Online services that desire to operate anonymously routinely host themselves as 'Hidden Services' in the Tor network. However, these services are frequently threatened by deanonymization attacks, whereby their IP address and location may be inferred by the authorities. We present VaulTor, a novel architecture for the Tor network to ensure an extra layer of security for the Hidden Services against deanonymization attacks. In this new architecture, a volunteer (vault) is incentivized to host the web application content on behalf of the Hidden Service. The vault runs the hosted application in a Trusted Execution Environment (TEE) and becomes the point of contact for interested clients. This setup can substantially reduce the uptime requirement of the original Hidden Service provider and hence significantly decrease the chance of deanonymization attacks against them. We also show that the VaulTor architecture does not cause any noticeable performance degradation in accessing the hosted content (the performance degradation ranges from 2.6-5.5%).

翻译：致力于匿名运行的在线服务通常以“隐藏服务”的形式托管于Tor网络中。然而，这些服务时常面临去匿名化攻击的威胁，其IP地址与物理位置可能被监管机构推断。本文提出VaulTor——一种Tor网络的新型架构，旨在为隐藏服务提供抵御去匿名化攻击的额外安全层。该架构通过激励机制促使志愿者（存储节点）代表隐藏服务托管网络应用内容。存储节点在可信执行环境中运行托管应用，并成为客户端访问的接入点。此设计能大幅降低原始隐藏服务提供商的在线时长要求，从而显著减少其遭受去匿名化攻击的风险。实验表明，VaulTor架构在访问托管内容时不会造成显著性能损耗（性能下降幅度仅为2.6%-5.5%）。