Tor Network to Roll Out New Encryption Algorithm in Major Security Upgrade

The developers of the Tor network are preparing to replace one of the project’s oldest encryption systems in an effort to defend users against increasingly sophisticated cyberattacks. Tor confirmed that the relay encryption algorithm known as “tor1” will be retired and replaced by a new design called Counter Galois Onion, or CGO.
Tor1 has been in use since the early 2000s and encrypts the traffic that travels between the relays that form a user’s circuit inside the Tor network. 

Although the system has been widely relied on for more than two decades, researchers say its design now presents several weaknesses, including exposure to so-called “tagging attacks.” These attacks allow an adversary to alter traffic at one relay and then look for predictable patterns further along the circuit that could help trace a user.
The algorithm also reuses the same AES keys throughout a circuit and provides only a small authentication field, which Tor developers say has led to a non-negligible probability of forged data passing undetected. 

CGO has been designed to eliminate these issues. According to Tor, the new protocol adds forward secrecy to messages, prevents tampering, and brings encryption standards in line with modern cryptography. Tor explained in a technical post that the system ensures that if a message is modified, that message and all subsequent messages in the circuit become unreadable. The Tor Project described the upgrade as an effort to “defend users against a broader class of online attackers and form the basis for more en

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.