Tor (The Onion Router) has officially introduced a Proof-of-Work (PoW) mechanism to defend from attackers doing Denial of Service attacks. Users worldwide have widely adopted Tor for hiding their IP addresses and maintaining their privacy.
The Onion services have always prioritized user privacy through IP address obfuscation, making it a prime target for threat actors. Though the Onion service has a traditional IP-based rate limiting in place, it has been violated by threat actors in multiple scenarios.
With the release of PoW, the Onion service will prioritize legitimate connections filtered by checking on the stress of the service. The incoming onion service connections are made to perform certain complex operations that vary based on the network stress.
It acts as a ticketing system turned off by default but works based on Onion service network traffic.
How Does this Work?
During the access of an onion service, the client must solve a small puzzle to prove that the traffic is legitimate and not a flooding attack. If it is a flooding attack initiated by an attacker, the onion service increases the computational effort the system hardware uses to solve the complex operations.
A normal user trying to access the Onion service will have to spend a minimum of 5 ms to 30 ms to establish a connection, whereas a threat actor who tries to flood the service will have to spend time close to or more than 1 minute to establish the connection.
This also helps differentiate between users and attackers, protecting legitimate and malicious traffic.
As per the report learned by Cyber Security News, the computational efforts and the complex operations for establishing connectivity are unknown to the users, and they run in the background. In other words, the users are not presented with a CAPTCHA screen to establish the connection.
“The introduction of Tor’s PoW defense not only positions onion services among the few communication protocols with built-in DoS protections but also, when adopted by major sites, promises to reduce the negative impact of targeted attacks on network speeds.” reads the post published by the Tor project.
Users of Onion services are recommended to upgrade to version 0.4.8 for this PoW defense feature.