Onion Routing. Varun Pandey Dept. of Computer Science, Virginia Tech. CS 6204, Spring

Similar documents
Tor: The Second-Generation Onion Router. Roger Dingledine, Nick Mathewson, Paul Syverson

Anonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L

A SIMPLE INTRODUCTION TO TOR

2 ND GENERATION ONION ROUTER

Anonymity. Assumption: If we know IP address, we know identity

THE SECOND GENERATION ONION ROUTER. Roger Dingledine Nick Mathewson Paul Syverson. -Presented by Arindam Paul

The Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science

Anonymous communications: Crowds and Tor

Anonymous Communication: DC-nets, Crowds, Onion Routing. Simone Fischer-Hübner PETs PhD course Spring 2012

0x1A Great Papers in Computer Security

CS526: Information security

Analysing Onion Routing Bachelor-Thesis

Onion Routing. 1) Introduction. 2) Operations. by Harikrishnan S (M.Tech CSE) Ramji Nagariya (M.S CSE), Sai Sambhu J (M.Tech CSE).

Tor: An Anonymizing Overlay Network for TCP

Onion Routing. Submitted By, Harikrishnan S Ramji Nagariya Sai Sambhu J

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. EJ Jung

Protocols for Anonymous Communication

Anonymity Analysis of TOR in Omnet++

ENEE 459-C Computer Security. Security protocols

Tor: The Second-Generation Onion Router

ENEE 459-C Computer Security. Security protocols (continued)

CE Advanced Network Security Anonymity II

Introduction. Overview of Tor. How Tor works. Drawback of Tor s directory server Potential solution. What is Tor? Why use Tor?

Onion services. Philipp Winter Nov 30, 2015

Putting the P back in VPN: An Overlay Network to Resist Traffic Analysis

ANONYMOUS CONNECTIONS AND ONION ROUTING

What's the buzz about HORNET?

Computer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017

Private Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a "private" browsing modes

Privacy defense on the Internet. Csaba Kiraly

Anonymous Connections and Onion Routing

A Report on Modified Onion Routing and its Proof of Concept

CS Paul Krzyzanowski

CS6740: Network security

anonymous routing and mix nets (Tor) Yongdae Kim

Anonymity With Tor. The Onion Router. July 21, Technische Universität München

Tor Hidden Services. Roger Dingledine Free Haven Project Electronic Frontier Foundation.

CS 134 Winter Privacy and Anonymity

The New Cell-Counting-Based Against Anonymous Proxy

Anonymity With Tor. The Onion Router. July 5, It s a series of tubes. Ted Stevens. Technische Universität München

Anonymity and Privacy

Tor. Tor Anonymity Network. Tor Basics. Tor Basics. Free software that helps people surf on the Web anonymously and dodge censorship.

communication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

How Alice and Bob meet if they don t like onions

Performance Evaluation of Tor Hidden Services

CSE 484 / CSE M 584: Computer Security and Privacy. Anonymity Mobile. Autumn Tadayoshi (Yoshi) Kohno

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012

Anonymity in P2P Systems

Tor: Online anonymity, privacy, and security.

Dissecting Tor Bridges A Security Evaluation of their Private and Public Infrastructures

Pluggable Transports Roadmap

Context. Protocols for anonymity. Routing information can reveal who you are! Routing information can reveal who you are!

Design Principles for Low Latency Anonymous Network Systems Secure against Timing Attacks

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

TorScan: Tracing Long-lived Connections and Differential Scanning Attacks

Analysis on End-to-End Node Selection Probability in Tor Network

Core: A Peer-To-Peer Based Connectionless Onion Router

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

A New Replay Attack Against Anonymous Communication Networks

Computer Networks. Wenzhong Li. Nanjing University

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, autumn 2015

Port-Scanning Resistance in Tor Anonymity Network. Presented By: Shane Pope Dec 04, 2009

Anonymity. With material from: Dave Levin and Michelle Mazurek

CS164 Final Exam Winter 2013

Challenges in Mobile Ad Hoc Network

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Computer Networks 57 (2013) Contents lists available at SciVerse ScienceDirect. Computer Networks

Strongly Anonymous Communications in Mobile Ad Hoc Networks

Chaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonym, Communications of the ACM, 24:2, Feb. 1981

Definition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party

Anonymity Tor Overview

SIP and VoIP What is SIP? What s a Control Channel? History of Signaling Channels

Cryptanalysis of a fair anonymity for the tor network

BBC Tor Overview. Andrew Lewman March 7, Andrew Lewman () BBC Tor Overview March 7, / 1

Real-time protocol. Chapter 16: Real-Time Communication Security

key distribution requirements for public key algorithms asymmetric (or public) key algorithms

Tutorial 2 : Networking

Anonymous Communications

TOP SECRET//COMINT// (U//FOUO) Tor

P 5 : A Protocol for Scalable Anonymous Communications

Mobile IP Overview. Based on IP so any media that can support IP can also support Mobile IP

A CODING ENABLED ANONYMITY NETWORK

A Peel of Onion. Paul Syverson U.S. Naval Research Laboratory.

Challenges in building overlay networks: a case study of Tor. Steven Murdoch Principal Research Fellow University College London

ANET: An Anonymous Networking Protocol

CS 494/594 Computer and Network Security

Thinking Different. Assumptions about Operating Environments

Impact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks


Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization

Attacking Tor with covert channel based on cell counting

Privacy SPRING 2018: GANG WANG

Analyzing the Dual-Path Peer-to-Peer Anonymous Approach

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Host Website from Home Anonymously

MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz II

LINKING TOR CIRCUITS

Achieving Privacy in Mesh Networks

Exercises with solutions, Set 3

Transcription:

Onion Routing Varun Pandey Dept. of Computer Science, Virginia Tech 1

What is Onion Routing? a distributed overlay network to anonymize TCP based routing Circuit based (clients choose the circuit) Each node in the path called ONION router (OR) OR knows only its predecessor or successor but no other node of the circuit Traffic flows in fixed-size cells A cell has many layers Each layer peeled off by a symmetric key at each node Dingledon et. al. s paper on TOR: The second generation onion router provides improvements over the previous designs of onion routing 2

First: the design of original Onion Routing implementation as proposed by Goldschlag et. al. in their paper on Hiding Routing Information. aim was to limit vulnerability by traffic analysis Provide anonymous socket connection by proxy servers Only the initiator knew all the nodes. No other node, including the responder need to know about the any other node except the predecessor and successor. 3

What is Traffic Analysis? Analyze traffic patterns instead of data to deduce who is communicating with whom. In most networks even if data is encrypted, routing information is sent in the clear for router to know the destination of the packet. The goal of OR is to prevent giving away identities by traffic analysis on a public network For e.g. a researcher who used the WWW to collect data from a variety of resources. Although each piece of information that he receives is publicly known, it may be possible for an outside observer to determine his sensitive interests by studying the patterns in his requests. OR makes it very difficult to match his HTTP requests to his site. (from Hiding Routing Information by Goldschlag et.al. ). OR provide bi-directional communication, without requiring that the responder know the initiator s identity or location. Individual messages are not logged. Messages can included a Reply Onion that permit a later reply to the sender without knowing his address and without keeping the virtual circuit open. 4

So the key is the ONION. How to set up the circuit using ONIONS? How to use the circuits set up? How to destroy the circuits? Vulnerabilities? 5

Routing Topology From Hiding Routing Information by Goldschlag et. al. 1996 6

ONION: payload with layers over layers of encrypted routing information around it. Guides the construction of VC. When an Onion is received each node knows who just sent him him Onion, whom to pass on the onion, but Knows nothing about the other nodes Nor about how many nodes there are in the chain Nor about what is his place in the link (unless he is the last) 7

A Forward Onion A Forward Onion Node PK x receives: {exp_time, next_hop, F f, K f, F b, K b, payload} PKx From Hiding Routing Information by Goldschlag et. al. 1996 8

Note: for the responder proxy the next_hop field is NULL. For any intermediate node, the payload is another onion. The exp_time is used to detect replays. At each node the ONION shrinks because of peeling off of a layer. This can reveal route info because of diminishing size. To prevent that, random bits = size of the peeled off layer is appended at the end. Need to make all onions of the same size to prevent traffic analysis and to hide the length of the chain from the responder s proxy --- for that the initiator s proxy will pad the central payload according to the size of the onion i.e. the no. of hops. 9

Creating the circuit [ circuit_identifier, command, data (Onions) ] (in link encrypted connection) command -> create data destroy (forwarded in both directions) 10

A Virtual Circuit From Hiding Routing Information by Goldschlag et. al. 1996 11

Loose Routing Onion for a loose routing {exp_time, next_hop, max_loosecount, F f, K f, F b, K b, payload} PKX 12

Reply Onions primary difference with Forward Onions payload of the forward onion can be effectively empty the reply onion payload has enough info to enable the initiator s proxy to reach the initiator and all the Function key pairs of the circuit 13

Reply Onion From Hiding Routing Information by Goldschlag et. al. 1996 14

Improvements over the original Onion Routing as sighted by the paper on TOR by Dingledine et. al. Perfect forward secrecy Seperation of protocol cleaning from anonymity Many TCP streams can share one circuit Leaky pipe circuit methodology Congestion Control Directory servers Variable exit policies End-to-end integrity checking Rendezvous points and hidden services 15

Cells in TOR Cells are Controls cells or Relay cells. Control cells CMDs are: padding, create, destroy Relay cells CMDs are: relay data, relay begin, relay teardown, relay connected, relay extend, relay truncate, relay sendme, relay drop NOTE: Each CircID now can have multiple StreamID 16

Building a two-hop circuit From TOR: The Second-Generation Onion Router by Dingledine et. al. 17

Rendezvous points are used to build location-hidden services. Goals in building Rendezvous points: Access control Robustness Smear-resistance Application transparency 18

Rendezvous in TOR Steps: Bon generates a long-term key pair to identify his service Chooses some introduction points, advertises them (signing them with his public key) on the lookup service Builds a circuit to each of his introduction points Alice learns about Bob s service out of band Alice chooses an OR as her rendezvous point (RP) for her connection to Bob s service, builds a circuit to it, gives it a randomly choosen rendezvous cookie to recognize Bob. Alice opens an anonymous stream to one of Bob s introduction point, and gives it a message (encrypted with Bob s public key) telling it about herself and random cookie, her RP and the start of a DH handshake. The introduction point sends a message to BOB Bob builds a circuit to Alice s RP and sends the rendezvous cookie, the second half of the DH handshake, and a hash of the session key they now share. The RP connects Alice s circuit to Bob s. Note that RP can t recognize Alice, Bob, or the data they transmit. Alice sends a relay begin cell along the circuit. It arrives at Bob s OP, which connects to Bob s webserver. An anonymous stream has been established. 19

Attacks and Defenses in TOR Passive attacks Observing user traffic patterns Observing user content Option distinguishability End-to-end timing correlation End-to-end size correlation Website fingerprinting 20

Active Attacks Compromise keys Iterated compromise Run a recipient Run an onion proxy DoS non-observed nodes Run a hostile OR Introduce timing into messages Tagging attacks Replace contents of unauthenticated protocols Replay attacks Smear attacks Distribute hostile code 21

Attacks against rendezvous points Make many introduction requests Attack an introduction point Compromise an introduction point Compromise a rendezvous point 22

Thanks for your attention. 23

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback