2 ND GENERATION ONION ROUTER
|
|
- Audrey Douglas
- 5 years ago
- Views:
Transcription
1 2 ND GENERATION ONION ROUTER Roger Dingledine, Nick Mathewson and Paul Syverson Presenter: Alejandro Villanueva
2 Agenda Threat model Cells and circuits Other features Related work How does it work? Rendezvous points & Hidden services Open Questions & Future directions (17) Design goals What is Tor? Advantages Attacks and Defenses 2
3 Threat model: Who are we defending from? A non-global attacker that can observe a fraction of the network s traffic. Can generate, modify, delete or delay traffic. Can operate (Onion) Routers on its own. Can compromise some fraction of the onion routers. Passive attacks To correlate traffic entering and leaving the network (timing, volume, user-selected options). Active attacks Compromise routers, keys; replay traffic, selectively deny service to push users to compromised routers or to see if traffic elsewhere stops, introduce patterns to be later detected. Typical goals Is Alice talking to Bob? Traffic analysis attacks: where the adversary uses traffic patterns to learn which points in the network he should attack. To build a profile of Alice s behavior. To attack directory servers To decrease network reliability. 3
4 In the beginning Chaum said: Let s mix! Let s hide correspondence between sender and recipient by wrapping messages in layers of public-key cryptography, and relay them through a path composed of mixes. Large and variable latencies: Forget about web browsing, chat or SSH High-latency networks Mix-Net Low-latency networks Many packets that have to be delivered quickly, easier to eavesdrop Babel Single-hop proxies Multi-hop proxies Mixmaster Anonymizer Java Anon Proxy PipeNet ISDN Mixes P2P designs Peers generate and relay traffic Mixminion Cascades: Fixed routes Tarzan MorphMix Crowds And Freedom, Cebolla, etc. Hordes Herbivore P^5 4
5 Design goals Low-latency Deployability Used in the real world. Not expensive to run. Light liability burden to operators. Neither difficult nor expensive to implement. Usability A hard-to-use system has fewer users, fewer users provide less anonymity: it s a security requirement. The least configuration decisions posible. Easily implementable on all common platforms. Flexibility Well-specified. A testbed for future research. Simple design Design and security parameters must be well understood. Avoid implementation and complexity costs. Prevent attackers from linking communication partners, or from linking multiple communications to or from a single user. Not looking for peer to peer, secure against end-to-end attacks, protocol normalization, concealing who s connected (steganographic). 5
6 Tor: Anonymity for the masses Onion Router: With long-term and short-term identity keys Onion Proxy: For users Circuit = Entry + Middle + Exit Router Directory Servers: Routers info Cells: Fixed-size communication unit An overlay network: A set of normal user-level processes running without special privileges on every router. Users run a local software called Onion Proxy. Onion Routers communicate via TSL connections with epheremeral keys. Anonymization of TCP streams through multiplexing circuits. Web-browsing, secure shell, mail, and instant messaging 6
7 How does it work? Onion Proxy connects to directory servers to choose an entry node. OP Alice sends an encrypted create cell to OR Bob with an initial handshake. OR Bob answers with a created cell and a hashed key in it. Alice sends relay extend cell to Bob with Carol s address and an encrypted handshake for her. Bob copies the content into a create cell for Carol. Carol answers with a created cell that Bob wraps into a relay extended cell to send it back to Alice. Alice and Carol share a common key now. 7
8 Cells and circuits Control cells: Always interpreted by the receiving node. Padding, create, created, destroy. Relay cells: Carry end-to-end stream data CircID change in every OP/OR OR/OR connection. StreamID because of stream multiplexing. Digest: Checksum for end-to-end integrity Length of relay payload Relay command Relay data, relay begin, relay end, relay teardown, relay connected, relay extend, relay extended, relay truncate, relay truncated, relay sendme, relay drop. Built incrementally based on symmetric keys with each OR. Circuits can be shared by many TCP streams. OPs build a new circuit periodically if the previous ones are used. Old circuits expire with no more open streams. OPs consider rotating to a new circuit once a minute. After a circuit is established relay cells can be sent. 8
9 Alice Bob and Carol 9
10 Other features Streams are opened with a relay begin and relay connected cell pair exchanged between OP and OR Closing a stream can be done Application asks to connect via TCP to a host and port. Application and OP communicate via SOCKS OP uses the newest open circuit. Normally with a relay end cell pair. Abnormally with a relay teardown cell Integrity is checked at the edges thanks to TLS connections The first four bytes of a SHA-1 current digest are sent with every relay cell Contents of all relay cells are added to the digest. A bad hash tears down the circuit. Bandwidth usage is limited with a token bucket approach Only incoming traffic is limited since Tor outputs the same amount of bytes as it takes in. Congestion control is still an issue if an OR/OR connection is used in many circuits A packaging window for connections to the OP and a delivery window for outbound connections. Every datacell decreases the window and every relay sendme cell received increases it. If the window reaches zero, all streams are no longer read. 10
11 Other features Puzzles against DoS Exit policies Directory Servers Computationally expensive to produce to keep clients busy while accepting TLS connections Avoid exit servers to be implicated in abuses. Public perception as a security requirement. ORs could also append information saying this went through an anonymity service. To track changes in topology, node estate, keys and exit policies. Only recognized ORs are added. Redundant and synchronized to agree on a common directory (threshold consensus). 11
12 Rendezvous points Access control Basic component for location-hidden services (aka responder anonymity) Work together with Introduction Points Together they protect a service from distributed DoS attacks. Authorization tokens add selective access for high-priority users. Options: Future schedule of unadvertised IP or secret public keys for the lookup service. Location-hidden services use a virtual TLD called.onion AuthorizationCookie.PublicKeyHash.onion Filter incoming requests to avoid attack by flooding. Robustness Should remain anoymous in the long term, not tied to a single router. Smear-resistance Illegal or disreputable services shouldn t be possible to be created by the attacker Application transparency Applications should not be modified to access location-hidden servers. 12
13 Hidden services Bob chooses and advertises some IP Each IP has its own circuit and waits for requests Alice picks a RP from which to connect to any of Bob s IP Alice sends an encrypted request. If Bob wants to talk to Alice he builds a circuit. 13
14 Advantages (over 1 st Gen Onion Routing) Perfect forward secrecy Separation of protocol cleaning from anonymity. No mixing, padding, or traffic shaping (yet) Many TCP streams can share one circuit Leaky-pipe circuit topology Instead of one onion per circuit, keys are negotiated with each hop (telescoping) A standard proxy interface for all applications (SOCKS) + application level proxies (Privoxy) To costly yet ineffective against realistic adversaries. Less public key operations. Better for anonymity. Can direct traffic in the middle of and off a circuit. Frustrates traffic and volumen shape attacks. Congestion control Directory servers Variable exit policies End-to-end integrity checking Rendezvous points and hidden services Descentralized, end-to-end acks to send less data until the congestion ceases. Trusted node distribute signed state information about known routers. Describe which hosts and ports can an exit node connect. Critical for confortable volunteering. No one in the circuit can change the cells content. No reply onions needed. Forward security achieved. 14
15 Attacks and Defenses Attack Observing user traffic patterns Observing user content Option distinguishability End-to-end time correlation End-to-end size correlation Website fingerprinting Defense Multiple streams Privoxy (filtering services) Avoid minority configurations Hide connection from OP to OR behind a firewall Leaky pipe topology Stream multiplexation Attack Defense Compromise TLS Keys Periodic key rotation Iterated compromise Circuit lifetime Run a recipient Privoxy Run an OP - DoS non-observed nodes Robustness Run a hostile OR Chances (m/n)^2 Introduce timing into messages Firewall Tagging attacks Integrity checks Replace content of unauhenticated authenticated protocols protocols Replay attacks Different negotiated session keys Smear attacks Exit policies and tolerance Signed releases, trusted directory, Distribute hostile don't trust if it doesn't come with code sources 15
16 More attacks! Attack Destroy directory servers Subvert a directory server Subvert a majority of directory servers Encourage directory server dissent Trick the directory servers into listing a hostile OR Convince directories that a malfunctioning OR is working Defense Remaining half consensus, humans Majority vote Independence and attack resistence - - Test ORs Attack Make many introduction requests Attack an introduction point Compromise an introduction point Compromise a Rendezvous point Defense Authorization tokens, require computation Re advertisement, secret advertisement Close the circuit, test rendezvous requests Session key 16
17 Open Questions & Future Directions How often should user rotate to fresh circuits? How should we choose path lengths? Scalability Beyond a hundred servers Better directory distribution Incremental directory updates Further specification review What mechanism should be used to prevent adversaries from signing up colluded servers? How can clients perform discoveries while preventing attackers to exploit the gaps in their knowledge? How do we stop unreliable servers from making the network unusable? Bandwidth clases To avoid bottlenecks Incentives To participate in Tor, to limit abuse, not to use privacy systems Caching at exit nodes Improve anonymity, speed and cost. Cover traffic Is padding worth adding? Multisystem interoperability To work with MorphMix Wider-scale deployment What incentives are needed for clients to run their own OR? 17
Anonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L
Anonymity C S 6 8 2 A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L 2 0 1 9 Tor: The Second- Generation Onion Router R. DINGLEDINE N.
More informationTor: The Second-Generation Onion Router. Roger Dingledine, Nick Mathewson, Paul Syverson
Tor: The Second-Generation Onion Router Roger Dingledine, Nick Mathewson, Paul Syverson Introduction Second Generation of Onion Routing Focus on deployability Perfect forward secrecy Separation of protocol
More informationTHE SECOND GENERATION ONION ROUTER. Roger Dingledine Nick Mathewson Paul Syverson. -Presented by Arindam Paul
THE SECOND GENERATION ONION ROUTER Roger Dingledine Nick Mathewson Paul Syverson 1 -Presented by Arindam Paul Menu Motivation: Why do we need Onion Routing? Introduction : What is TOR? Basic TOR Design
More informationOnion Routing. Varun Pandey Dept. of Computer Science, Virginia Tech. CS 6204, Spring
Onion Routing Varun Pandey Dept. of Computer Science, Virginia Tech 1 What is Onion Routing? a distributed overlay network to anonymize TCP based routing Circuit based (clients choose the circuit) Each
More informationCS526: Information security
Cristina Nita-Rotaru CS526: Information security Anonymity systems. Based on slides by Chi Bun Chan 1: Terminology. Anonymity Anonymity (``without name ) means that a person is not identifiable within
More informationThe Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science
The Tor Network Cryptography 2, Part 2, Lecture 6 Ruben Niederhagen June 16th, 2014 Tor Network Introduction 2/33 Classic goals of cryptography: confidentiality, data integrity, authentication, and non-repudiation.
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More informationAnonymous communications: Crowds and Tor
Anonymous communications: Crowds and Tor Basic concepts What do we want to hide? sender anonymity attacker cannot determine who the sender of a particular message is receiver anonymity attacker cannot
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationTor: The Second-Generation Onion Router
Tor: The Second-Generation Onion Router Roger Dingledine The Free Haven Project arma@freehaven.net Nick Mathewson The Free Haven Project nickm@freehaven.net Paul Syverson Naval Research Lab syverson@itd.nrl.navy.mil
More informationTor: An Anonymizing Overlay Network for TCP
Tor: An Anonymizing Overlay Network for TCP Roger Dingledine The Free Haven Project http://tor.freehaven.net/ http://tor.eff.org/ December 28, 21C3 2004 Talk Outline Motivation: Why anonymous communication?
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationENEE 459-C Computer Security. Security protocols (continued)
ENEE 459-C Computer Security Security protocols (continued) Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p
More informationProtocols for Anonymous Communication
18734: Foundations of Privacy Protocols for Anonymous Communication Anupam Datta CMU Fall 2016 Privacy on Public Networks } Internet is designed as a public network } Machines on your LAN may see your
More informationENEE 459-C Computer Security. Security protocols
ENEE 459-C Computer Security Security protocols Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p and g public.
More informationPutting the P back in VPN: An Overlay Network to Resist Traffic Analysis
Putting the P back in VPN: An Overlay Network to Resist Traffic Analysis Roger Dingledine The Free Haven Project http://freehaven.net/ Black Hat 2004 July 29, 2004 Talk Outline Motivation: Why anonymous
More informationPrivacy defense on the Internet. Csaba Kiraly
Advanced Networking Privacy defense on the Internet Csaba Kiraly 1 Topics Anonymity on the Internet Chaum Mix Mix network & Onion Routing Low-latency anonymous routing 2 Anonymity: Chaum mix David L. Chaum
More informationAnonymity Analysis of TOR in Omnet++
Anonymity Analysis of TOR in Omnet++ Carmelo Badalamenti Mini Workshop on Security Framework 2006, Catania, December 12, 2006 "Security in Mobility" Badalamenti TOR & Omnet++
More informationUntraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. EJ Jung
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms EJ Jung Goals 1. Hide what you wrote encryption of any kind symmetric/asymmetric/stream 2. Hide to whom you sent and when pseudonym?
More informationHow Alice and Bob meet if they don t like onions
How Alice and Bob meet if they don t like onions Survey of Network Anonymisation Techniques Erik Sy 34th Chaos Communication Congress, Leipzig Agenda 1. Introduction to Anonymity Networks Anonymity Strategies
More informationComputer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 15. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 April 24, 2017 CS 419 2017 Paul Krzyzanowski 1 Private Browsing Browsers offer a "private" browsing modes
More informationPrivate Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a "private" browsing modes
Private Browsing Computer Security 16. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 Browsers offer a "private" browsing modes Apple Private Browsing, Mozilla Private Browsing,
More informationCS Paul Krzyzanowski
Computer Security 17. Tor & Anonymous Connectivity Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2018 1 2 Anonymity on the Internet Often considered bad Only criminals need to hide
More informationOnion services. Philipp Winter Nov 30, 2015
Onion services Philipp Winter pwinter@cs.princeton.edu Nov 30, 2015 Quick introduction to Tor An overview of Tor Tor is a low-latency anonymity network Based on Syverson's onion routing......which is based
More informationAnonymous Communication: DC-nets, Crowds, Onion Routing. Simone Fischer-Hübner PETs PhD course Spring 2012
Anonymous Communication: DC-nets, Crowds, Onion Routing Simone Fischer-Hübner PETs PhD course Spring 2012 DC (Dining Cryptographers) nets [Chaum 1988 ] Chaum, CACM 28(10), October 1985 Who paid for the
More informationAnalysing Onion Routing Bachelor-Thesis
Analysing Onion Routing Bachelor-Thesis Steffen Michels June 22, 2009 Abstract Although methods for reaching security goals such as secrecy, integrity and authentication are widely used in the Internet,
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010
Network Security: Anonymity Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationCS6740: Network security
Cristina Nita-Rotaru CS6740: Network security Anonymity. Sources 1. Crowds: http://avirubin.com/crowds.pdf 2. Chaum mix: http://www.ovmj.org/gnunet/papers/p84-chaum.pdf 3. Tor: https://svn.torproject.org/svn/projects/design-paper/tor-design.pdf
More informationIntroduction. Overview of Tor. How Tor works. Drawback of Tor s directory server Potential solution. What is Tor? Why use Tor?
Introduction 1 Overview of Tor What is Tor? Why use Tor? How Tor works Encryption, Circuit Building, Directory Server Drawback of Tor s directory server Potential solution Using DNS Security Extension
More informationPractical Anonymity for the Masses with MorphMix
Practical Anonymity for the Masses with MorphMix Marc Rennhard, Bernhard Plattner () Financial Cryptography 2004 12 th February 2004 http://www.tik.ee.ethz.ch/~morphmix Overview Circuit-based mix networks
More informationCE Advanced Network Security Anonymity II
CE 817 - Advanced Network Security Anonymity II Lecture 19 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially obtained
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012
Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2012 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationCS 134 Winter Privacy and Anonymity
CS 134 Winter 2016 Privacy and Anonymity 1 Privacy Privacy and Society Basic individual right & desire Relevant to corporations & government agencies Recently increased awareness However, general public
More informationWhat's the buzz about HORNET?
1 What's the buzz about HORNET? 2 You've probably all seen the news "Internet-scale anonymity" "Without sacrificing security, the network supports data transfer speeds of up to 93GBps" "can be scaled at
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, autumn 2015
Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, autumn 2015 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationcommunication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.
Introduction to anonymous communication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.Leuven) 1 a few words on the scope of the
More informationAnonymity With Tor. The Onion Router. July 21, Technische Universität München
The Onion Router Nathan S. Evans Christian Grothoff Technische Universität München July 21, 2011 Overview What is Tor? Motivation Background Material How Tor Works Hidden Services Attacks Specific Attack
More informationanonymous routing and mix nets (Tor) Yongdae Kim
anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1 q Why? Anonymous web browsing 1. Discuss health issues or financial matters anonymously
More informationAnonymity With Tor. The Onion Router. July 5, It s a series of tubes. Ted Stevens. Technische Universität München
Anonymity With Tor The Onion Router Nathan S. Evans Christian Grothoff Technische Universität München July 5, 2012 It s a series of tubes. Ted Stevens Overview What is Tor? Motivation Background Material
More informationTor Hidden Services. Roger Dingledine Free Haven Project Electronic Frontier Foundation.
Tor Hidden Services Roger Dingledine Free Haven Project Electronic Frontier Foundation http://tor.eff.org/ 31 July 2005 Talk Outline Tor overview Circuit-building in Tor Hidden services in Tor Demo Anonymity
More informationThe New Cell-Counting-Based Against Anonymous Proxy
The New Cell-Counting-Based Against Anonymous Proxy Yadarthugalla Raju M.Tech Student, Department of CSE, Dr.K.V.S.R.I.T, Kurnool. K. Pavan Kumar Assistant Professor, Department of IT, Dr.K.V.S.R.I.T,
More informationPort-Scanning Resistance in Tor Anonymity Network. Presented By: Shane Pope Dec 04, 2009
Port-Scanning Resistance in Tor Anonymity Network Presented By: Shane Pope (Shane.M.Pope@gmail.com) Dec 04, 2009 In partial fulfillment of the requirements for graduation with the Dean's Scholars Honors
More informationIntroduction to Traffic Analysis. George Danezis University of Cambridge, Computer Laboratory
Introduction to Traffic Analysis George Danezis University of Cambridge, Computer Laboratory Outline Introduction to anonymous communications Macro-level Traffic Analysis Micro-level Traffic Analysis P2P
More informationCSE 484 / CSE M 584: Computer Security and Privacy. Anonymity Mobile. Autumn Tadayoshi (Yoshi) Kohno
CSE 484 / CSE M 584: Computer Security and Privacy Anonymity Mobile Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,
More informationTor. Tor Anonymity Network. Tor Basics. Tor Basics. Free software that helps people surf on the Web anonymously and dodge censorship.
Tor Tor Anonymity Network Free software that helps people surf on the Web anonymously and dodge censorship. CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk Initially developed at the U.S.
More informationA New Replay Attack Against Anonymous Communication Networks
1 A New Replay Attack Against Anonymous Communication Networks Ryan Pries, Wei Yu, Xinwen Fu and Wei Zhao Abstract Tor is a real-world, circuit-based low-latency anonymous communication network, supporting
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationPerformance Evaluation of Tor Hidden Services
University of Bamberg Distributed and Mobile Systems Group Paper on the Seminar Tor Research Topic: Performance Evaluation of Tor Hidden Services Presented by: Christian Wilms Supervisor: Karsten Loesing
More informationAchieving Privacy in Mesh Networks
Achieving Privacy in Mesh Networks Xiaoxin Wu Intel China Research Center Ltd Beijing, China xiaoxin.wu@intel.com Ninghui Li Department of Computer Science Purdue University West Lafayette, IN 47907-2086,
More informationChallenges in building overlay networks: a case study of Tor. Steven Murdoch Principal Research Fellow University College London
Challenges in building overlay networks: a case study of Steven Murdoch Principal Research Fellow University College London Who uses? Ordinary people e.g. to avoid unscrupulous marketers, protect children,
More informationANONYMOUS CONNECTIONS AND ONION ROUTING
I J C I T A E Serials Publications 6(1) 2012 : 31-37 ANONYMOUS CONNECTIONS AND ONION ROUTING NILESH MADHUKAR PATIL 1 AND CHELPA LINGAM 2 1 Lecturer, I. T. Dept., Rajiv Gandhi Institute of Technology, Mumbai
More informationCryptanalysis of a fair anonymity for the tor network
Cryptanalysis of a fair anonymity for the tor network Amadou Moctar Kane KSecurity, BP 47136, Dakar, Senegal amadou1@gmailcom April 16, 2015 Abstract The aim of this paper is to present an attack upon
More informationThinking Different. Assumptions about Operating Environments
Thinking Different Protocol Design 1 Assumptions about Operating Environments We always make assumptions about operating environments These obviously do not hold everywhere Wireless communications Node
More informationLocating Hidden Servers
Locating Hidden Servers Lasse Øverlier Norwegian Defence Research Establishment and Gjøvik University College lasse.overlier@{ffi,hig}.no Paul Syverson Naval Research Laboratory syverson@itd.nrl.navy.mil
More informationComputer Networks. Wenzhong Li. Nanjing University
Computer Networks Wenzhong Li Nanjing University 1 Chapter 7. Network Security Network Attacks Cryptographic Technologies Message Integrity and Authentication Key Distribution Firewalls Transport Layer
More informationPeer-to-Peer Systems and Security
Peer-to-Peer Systems and Security Anonymity Christian Grothoff Technische Universität München May 16, 2013 The problem with losing your anonymity is that you can never go back. Marla Maples Motivation
More informationLINKING TOR CIRCUITS
LINKING TOR CIRCUITS MSc Information Security, 2014 University College London Otto Huhta Supervisor: Dr George Danezis This report is submitted as part requirement for the MSc in Information Security at
More informationAnonymity. Christian Grothoff.
Anonymity christian@grothoff.org http://grothoff.org/christian/ You look at this and you say this is insane. It s insane. And if it is only Hollywood that has to deal with this, OK, that s fine. Let them
More informationP 5 : A Protocol for Scalable Anonymous Communications
P 5 : A Protocol for Scalable Anonymous Communications 1 P 5 : A Protocol for Scalable Anonymous Communications Rob Sherwood, Bobby Bhattacharjee, Aravind Srinivasan University of Maryland, College Park
More informationChaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonym, Communications of the ACM, 24:2, Feb. 1981
Anonymizing Networks Chaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonym, Communications of the ACM, 24:2, Feb. 1981 Reed, Syverson, Goldschlag, Anonymous Connections and Onion
More informationIPSec. Slides by Vitaly Shmatikov UT Austin. slide 1
IPSec Slides by Vitaly Shmatikov UT Austin slide 1 TCP/IP Example slide 2 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service
More informationHerbivore: An Anonymous Information Sharing System
Herbivore: An Anonymous Information Sharing System Emin Gün Sirer August 25, 2006 Need Anonymity Online Current networking protocols expose the identity of communication endpoints Anyone with access to
More informationDesign Principles for Low Latency Anonymous Network Systems Secure against Timing Attacks
Design Principles for Low Latency Anonymous Network Systems Secure against Timing Attacks Rungrat Wiangsripanawan, Willy Susilo and Rei Safavi-Naini Center for Information Security School of Information
More informationA Peel of Onion. Paul Syverson U.S. Naval Research Laboratory.
A Peel of Onion Paul Syverson U.S. Naval Research Laboratory paul.syverson@nrl.navy.mil http://www.syverson.org Our motivation here is not to provide anonymous communication, but to separate identification
More informationCore: A Peer-To-Peer Based Connectionless Onion Router
Core: A Peer-To-Peer Based Connectionless Onion Router Olaf Landsiedel, Alexis Pimenidis, Klaus Wehrle Department for Computer Science RWTH Aachen, Germany firstname.lastname@cs.rwth-aachen.de Heiko Niedermayer,
More informationAnonymous Internet Access for the Masses with MorphMix
Anonymous Internet Access for the Masses with MorphMix Marc Rennhard Swiss Federal Institute of Technology, Computer Engineering and Networks Laboratory; Zurich, Switzerland rennhard@tik.ee.ethz.ch Technical
More informationDesign and Analysis of Efficient Anonymous Communication Protocols
Design and Analysis of Efficient Anonymous Communication Protocols Thesis Defense Aaron Johnson Department of Computer Science Yale University 7/1/2009 1 Acknowledgements Joan Feigenbaum Paul Syverson
More informationMixminion: Design of a Type III Anonymous R er Protocol
Mixminion: Design of a Type III Anonymous Remailer Protocol George Danezis University of Cambridge george.danezis@cl.cam.ac.uk Roger Dingledine and Nick Mathewson The Free Haven Project farma,nickmg@freehaven.net
More informationAnonymity Tor Overview
Anonymity Tor Overview Andrew Lewman andrew@torproject.org April 21, 2011 Andrew Lewman andrew@torproject.org () Anonymity Tor Overview April 21, 2011 1 / 1 What are we talking about? Crash course on anonymous
More informationThinking Different. Assumptions about Operating Environments. We always make assumptions about operating environments
Thinking Different Protocol Design 2009 Jörg Ott & Carsten Bormann 1 Assumptions about Operating Environments We always make assumptions about operating environments These obviously do not hold everywhere
More informationCircuit Fingerprinting Attack: Passive Deanonymization of Tor Hidden Services
Circuit Fingerprinting Attack: Passive Deanonymization of Tor Hidden Services Albert Kwon 1 Mashael Saad Al-Sabah 123 David Lazar 1 Marc Dacier 2 Srinivas Devadas 1 1 CSAIL/MIT 2 Qatar Computing Research
More informationBBC Tor Overview. Andrew Lewman March 7, Andrew Lewman () BBC Tor Overview March 7, / 1
BBC Tor Overview Andrew Lewman andrew@torproject.org March 7, 2011 Andrew Lewman andrew@torproject.org () BBC Tor Overview March 7, 2011 1 / 1 What are we talking about? Crash course on anonymous communications
More informationAnalysis on End-to-End Node Selection Probability in Tor Network
Analysis on End-to-End Node Selection Probability in Tor Network Saurav Dahal 1, Junghee Lee 2, Jungmin Kang 2 and Seokjoo Shin 1 1 Department of Computer Engineering, Chosun University, Gwangju, South
More informationA CODING ENABLED ANONYMITY NETWORK
A CODING ENABLED ANONYMITY NETWORK AIKRIHNA GUMUDAVALLY Bachelor of Technology (B.Tech) Electronics and Communication Engineering(E.C.E) Jawaharlal Nehru Technological University,India May, 2007 submitted
More informationInternet Privacy. Markus Klein, Joshua Juen University of Illinois Fall 2011
Internet Privacy Markus Klein, Joshua Juen University of Illinois Fall 2011 I have nothing to hide!...they accept the premise that privacy is about hiding a wrong. It's not." Rather, privacy is most ohen
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More information2 Application Support via Proxies Onion Routing can be used with applications that are proxy-aware, as well as several non-proxy-aware applications, w
Onion Routing for Anonymous and Private Internet Connections David Goldschlag Michael Reed y Paul Syverson y January 28, 1999 1 Introduction Preserving privacy means not only hiding the content of messages,
More informationAnonymous Communications
Anonymous Communications Andrew Lewman andrew@torproject.org December 05, 2012 Andrew Lewman andrew@torproject.org () Anonymous Communications December 05, 2012 1 / 45 Who is this guy? 501(c)(3) non-profit
More informationComputer Networks 57 (2013) Contents lists available at SciVerse ScienceDirect. Computer Networks
Computer Networks 57 (213) 869 886 Contents lists available at SciVerse ScienceDirect Computer Networks journal homepage: www.elsevier.com/locate/comnet Protocol-level attacks against Tor Zhen Ling a,1,
More informationAnonymous Connections and Onion Routing
Anonymous Connections and Onion Routing David Goldschlag, Michael Reed, and Paul Syverson Center for High Assurance Computer Systems Naval Research Laboratory Washington, D.C. 1 Who is Talking to Whom?
More informationThe Loopix Anonymity System
The Loopix Anonymity System Ania M. Piotrowska 1 Jamie Hayes 1 Tariq Elahi 2 Sebastian Meiser 1 George Danezis 1 1 University College London, UK 2 KU Leuven 1 / 19 Mixnets Background A set of cryptographic
More informationOnlineAnonymity. OpenSource OpenNetwork. Communityof researchers, developers,usersand relayoperators. U.S.501(c)(3)nonpro%torganization
The Tor Project Our mission is to be the global resource for technology, advocacy, research and education in the ongoing pursuit of freedom of speech, privacy rights online, and censorship circumvention.
More informationCNT Computer and Network Security: Privacy/Anonymity
CNT 5410 - Computer and Network Security: Privacy/Anonymity Professor Kevin Butler Fall 2015 When Confidentiality is Insufficient 2 Privacy!= Confidentiality Confidentiality refers to the property of the
More informationAnonymity. With material from: Dave Levin and Michelle Mazurek
http://www.sogosurvey.com/static/sogo_resp_images/tat_resp_images/designimg/guaranteed-anonymous-survey.png Anonymity With material from: Dave Levin and Michelle Mazurek What is anonymity? Dining cryptographers
More informationIssues. Separation of. Distributed system security. Security services. Security policies. Security mechanism
Module 9 - Security Issues Separation of Security policies Precise definition of which entities in the system can take what actions Security mechanism Means of enforcing that policy Distributed system
More informationMetrics for Security and Performance in Low-Latency Anonymity Systems
Metrics for Security and Performance in Low-Latency Anonymity Systems Tor user Entry node Tor Network Middle node Exit node Bandwidth per node (kb/s) (log scale) 1e+01 1e+03 1e+05 Encrypted tunnel Web
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationA Survey on Routing in Anonymous Communication Protocols
A Survey on Routing in Anonymous Communication Protocols Fatemeh Shirazi KU Leuven ESAT/COSIC and iminds Milivoj Simeonovski CISPA, Saarland University Saarland Informatics Campus Muhammad Rizwan Asghar
More informationOnion Routing. 1) Introduction. 2) Operations. by Harikrishnan S (M.Tech CSE) Ramji Nagariya (M.S CSE), Sai Sambhu J (M.Tech CSE).
Onion Routing by Harikrishnan S (M.Tech CSE) Ramji Nagariya (M.S CSE), Sai Sambhu J (M.Tech CSE). 1) Introduction Onion routing is an infrastructure for private communication over a public network. Traffic
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 25 April 18, 2012 CPSC 467b, Lecture 25 1/44 Anonymous Communication DISSENT- Accountable Anonymous
More informationContext. Protocols for anonymity. Routing information can reveal who you are! Routing information can reveal who you are!
Context Protocols for anonymity The nternet is a public network: Myrto Arapinis School of nformatics University of Edinburgh Routing information is public: P packet headers contain source and destination
More informationA Report on Modified Onion Routing and its Proof of Concept
A Report on Modified Onion Routing and its Proof of Concept Introduction: This document briefly describes the architecture, code layout, operation principles and testing covered in the implementation of
More informationELEC5616 COMPUTER & NETWORK SECURITY
ELEC5616 COMPUTER & NETWORK SECURITY Lecture 17: Network Protocols I IP The Internet Protocol (IP) is a stateless protocol that is used to send packets from one machine to another using 32- bit addresses
More informationVPN Overview. VPN Types
VPN Types A virtual private network (VPN) connection establishes a secure tunnel between endpoints over a public network such as the Internet. This chapter applies to Site-to-site VPNs on Firepower Threat
More informationAnonymity and Privacy
Computer Security Spring 2008 Anonymity and Privacy Aggelos Kiayias University of Connecticut Anonymity in networks Anonymous Credentials Anonymous Payments Anonymous E-mail and Routing E-voting Group,
More informationCRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION
#RSAC SESSION ID: CRYP-W04 CRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION Adam Shull Recent Ph.D. Graduate Indiana University Access revocation on the cloud #RSAC sk sk Enc Pub Sym pk k
More informationSecure Telephony Enabled Middle-box (STEM)
Report on Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen 04/14/2003 Dr. Mark Stamp - SJSU - CS 265 - Spring 2003 Table of Content 1. Introduction 1 2. IP Telephony Overview.. 1 2.1 Major Components
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 24 April 16, 2012 CPSC 467b, Lecture 24 1/33 Kerberos Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management
More informationReal-time protocol. Chapter 16: Real-Time Communication Security
Chapter 16: Real-Time Communication Security Mohammad Almalag Dept. of Computer Science Old Dominion University Spring 2013 1 Real-time protocol Parties negotiate interactively (Mutual) Authentication
More information