18 July 2016
Cloudflare reCAPTCHA De-anonymizes Tor Users
Cloudflare's insistence on solving reCAPTCHA puzzles when visitors are coming
from Tor exit nodes to one of the 2 million web sites that Cloudflare 'protects'
can be very instrumental for traffic analysis and de-anonymizing of Tor users.
This is how:
The only non-public prerequisite for the de-anonymizing entity is the ability
to monitor traffic between ISPs and Tor entry nodes, and traffic entering
Cloudflare servers (no decryption required in either case). There are, of
course, no 2 million Cloudflare servers, probably there is no more than few
Each click on one of the images in the puzzle generates a total of about
50 packets between Tor user's computer and the Cloudflare's server (about
half are requests and half are real-time responses from the server.) All
this happens in less than a second, so eventual jitter introduced in onion
mixing is immaterial. The packet group has predictable sizes and patterns,
so all the adversary has to do is note the easily detectable signature of
the "image click" event, and correlate it with the same on the Cloudflare
side. Again, no decryption required.
There likely are many simultaneous users (thousands), but they do not solve
puzzles at the same time, and they do not click on the puzzle image at the
same time. Simple math shows that disambiguating is trivial. If there is
some ambiguity left, Cloudflare can conveniently serve few more images to
specific users (or even random users, as long as within the same few seconds
different users get different amount of 'correct' images.)
This obvious opportunity is not the proof, but NSA would have to be utterly
incompetent not to be exploiting it. No one is that incompetent.