Anonymität? Ünüberwachbare Kommunikation! A B
Verschlüsselung schützt nur Inhalte, nicht die Metadaten! ● Wer mit wem? ● Wann? ● Was?
1-hop proxy (VPN, SSH Tunnel etc) Alice1 Bob1 “Y” Alice2 ” Z “ Bob2 Relay “X” Bob3 Alice3
Problem Vertrauenswürdigkeit und einfache Überwachbarkeit Alice1 Bob1 “Y” Evil Relay? Alice2 ” Z “ Bob2 Coerced Relay? Monitored Relay? “X” Bob3 Alice3
Tor
Tor Bob Alice R1 R3 R5 R4 R2
Tor Bob Alice R1 R3 R5 R4 R2
Tor Bob Alice R1 R3 R5 R4 R2
Tor Bob Alice R1 R3 Bob2 R5 R4 R2
Problem: (sufficiently) global passive adversaries Bob Alice R1 R3 R5 R4 R2
● “Not secure against end-to-end attacks: Tor does not claim to completely solve end-to-end timing or intersection attacks.“ (Tor Design Paper, 2004) ● A global passive adversary is the most commonly assumed threat when analyzing theoretical anonymity designs. But like all practical low- latency systems, Tor does not protect against such a strong adversary. “ (ebd.)
“The results show that Tor faces even greater risks from traffic correlation than previous studies suggested. An adversary that provides no more bandwidth than some volunteers do today can deanonymize any given user within three months of regular Tor use with over 50% probability and within six months with over 80% probability.” (Users get routed: Traffic Correlation on Tor by Realistic Adversaries, 2013)
Alternative: Broadcast-Architektur Alice1 Bob1 E(Bob2, “Z”) Alice2 Bob2 E(Bob2, “Z”) Bob3 E(Bob2, “Z”) Alice3 Beispiel Bitmessage
Alternative: Mixnets Bob Alice R1 R3 (R5) (R4) R2
Tor: Verbindungsaufbau Bob Alice R1 R3 (R5) (R4) R2
Tor: Verbindungsaufbau Bob Alice R1 R3 (R5) (R4) R2
Tor: Verbindungsaufbau Bob Alice R1 R3 (R5) (R4) R2
Tor: Verbindungsaufbau Bob Alice R1 R3 (R5) (R4) R2
Mixnets: nachrichtenbasiert statt paketbasiert ! Bob Alice R1 R3 (R5) (R4) R2
Bob Alice R1 R3 (R5) (R4) R2
Bob Alice R1 R3 (R5) (R4) R2
Bob Alice R1 R3 (R5) (R4) R2
Bob Alice R1 R3 (R5) (R4) R2
Bob Alice R1 R3 (R5) (R4) R2
Bob Alice R1 R3 (R5) (R4) R2
Bob Alice R1 R3 (R5) (R4) R2
Mix-Strategien ● Pool/Batching Mix – sammle x Nachrichten (“threshold mix”) – warte x Minuten (“timed mix”) (Mixmaster: timed + threshold: nur wenn x Nachrichten eingangen sind wird Queue nach Timeout geleert/versendet) ● Stop & Go Mixes: Delay der einzelnen Hops vom Nutzer vorgegeben
● 1 9 7 8 L i mi t a t i o n s o f E n d - t o - E n d E n c r y p t i o n i n S e c u r e C o mp u t e r N e t w o r k s ( K a r g e r ) ● 1 9 8 1 U n t r a c e a b l e e l e c t r o n i c ma i l , r e t u r n a d d r e s s e s a n d d i g i t a l p s e u d o n y ms ( D a v i d C h a u m) ● 1 9 8 5 N e t w o r k s Wi t h o u t U s e r O b s e r v a b i l i t y – D e s i g n O p t i o n s ( P f i t z ma n n ) ● 1 9 9 1 I S D N - M i x e s ( P f i t z ma n n ) ● [ 1 9 9 5 “ I n i t i a l w o r k o n O n i o n R o u t i n g b e g i n s ” ] ● 1 9 9 8 R e a l - T i me M I X e s ( P f i t z ma n n ) h t t p : / / f r e e h a v e n . n e t / a n o n b i b
● 1 9 9 2 a n o n . p e n e t . f i ( T y p 0 R e ma i l e r ) ( 5 0 0 , 0 0 0 N u t z e r , 8 0 0 0 N a c h r i c h t e n / T a g , ~ $ 1 0 0 0 / M o n a t ) 1 → → 1 9 9 5 : C h u r c h o f S c i e n t o l o g y , L o s A n g e l e s F B I F i n n l a n d ● 1 9 9 2 C y p h e r p u n k s - R e ma i l e r ( T y p 1 R e ma i l e r ) → → E i n f a c h e r R e ma i l e r , k e i n M i x i n g ( t i mi n g a n a l y s i s ) , k e i n P a d d i n g ( t r a f f i c a n a l y s i s ) ● 1 9 9 4 M i x ma s t e r ( T y p 2 ) ● 1 9 9 5 a n o n y mi z e r , c 2 . n e t n y ms e r v e r ● 2 0 0 2 M i x mi n i o n ( T y p 3 ) ● [ 2 0 0 4 T o r D e s i g n P a p e r ] 1 h t t p : / / f r e e h a v e n . n e t / a n o n b i b / c a c h e / r e ma i l e r - h i s t o r y . h t ml
Probleme Mixnets ● Historisch: – Keine Zustellungsgarantie – Lange Nachrichtenlaufzeiten (Tage!) – Komplizierte UIs, fehlende Integration – Spam-/Abuse-Problematik ● Loopix Anonymity System (März 2017) – Stop & Go – aktive Angriffe erkennen durch “loops” – “message latency in the order of seconds”
Katzenpost ● “echtes” Open Source Projekt – Spezifikation auf Github – Implementierung in Go – [ Integration in K9 Mail ] – Finanzierung durch EU! https://katzenpost.mixnetworks.org/
Recommend
More recommend