There is a proposal for the next generation of hidden services that will address not only this problem, but also other potential issues, Sandvik said. In the meantime, the Tor developers have tools that can detect relays trying to attack users of Tor hidden services, she said.
A change in Tor that will be implemented soon will make it harder for new nodes to become HSDirs by forcing them to obtain a stable flag first, Valsorda and Tankersley said. This will require nodes to be online for a longer period of time before they can become HSDirs so it will make the attack more expensive, but not technically harder to pull off, they said.
While users can't do much to defend themselves against this, the operators of Tor hidden services do have one option. They could use the attack themselves so that their own nodes will become HSDirs for their own hidden services.
This won't prevent others from trying to take over the rendezvous positions, because the attack is essentially a race condition. However, if this happens, it will be very easy to detect that an attack is going on, the researchers explained.
They released the brute-force tool they created for the attack on Github, as well as a separate HSDir analysis tool that can potentially detect such attacks.
Sign up for Computerworld eNewsletters.