The Onion Browser (Tor) has announced the introduction of a Proof-of-Work, a new security mechanism to defend from attackers carrying out Denial of Service attacks. Tor has a span of users spread over the world who adopted their services for hiding their IP addresses and maintaining their privacy.
The Onion services have always prioritized user privacy through IP address obfuscation, making it a prime target for threat actors. Though the Onion Service has a traditional IP-based rate limiting in place, it has been violated by threat actors in multiple scenarios.
With the release of PoW, the Onion Service will prioritize legitimate connections filtered by checking on the stress of the service. The incoming onion service connections are made to perform certain complex operations that vary based on the network stress.
It acts as a ticketing system turned off by default but works based on Onion service network traffic.
How Does this Work?
During the access of an Onion service, the client must solve a small puzzle to prove that the traffic is legitimate and not a flooding attack. If it is a flooding attack, initiated by an attacker, the onion service increases the computational effort the system hardware uses to solve the complex operations.
This also helps differentiate between users and attackers, protecting legitimate and malicious traffic.
As per the report learned by our team, the computational efforts and the complex operations for establishing connectivity are unknown to the users, and they run in the background. In other words, the users are not presented with a CAPTCHA screen to establish the connection.
“The introduction of Tor’s PoW defense not only positions onion services among the few communications protocols with built-in DoS protections but also, when adopted by major sites, promises to reduce the negative impact of targeted attacks on network speeds.” reads the post published by the Tor project.
Users of Onion services are recommended to upgrade to version 0.4.8 for this PoW defense feature