outline
play

Outline Anonymous communications techniques CSci 5271 - PDF document

Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction to Computer Security Day 23: Anonymizing the network Tor basics Stephen McCamant University of Minnesota, Computer Science & Engineering Tor


  1. Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction to Computer Security Day 23: Anonymizing the network Tor basics Stephen McCamant University of Minnesota, Computer Science & Engineering Tor experiences and challenges Traffic analysis Nymity slider (Goldberg) Verinymity Social security number What can you learn from encrypted Persistent pseudonymity data? A lot Pen name (“George Eliot”), “moot” Content size, timing Linkable anonymity Who’s talking to who Frequent-shopper card ✦ countermeasure: anonymity Unlinkable anonymity (Idealized) cash payments Nymity ratchet? Steganography It’s easy to add names on top of an One approach: hide real content within anonymous protocol bland-looking cover traffic The opposite direction is harder Classic: hide data in least-significant bits of images But, we’re stuck with the Internet as is Easy to fool casual inspection, hard if So, add anonymity to conceal adversary knows the scheme underlying identities

  2. Dining cryptographers Dining cryptographers Dining cryptographers Dining cryptographers Dining cryptographers DC-net challenges Quadratic key setups and message exchanges per round Scheduling who talks when One traitor can anonymously sabotage Improvements subject of ongoing research

  3. Mixing/shuffling Anonymous remailers Anonymizing intermediaries for email Computer analogue of shaking a ballot First cuts had single points of failure box, etc. Mix and forward messages after Reorder encrypted messages by a receiving a sufficiently-large batch random permutation Chain together mixes with multiple Building block in larger protocols layers of encryption Distributed and verifiable variants Fancy systems didn’t get critical mass possible as well of users Outline Note to early readers Anonymous communications techniques This is the section of the slides most Announcements intermission likely to change in the final version If class has already happened, make Tor basics sure you have the latest slides for announcements Tor experiences and challenges Outline Tor: an overlay network Anonymous communications techniques Tor (originally from “the onion router”) ❤tt♣s✿✴✴✇✇✇✳t♦r♣r♦❥❡❝t✳♦r❣✴ Announcements intermission An anonymous network built on top of the non-anonymous Internet Tor basics Designed to support a wide variety of Tor experiences and challenges anonymity use cases

  4. Low-latency TCP applications Tor Onion routing Stream from sender to ❉ forwarded Tor works by proxying TCP streams via ❆ , ❇ , and ❈ (And DNS lookups) One Tor circuit made of four TCP hops Focuses on achieving interactive Encrypt packets (512-byte “cells”) as latency ❊ ❆ ✭ ❇❀ ❊ ❇ ✭ ❈❀ ❊ ❈ ✭ ❉❀ P ✮✮✮ WWW, but potentially also chat, SSH, etc. Anonymity tradeoffs compared to TLS-like hybrid encryption with remailers “telescoping” path setup Client perspective Entry/guard relays “Entry node”: first relay on path Entry knows the client’s identity, so Install Tor client running in background particularly sensitive Configure browser to use Tor as proxy Many attacks possible if one adversary Or complete Tor+Proxy+Browser bundle controls entry and exit Choose a small random set of “guards” Browse web as normal, but a lot slower as only entries to use Also, sometimes ❣♦♦❣❧❡✳❝♦♠ is in Rotate slowly or if necessary Swedish For repeat users, better than random each time Exit relays Centralized directory How to find relays in the first place? Forwards traffic to/from non-Tor Straightforward current approach: destination Focal point for anti-abuse policies central directory servers E.g., no exits will forward for port 25 Relay information includes bandwidth, (email sending) exit polices, public keys, etc. Can see plaintext traffic, so danger of Replicated, but potential bottleneck for sniffing, MITM, etc. scalability and blocking

  5. Outline Anonymity loves company Anonymous communications techniques Diverse user pool needed for anonymity to be meaningful Announcements intermission Hypothetical Department of Defense Anonymity Network Tor basics Tor aims to be helpful to a broad range of (sympathetic sounding) potential Tor experiences and challenges users Who (arguably) needs Tor? Tor and the US government Consumers concerned about web Onion routing research started with the US Navy tracking Academic research still supported by Businesses doing research on the NSF competition Anti-censorship work supported by the Citizens of countries with Internet State Department censorship Same branch as Voice of America Reporters protecting their sources But also targeted by the NSA Law enforcement investigating targets Per Snowden, so far only limited success Volunteer relays Performance Tor relays are run basically by volunteers Increased latency from long paths Most are idealistic Bandwidth limited by relays A few have been less-ethical researchers, or GCHQ Currently 1-2 sec for 50KB, 5-10 sec for Never enough, or enough bandwidth 1MB P2P-style mandatory participation? Historically worse for many periods Unworkable/undesirable Flooding (guessed botnet) fall 2013 Various other kinds of incentives explored

  6. Anti-censorship Hidden services As a web proxy, Tor is useful for Tor can be used by servers as well as getting around blocking clients Unless Tor itself is blocked, as it often is Identified by cryptographic key, use Bridges are special less-public entry special rendezvous protocol points Servers often present easier attack Also, protocol obfuscation arms race surface (currently behind) Undesirable users Intersection attacks Suppose you use Tor to update a P2P filesharing pseudonymous blog, reveal you live in Discouraged by Tor developers, to little Minneapolis effect Comcast can tell who in the city was Terrorists sending to Tor at the moment you post At least the NSA thinks so an entry Illicit e-commerce Anonymity set of 1000 ✦ reasonable protection “Silk Road” and its successors But if you keep posting, adversary can keep narrowing down the set Exit sniffing Browser bundle JS attack Tor’s Browser Bundle disables many features try to stop tracking Easy mistake to make: log in to an But, JavaScript defaults to on HTTP web site over Tor Usability for non-expert users A malicious exit node could now steal Fingerprinting via NoScript settings Was incompatible with Firefox your password auto-updating Another reason to always use HTTPS Many Tor users de-anonymized in for logins August 2013 by JS vulnerability patched in June

  7. Traffic confirmation attacks Hidden service traffic conf. Bug allowed signal to guard when user If the same entity controls both guard looked up a hidden service and exit on a circuit, many attacks can link the two connections Non-statistical traffic confirmation For 5 months in 2014, 115 guard nodes “Traffic confirmation attack” Can’t directly compare payload data, (about 6%) participated in this attack since it is encrypted Apparently researchers at CMU’s Standard approach: insert and observe SEI/CERT Beyond “research,” they also gave/sold delays info. to the FBI Protocol bug until last year: covert Apparently used in Silk Road 2.0 channel in hidden service lookup prosecution, etc. Next time How usability affects security

Recommend


More recommend