Tor onion services are vulnerable to Denial of Service attacks. These attacks work because attackers need relatively few resources to flood an onion service with introduce cells causing the service to perform expensive operations in order to construct the rendezvous circuits. This eventually exhausts the service's CPU. In this master thesis, we present an extension to the Tor Rendezvous Specification that mitigates the attack. The onion service configures rate limits for introduce cells, so that introduce cells without tokens are discarded by the onion service, if they exceed the rate limits. Legitimate clients can retrieve tokens from the onion service after solving a sufficiently hard challenge. These unlinkable tokens allow the client to connect to the onion service even if the rate limits are exceeded. This approach mitigates the CPU time exhaustion at the service and protects the service's availability for legitimate clients. Cryptographically, the protocol is based on verifiable oblivious pseudo random functions (V-OPRFs) computed over an elliptic curve. Our benchmarks show that the protocol performs efficiently for both token issuance and redemption. Furthermore, the evaluation shows that, depending on which hash function is used, with our defenses an attacker has to send up to 62.4 or 47.8 times more introduce cells to mount a successful Denial of Service attack than without our defenses.
The prototype of the DoS defenses can be found here: https://github.com/gaspar-ilom/tor/tree/dos-defenses-master