CoStricTor: Collaborative HTTP Strict Transport Security in Tor Browser
Authors: Killian Davitt (University College London), Dan Ristea (University College London), Duncan Russell (The Tor Project), Steven J. Murdoch (University College London)
Volume: 2024
Issue: 1
Pages: 343–356
DOI: https://doi.org/10.56553/popets-2024-0020
Abstract: HTTP Strict Transport Security (HSTS) is a widely-deployed security feature in modern web browsing. It is also, however, a potential vector for user tracking and surveillance. Tor Browser, a web browser primarily concerned with online anonymity, disables HSTS as a result of this tracking potential. We present the CoStricTor protocol which crowdsources HSTS data among Tor Browser clients. It gives Tor Browser users increased resistance to man-in-the-middle attacks without exposing them to HSTS tracking. Our protocol adapts other privacy-preserving data aggregation algorithms to share data effectively among users with strong local differential privacy guarantees. The CoStricTor protocol resists denial of service attacks by design through our innovative use of Bloom filters to represent complementary data. Our simulations show our protocol can model up to 150,000 websites, providing 10,000 upgrades to HSTS for users.
Keywords: anonymous communications, differential privacy, web privacy
Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.