How vulnerable is the Tor Network to BGP Hijacking Attacks?

more than 90% of BGP prefixes hosting Tor relays have
prefix length shorter than /24, making them vulnerable to
more-specific prefix attacks

How resilient are the BGP prefixes containing Tor relays and what properties do we consider?

Figure 1: NIST RPKI Monitor (https://rpki-monitor.antd.nist.gov)
Figure 2: RIPE NCC’s RPKI Stats shows that the number of distinct ASNs deploying ROAs is steadily growing (in the RIPE region) (https://certification-stats.ripe.net/)

Results

Figure 3
Figure 4
Figure 5: What fraction of Tor capacity has which RPKI state?
Figure 6: 77% of the Tor network capacity has a valid route object in RIPE IRR and is in the RIPE managed IP space.
Figure 7
Figure 8

Who are the biggest RPKI ROA adopters on the Tor network?

+------------------------------+------+--------+
| as_name | CWfr | relays |
+------------------------------+------+--------+
| Hetzner Online GmbH | 7.02 | 284 |
| Online S.a.s. | 5.16 | 113 |
| myLoc managed IT AG | 2.02 | 41 |
| netcup GmbH | 1.73 | 50 |
| NForce Entertainment B.V. | 1.50 | 25 |
| Voxility S.R.L. | 1.06 | 14 |
| SOFTplus Entwicklungen GmbH | 0.81 | 15 |
| ISPpro Internet KG | 0.62 | 21 |
| I.C.S. Trabia-Network S.R.L. | 0.61 | 45 |
| SWITCH | 0.48 | 9 |
| Telenor Norge AS | 0.39 | 28 |
| Joshua Peter McQuistan | 0.37 | 5 |
| 1&1 Internet SE | 0.34 | 8 |
| Brass Horn Communications | 0.33 | 6 |
| True B.V. | 0.30 | 1 |
| Deutsche Telekom AG | 0.29 | 152 |
+------------------------------+------+--------+

Who are the biggest Tor related network operators not adopting ROAs (completely)?

+------------------------+-------+--------+
| as_name | CWfr | relays |
+------------------------+-------+--------+
| OVH SAS | 13.04 | 530 |
| Online S.a.s. | 8.42 | 231 |
| Joshua Peter McQuistan | 2.83 | 27 |
| Hetzner Online GmbH | 2.67 | 72 |
| DigitalOcean, LLC | 1.80 | 274 |
| FranTech Solutions | 1.41 | 35 |
+------------------------+-------+--------+

Recommendations for Tor Relay Operators

“Virtual” Route Origin Validation in the Tor Context

The unsolved problem: AS Path Verification

Key Take Aways

Future Work: BGP Monitoring for Tor Prefixes

Acknowledgements

Appendix

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store