter future DDoS attacks, Tor developers are implementing a proof-of-work (PoW) based protection system. Now, clients attempting to access onion sites will need to complete small PoW tests that use their device’s hardware resources. Legitimate users shouldn’t be significantly affected, but attackers will find it much harder to flood the onion network with malicious requests, as they won’t have enough computing power to sustain their attacks.

The new Tor node software now supports the EquiX PoW algorithm, specifically designed to combat malicious actors. By default, it requires minimal computational effort from clients but is effective at preventing DDoS attacks.

According to Pavel Zoneff, Director of Communications at The Tor Project, the structure of onion services makes them vulnerable to DDoS, and simple IP-based restrictions don’t work. While small PoW puzzles don’t require much effort to solve, legitimate users will still be able to access the resources they need, while attackers will face difficulties right at the start of their attack.

The expected minor delay caused by automated puzzle-solving should be unnoticeable for regular users. However, if attacks intensify, the difficulty of the puzzles will increase proportionally. In the worst case, this could feel like a slow connection, but it will fully prevent attackers from impacting the onion network.

Developers note that mobile devices may be more affected by solving PoW puzzles than desktops, mainly due to less powerful processors and faster battery drain. This aspect may receive special attention in the future.

Alternative Solutions and the Future of Anonymous Communication

Meanwhile, the recent emergence of the new P2P technology Veilid offers an alternative approach to anonymous communication. If enough users adopt it, Veilid’s ability to bypass such attacks could become a decisive advantage. It’s too early to draw conclusions, but this is a promising development.

Overall, the Tor developers’ new approach seems like a reasonable step to protect against DDoS, though some performance degradation during peak attack times is likely unavoidable. Users can only hope that these efforts will keep Tor operational without seriously compromising speed and usability.