hiding amongst the clouds
play

Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing - PowerPoint PPT Presentation

Mar 02, 2023 •22 likes •822 views

Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing Nicholas Jones Matvey Arye Jacopo Cesareo Michael J. Freedman Princeton University https://www.torproject.org/about/overview.html We and but... and C loud-based O nion

  1. Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing Nicholas Jones Matvey Arye Jacopo Cesareo Michael J. Freedman Princeton University

  2. https://www.torproject.org/about/overview.html

  3. We

  4. and

  6. but...

  9. and

  11. C loud-based O nion R outing

  12. Benefits, Risks, and Challenges - Potential benefits of cloud infrastructure - High performance - Adaptability to censorship - Economic challenges - New security problems

  13. Benefits of Cloud Infrastructure Performance (latency, throughput) Censorship Resistance

  14. Performance - Individual nodes are higher bandwidth - Ability to add and remove nodes to meet demand 5:00 P .M.

  15. Performance - Individual nodes are higher bandwidth - Ability to add and remove nodes to meet demand 7:00 P .M.

  16. Performance - Individual nodes are higher bandwidth - Ability to add and remove nodes to meet demand 8:00 P .M.

  17. Performance - Individual nodes are higher bandwidth - Ability to add and remove nodes to meet demand 11:00 P .M.

  18. Performance - Individual nodes are higher bandwidth - Ability to add and remove nodes to meet demand 12:00 A.M.

  19. Performance - Individual nodes are higher bandwidth - Ability to add and remove nodes to meet demand 2:00 A.M.

  20. COR has higher throughput than Tor

  21. COR has higher throughput than Tor

  22. COR has higher throughput than Tor US & International

  23. COR has higher throughput than Tor US & International US Only

  24. COR has higher throughput than Tor US & International US Only 7.6x speedup

  25. Multi-homed Datacenters are Harder to Monitor

  26. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home

  27. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home

  28. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home Datacenter

  29. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home 10-100 Gbps Sprint Datacenter

  30. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home 10-100 Gbps Sprint Datacenter Level 3

  31. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home 10-100 Gbps Sprint Datacenter Level 3 AT&T

  32. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home 10-100 Gbps Sprint Datacenter Level 3 AT&T

  33. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home 10-100 Gbps Sprint Datacenter Level 3 AT&T

  34. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home 10-100 Gbps Sprint Datacenter Level 3 AT&T

  35. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home 10-100 Gbps Sprint Datacenter Level 3 AT&T

  36. Multi-homed Datacenters are Harder to Monitor 1-10 Mbps Home 10-100 Gbps Sprint Datacenter Level 3 AT&T

  37. Blocking Clouds Causes Collateral Damage

  38. Blocking Clouds Causes Collateral Damage X

  39. Blocking Clouds Causes Collateral Damage X X

  40. Blocking Clouds Causes Collateral Damage X X X

  41. Blocking Clouds Causes Collateral Damage X X X X

  42. Blocking Clouds Causes Collateral Damage

  43. Blocking Clouds Causes Collateral Damage

  44. Blocking Clouds Causes Collateral Damage

  45. Blocking Clouds Causes Collateral Damage

  46. Blocking Clouds Causes Collateral Damage

  47. Benefits of Clouds - Higher performance - Elasticity to scale to demand - Multi-homing and scale makes eavesdropping difficult - Elasticity forces censors to make hard choices: collateral damage or unblocked access

  48. Economics Cloud pricing is affordable for end users

  49. Cost of running COR in the cloud - Cloud providers charge for CPU and bandwidth

  50. Cost of running COR in the cloud - Cloud providers charge for CPU and bandwidth - CPU is cheap

  51. Cost of running COR in the cloud - Cloud providers charge for CPU and bandwidth - CPU is cheap - 100+ users on a 34 ¢/hr node

  52. Cost of running COR in the cloud - Cloud providers charge for CPU and bandwidth - CPU is cheap - 100+ users on a 34 ¢/hr node

  53. Cost of running COR in the cloud - Cloud providers charge for CPU and bandwidth - CPU is cheap - 100+ users on a 34 ¢/hr node - Bandwidth is dominant cost

  54. Cost of running COR in the cloud - Cloud providers charge for CPU and bandwidth - CPU is cheap - 100+ users on a 34 ¢/hr node - Bandwidth is dominant cost - 100MB as low as 1 ¢ Amazon EC2 Pricing

  55. Tor’s Total Bandwidth Cost in the Cloud Approximately 900 MB/s 376 TB/month COR Cost: $61,200/month

  56. Security Challenges and Solutions Involved Parties and Trust Model Building Tunnels Paying for Tunnels Learning About Relays

  57. Distributing Trust - Tor - Tunnels between volunteer relays - COR - Tunnels between clouds from different providers

  58. Is that sufficient? - Should users pay cloud providers directly? - Not anonymous: Credit cards and Paypal leak info

  59. Is that sufficient? - Should users pay cloud providers directly? - Not anonymous: Credit cards and Paypal leak info - Another layer of indirection: Anonymity Service Providers - Operate relays and pay cloud providers - Mask users’ identities - Accept anonymous payment for access

  60. System Roles - Cloud Hosting Providers (CHPs) - Provide infrastructure for COR relays - Anonymity Service Providers (ASPs) - Run relays and directory servers - Sell tokens - Redeemable for XX MB of connectivity or XX amount of time

  61. System Architecture Example ASP 2 ASP 1 CHP A DESTINATION SERVER REQUEST TRAFFIC ENCRYPTED IP 2.2.2.2 IP 1.1.1.1 USER CHP B Organizations used above are examples only

  62. System Architecture Example ASP 2 ASP 1 CHP A DESTINATION SERVER REQUEST TRAFFIC ENCRYPTED IP 2.2.2.2 IP 1.1.1.1 USER CHP B Cloud Hosting Providers Organizations used above are examples only

  63. System Architecture Example ASP 2 ASP 1 CHP A DESTINATION SERVER REQUEST TRAFFIC ENCRYPTED IP 2.2.2.2 IP 1.1.1.1 USER CHP B Organizations used above are examples only

  64. System Architecture Example ASP 2 ASP 1 CHP A DESTINATION SERVER REQUEST TRAFFIC ENCRYPTED IP 2.2.2.2 IP 1.1.1.1 USER CHP B Anonymity Service Providers Organizations used above are examples only

  65. System Architecture Example ASP 2 ASP 1 CHP A DESTINATION SERVER REQUEST TRAFFIC ENCRYPTED IP 2.2.2.2 IP 1.1.1.1 USER CHP B Organizations used above are examples only

  66. Circuit Construction Must be Policy Aware

  67. Circuit Construction Must be Policy Aware - Two relays within each datacenter

  68. Circuit Construction Must be Policy Aware - Two relays within each datacenter - Different entry and exit ASPs

  69. Circuit Construction Must be Policy Aware - Two relays within each datacenter - Different entry and exit ASPs - Different entry and exit CHPs

  70. Circuit Construction Must be Policy Aware - Two relays within each datacenter - Different entry and exit ASPs - Different entry and exit CHPs - ASP and CHP relays are contiguous within a circuit

  71. Paying for Access - Users purchase tokens - Redeem tokens for access (bandwidth or time) - Chaum’s e-cash: - Cryptographically untraceable

  72. How do users gain access? - Users need two things: - Tokens - COR Directory

  73. How do users gain access? - Users need two things: - Tokens - COR Directory - Solution: Bootstrapping Network - Low speed - High Latency - Free

  74. Adversaries enumerate and block ingress - Current technologies - Tor Bridges - Two separate problems: - COR Relays - High speed, low latency, not free - Bootstrapping - Low speed, high latency, free

  75. Summary Tor COR

  76. Summary Tor COR Secure

  77. Summary Tor COR Secure High Speed

  78. Summary Tor COR Secure High Speed Dynamic Scaling

  79. Summary Tor COR Secure High Speed Dynamic Scaling Adaptive to censorship

  80. Summary Tor COR Secure High Speed Dynamic Scaling Adaptive to censorship Free

Recommend

When you look up into the sky, you will often see clouds. No two clouds are the same, and there

When you look up into the sky, you will often see clouds. No two clouds are the same, and there

When you look up into the sky, you will often see clouds. No two clouds are the same, and there are many different types of clouds. Different kinds of clouds lead to different types of weather. Cirrus clouds are the highest group of clouds that

271 views • 5 slides
Information hiding Information hiding Notice how a user of a service being provided by an

Information hiding Information hiding Notice how a user of a service being provided by an

Information hiding Information hiding Notice how a user of a service being provided by an object, need only know the name of the messages that the object will accept. They need not have any idea how the actions performed in response to

474 views • 34 slides
Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and

Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and

Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and Mists: 1 st Cloud Defined by access Familiar as the internet Result of a nexus: PC, backbone, ISPs Web Opened vast doors to creativity Clouds and

593 views • 24 slides
Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM

Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM

Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Theme: Basically a continuation of climate talks

453 views • 19 slides
RESOURCE MANAGEMENT RESOURCE MANAGEMENT STRATEGIES FOR SDR CLOUDS STRATEGIES FOR SDR CLOUDS Vuk

RESOURCE MANAGEMENT RESOURCE MANAGEMENT STRATEGIES FOR SDR CLOUDS STRATEGIES FOR SDR CLOUDS Vuk

Department of Signal Theory and Communications UNIVERSITAT POLITCNICA DE CATALUNYA RESOURCE MANAGEMENT RESOURCE MANAGEMENT STRATEGIES FOR SDR CLOUDS STRATEGIES FOR SDR CLOUDS Vuk Marojevic Ismael Gomez Pere Gilabert Gabriel Montoro

399 views • 27 slides
POKING HOLES IN INFORMATION HIDING Angelos Oikonomopoulos Elias Athanasopoulos Herbert Bos

POKING HOLES IN INFORMATION HIDING Angelos Oikonomopoulos Elias Athanasopoulos Herbert Bos

POKING HOLES IN INFORMATION HIDING Angelos Oikonomopoulos Elias Athanasopoulos Herbert Bos Cristiano Giuffrida Vrije Universiteit Amsterdam Teaser Break ideal information hiding in seconds Few probes, typically no crashes

854 views • 33 slides
David Lorge Parnas When the first papers on information Hiding were published (1970-72) ,

David Lorge Parnas When the first papers on information Hiding were published (1970-72) ,

Middle Road Software, Inc. How Precise Documentation allows Information Hiding to Reduce Software Complexity and Increase its Agility" David Lorge Parnas When the first papers on information Hiding were published (1970-72) , reaction

845 views • 47 slides
Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman

Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman

Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman Kansal Alireza Ghaffarkhah Presented by Joshua Davis Motivation and Background Cloud computing Off load processing and storage Charged per

549 views • 28 slides
e n o t s y e K OpenStack in the context of Fog/Edge Massively Distributed Clouds

e n o t s y e K OpenStack in the context of Fog/Edge Massively Distributed Clouds

e n o t s y e K OpenStack in the context of Fog/Edge Massively Distributed Clouds Fog/Edge/Massively Distributed Clouds (FEMDC) SIG Beyond the clouds - The Discovery initiative 1 Who are We? Marie Delavergne Adrien Lebre

563 views • 42 slides
Forensic Data Hiding Optimized for JPEG 2000 Dieter Bardyn, Johann A. Briffa, Ann Dooms and Peter

Forensic Data Hiding Optimized for JPEG 2000 Dieter Bardyn, Johann A. Briffa, Ann Dooms and Peter

Forensic Data Hiding Optimized for JPEG 2000 Dieter Bardyn, Johann A. Briffa, Ann Dooms and Peter Schelkens May 18, 2011 Overview Image adaptive data hiding Overview Image adaptive data hiding Overview Image adaptive data hiding

778 views • 60 slides
Using Clouds to address Grid Limitations Giacomo Mc Evoy 1 Bruno Schulze 1 1 National Laboratory

Using Clouds to address Grid Limitations Giacomo Mc Evoy 1 Bruno Schulze 1 1 National Laboratory

Introduction Theoretical approach to Clouds Application of Clouds Summary Thanks Using Clouds to address Grid Limitations Giacomo Mc Evoy 1 Bruno Schulze 1 1 National Laboratory for Scientific Computing (LNCC) 6th International Workshop on

320 views • 19 slides
4. Droplet Growth in Warm Clouds In warm clouds, droplets can grow by condensation in a

4. Droplet Growth in Warm Clouds In warm clouds, droplets can grow by condensation in a

4. Droplet Growth in Warm Clouds In warm clouds, droplets can grow by condensation in a supersaturated environment and by colliding and coalescing with other cloud droplets. 4. Droplet Growth in Warm Clouds In warm clouds, droplets can grow by

1.17k views • 94 slides
Representation of convection and clouds in the IFS ......20 years and still the same? Peter

Representation of convection and clouds in the IFS ......20 years and still the same? Peter

Representation of convection and clouds in the IFS ......20 years and still the same? Peter Bechtold with contributions from Richard Forbes and Maike Ahlgrimm IITM Introspect 2017 workshop: IFS clouds and convection Slide 1 Challenge 1:

436 views • 28 slides
Breathing in the Clouds: Thin Air or Bad Atmosphere? G. Vossen: Breathing in the Clouds 1

Breathing in the Clouds: Thin Air or Bad Atmosphere? G. Vossen: Breathing in the Clouds 1

Gottfried Vossen University of Mnster, Germany & University of Waikato, New Zealand Breathing in the Clouds: Thin Air or Bad Atmosphere? G. Vossen: Breathing in the Clouds 1 Breathing in the Clouds: Thin Air or Bad Atmosphere? G.

1.11k views • 63 slides
of Multi-Clouds Dana Petcu West University of Timisoara & Institute e-Austria Timisoara 1

of Multi-Clouds Dana Petcu West University of Timisoara & Institute e-Austria Timisoara 1

The challenges of Multi-Clouds Dana Petcu West University of Timisoara & Institute e-Austria Timisoara 1 12/19/2013 Agenda more concrete Generalities Backgound Clouds and their future? Why Multiple Clouds? Taxonomy

959 views • 60 slides
Clouds in the ECMWF GCM Clouds in the ECMWF GCM George Aumann JPL Larrabee Strow, Scott Hannon

Clouds in the ECMWF GCM Clouds in the ECMWF GCM George Aumann JPL Larrabee Strow, Scott Hannon

Clouds in the ECMWF GCM Clouds in the ECMWF GCM George Aumann JPL Larrabee Strow, Scott Hannon and Sergio DeSouza-Machado UMBC 6 May 2009 H. H. Aumann Outline Why are we doing this simulation How is it being done What we learned Some

414 views • 37 slides
Containers, VMs, and Clouds: Containers & Clouds & VMs: OH My Oh My! Mike Coleman,

Containers, VMs, and Clouds: Containers & Clouds & VMs: OH My Oh My! Mike Coleman,

Containers, VMs, and Clouds: Containers & Clouds & VMs: OH My Oh My! Mike Coleman, Technology Evangelist Docker @mikegcoleman Who Am I? Technology evangelist at Docker Former: Puppet, VMware, MSFT, Intel, and HP First

390 views • 25 slides
2 Microstructures of Warm Clouds Clouds that lie completely below the 0 C isotherm, referred to

2 Microstructures of Warm Clouds Clouds that lie completely below the 0 C isotherm, referred to

2 Microstructures of Warm Clouds Clouds that lie completely below the 0 C isotherm, referred to as warm clouds , contain only water droplets. 2 Microstructures of Warm Clouds Clouds that lie completely below the 0 C isotherm, referred to as

538 views • 53 slides
Suppressed environments favorable for low clouds significant (but not overwhelming)

Suppressed environments favorable for low clouds significant (but not overwhelming)

ASR STM 2013 Cloud Life Cycle WG: Low Clouds Suppressed environments favorable for low clouds significant (but not overwhelming) subsidence ( 1 3 1 ) adequate BL water vapor source of BL TKE

732 views • 26 slides
You never know what is hiding in plain sight. Consider what was hanging above the hotplate in the

You never know what is hiding in plain sight. Consider what was hanging above the hotplate in the

Feast of the Presentation of the Lord Lumen ad revelationem gentium February 1-2, 2020 Readings: Malachi 3:1-4; Hebrews 2:14-18; Luke 2:22-40 You never know what is hiding in plain sight. Consider what was hanging above the hotplate in the

510 views • 3 slides
System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee 1

System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee 1

Obliviate: A Data Oblivious File System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee 1 Clouds? The Ultimate Dream? User Clouds 2 Clouds? The Ultimate Dream? User Clouds 2 Clouds? The Ultimate

1.06k views • 101 slides
ANCIENT ANCIENT WORLD WORLD Early Rome MEETI NG 21 ME 21 Clouds Wrap-Up Early Italy:

ANCIENT ANCIENT WORLD WORLD Early Rome MEETI NG 21 ME 21 Clouds Wrap-Up Early Italy:

11/14/19 CIVILIZATIONS OF THE ANCIENT ANCIENT WORLD WORLD Early Rome MEETI NG 21 ME 21 Clouds Wrap-Up Early Italy: Etruscans, Greeks, and Phoenicians Indo-Europeans: Hill Peoples and Latins 1 Clouds 2 Aspects of Clouds

449 views • 9 slides
Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste Orange Labs SEC2 ComPAS15 Workshop on Cloud Security Lille, June 30, 2015 Cloud Security Today Security = key concern in cloud adoption for the

2.73k views • 33 slides
for Mu fo r Mult lti-Cl Clouds ouds wi with Intel l SGX GX Houssem KANZARI and Marc

for Mu fo r Mult lti-Cl Clouds ouds wi with Intel l SGX GX Houssem KANZARI and Marc

Toward rds s Managem agemen ent of C f Chain ins s of f Tru rust st for Mu fo r Mult lti-Cl Clouds ouds wi with Intel l SGX GX Houssem KANZARI and Marc LACOSTE Orange Labs Second Workshop on Security in Clouds (SEC2 2016 )

489 views • 10 slides

More recommend