Tor 0.4.1.5 Stable Branch Released

The Tor Project has announced the release of Tor 0.4.1.5, the toolkit used to operate the anonymous Tor network. Tor 0.4.1.5 is the first stable release in the 0.4.1 branch, which has been in development for the past four months. The 0.4.1 branch will be supported according to the standard maintenance cycle—updates will end either nine months after release or three months after the 0.4.2.x branch is launched. The long-term support (LTS) branch remains 0.3.5, with updates available until February 1, 2022.

Main New Features

• Experimental Chain-Level Padding: Experimental support for chain-level padding has been implemented to strengthen protection against traffic analysis methods. The client now adds extra padding cells at the start of INTRODUCE and RENDEZVOUS chains, making their traffic resemble regular outgoing traffic. This enhanced protection comes at the cost of adding two extra cells in each direction for RENDEZVOUS chains, as well as one upstream and ten downstream cells for INTRODUCE chains. This feature is enabled by specifying the MiddleNodes option in the settings and can be disabled with the CircuitPadding option.
• Authenticated SENDME Cells: Support for authenticated SENDME cells has been added to protect against a DoS attack that creates parasitic load. This attack occurs when a client requests large files and pauses reading after sending requests but continues to send SENDME control commands, instructing entry nodes to keep transmitting data. Each SENDME cell now includes a traffic hash it acknowledges, allowing the endpoint to verify that the other side has received the traffic sent in previous cells.
• Generalized Publisher-Subscriber Messaging Subsystem: A new subsystem for publisher-subscriber messaging has been introduced, which can be used for internal module communication.
• Unified Command Parsing: A generalized parsing subsystem is now used for processing control commands, replacing the previous approach of parsing each command’s input separately.
• Performance Optimization: Performance improvements have been made to reduce CPU load. Tor now uses a separate fast pseudorandom number generator (PRNG) for each thread, based on AES-CTR encryption mode and buffer constructions similar to those in libottery and the new arc4random() code from OpenBSD. For small outputs, this generator is nearly 100 times faster than the CSPRNG in OpenSSL 1.1.1. Although the new PRNG is considered cryptographically secure by Tor developers, it is currently only used in high-performance areas, such as scheduling padding attachment.
• New Option “–list-modules”: Added the --list-modules option to display a list of enabled modules.
• HSFETCH Command for v3 Hidden Services: The HSFETCH command, previously only available in version 2 of the hidden services protocol, is now implemented for version 3.
• Bug Fixes: Various bugs have been fixed in the Tor bootstrap code and in the implementation of the third version of the hidden services protocol.

For more details, visit the official source.