The NSA works with elaborate methods to determine the identity of users of the Tor network that allows anonymous and unobserved web surfing communications. As per article published by The Guardian, a secret presentation shows NSA was able to achieve some success, but the security architecture of Tor (The Onion Router) itself does not overturn.

The secret document in turn comes from PRISM whistleblower Edward Snowden and was recognized by the cryptographer and security expert Bruce Schneier. Tor is a well-designed and robust tool for anonymity, and it is very difficult to attack it successfully. NSA used different goals to crack the Onion network but had to use detours to individual users.

According to the report, In the Firefox attack, NSA agents have been able to gain “full control” of targets’ computers. But in many cases, the NSA has been unsuccessful in its efforts to target Tor users, because the open source project is largely funded by the U.S. Department of Defense, the NSA’s parent agency, and the U.S. Department of State.

In some cases, the NSA has succeeded in blocking access to the anonymous network, diverting Tor users to insecure channels. With a tool called Mjoliner–the name of the hammer used by Thor, the Norse god of thunder–it has been able to monitor and control the paths of communications that are supposed to be chosen randomly as they pass through Tor. Another operation, called Mullenize, can “stain” anonymous traffic as it enters the Tor network, enabling the NSA to identify users as it exits, the document says.

“We will never be able to de-anonymize all Tor users all the time,” according to one NSA document. “With manual analysis we can de-anonymize a very small fraction of Tor users. The NSA has had no success de-anonymizing a user in response to a specific request,” the document said.

Director of National Intelligence James Clapper defends attempts to break Tor anonymity network saying The Onion Router is being used by terrorists and criminals for illegal activities including attacks against the United States and allies.

In a statement in the DNI’s blog, Clapper acknowledged NSA’s “interest in tools used to facilitate anonymous online communication.” However, media coverage of the work fails to point out that “the Intelligence Community’s interest in online anonymity services and other online communication and networking tools is based on the undeniable fact that these are the tools our adversaries use to communicate and coordinate attacks against the United States and our allies.”

Tor still protects the anonymity of users

The documents provided by former NSA consultant Edward Snowden give details on what it called “attacks proof-of-concept” of Tor. One of the techniques used by the agency to search for patterns in the signals entering and exiting the Tor network, and then try to uncover the identity of users. The documents also speak of the secret operation by the NSA computer nodes in the Tor network.

But its results are negligible because the agency has access to a small amount of nodes. The documents also mention the efforts of the NSA and British intelligence agency Government Communications Headquarters (GCHQ) to influence the future development of Tor. The actions taken by the NSA to compromise users passing through the Tor plug-in Firefox, but the NSA documents say that Mozilla has fixed the vulnerability exploited by the agency in the version 17 of Firefox, released in November 2012.

For the director of Tor, Roger Dingledine, the attempt is good news for the project that the NSA has tried to attack the network through a web browser and it means that they are not able to break the architecture of Tor network. Even within the scope of the attacks of the NSA, Tor can still help protect the anonymity.

According to a statistics, metrics on the Tor network is all time high and skyrocketed in the past two months, more than quadrupling since mid-August. The release of the custom-made Pirate Browser also add more users to the network.

But Tor won’t keep users safe in all cases. “Browser exploits, large-scale surveillance, and general user security are all challenging topics for the average Internet user,” Dingledine said. “These attacks make it clear that we, the broader internet community, need to keep working on better security for browsers and other Internet-facing applications.”