securing the tor network
play

Securing the Tor Network Mike Perry Black Hat USA 2007 Defcon 2007 - PowerPoint PPT Presentation

Aug 23, 2023 •25 likes •225 views

Securing the Tor Network Mike Perry Black Hat USA 2007 Defcon 2007 What is Tor? Volunteer run relay network designed for privacy, anonymity, and censorship resistance. Tor relays TCP connections (streams) Multiplexed on

  1. Securing the Tor Network Mike Perry Black Hat USA 2007 Defcon 2007

  2. What is Tor? ● Volunteer run relay network designed for privacy, anonymity, and censorship resistance. ● Tor relays TCP connections (“streams”) – Multiplexed on encrypted paths (“circuits”) ● Nodes connected by TLS/SSL ● Circuits route through 3 nodes – “Guard”, “relay”, “exit”

  3. Tor Routing

  4. Classes of Attack ● Passive attacks – Packet and connection timing correlation – Fingerprinting of traffic/usage patterns – “Intersection Attacks” of multiple attributes of users ● Active attacks – Lying about bandwidth to get more traffic – Failing circuits to bias node selection – Modifying application layer traffic at exit

  5. Position of Attack ● Internal – Node operator – Can differentiate circuits at guard and relay. – Able to differentiate streams per circuit at exit ● External – ISP or Echelon-style adversary – Assumed to be unable to see inside TLS streams – Likely frustrated to a large degree by running Tor as both node and client

  6. Attack Points

  7. Approaches to Security ● Verify node operators (Ha!) ● Path selection hacks ● Scan nodes for modification/reliability ● “Tor up from the floor up” ● Secure the applications (different threat model) ● Improve network speed and usability

  8. Path Selection Hacks ● /16 hack: No two nodes from same /16 netmask – Many ISPs have disjoint IP ranges.. ● Guard nodes – Essentially a time-tradeoff of risk ● Difficult to do right. Typically still rotate – Avoids long-term fingerprinting – Without rotation, can deter intimidation attacks – Foil “repetitive fetch” application layer attacks

  9. Tor Routers and LiveCDs ● JanusVM, Anonym.OS, others – “Tor up from the floor up” – Addresses application-level attacks to bypass Tor – Blocks UDP ● Major flaw: Circuit reuse -> app correlation – Windows update, other ID-based software updates – AIM, ssh, email usage of different “nyms” – Media players checking recommended music, etc etc

  10. Centralized Network Scanning ● Tor control port is fun stuff ● Snakes on a Tor and TorFlow – Verifies md5 sums of googled URLs – Also verifies node reliability+bandwidth ● Works against incompetent+blanket adversaries – Actually found some broken+malicious nodes ● Does not work against targeted adversaries ● Vulnerable to detection

  11. Decentralized Network Scanning ● Client-based: – Use reliability averages from TorFlow – Alert user if guard node fails more than X% circuits – Measure observed bandwidth/latency of nodes ● Node-based: – Gather statistics on average capacity and queue lengths to peers, compare to node rankings – Report major deviations or use as balancing feedback loop.

  12. Securing the Application Layer ● Tor has a superset of the threat model most applications are written for. – No UDP! – Unique identifiers are bad – Proxy settings must be sacrosanct – Location information must not be transmitted – Updates are dangerous. Hostile network.

  13. Tor's Web Attack Profile 1. Bypassing proxy settings 2. Correlation of Tor vs Non-Tor 3. History disclosure 4. Location information 5. Misc Anonymity set reduction 6. History records

  14. Solution: Improved TorButton ● Disable plugins while Tor is enabled ● Isolate dynamic content per Tor load state ● Cookie jars/cookie clearing ● Cache management ● History management ● User agent spoofing during Tor ● Javascript Hooking

  15. TorButton Demo ● http://gemal.dk/browserspy/basic.html ● http://gemal.dk/browserspy/css.html ● http://gemal.dk/browserspy/date.html ● http://gemal.dk/browserspy/plugins.html ● http://ha.ckers.org/weird/CSS-history-hack.html ● http://ha.ckers.org/weird/CSS-history.cgi ● http://www.tjkdesign.com/articles/css%20pop%20

  16. Interesting Technical Details ● Context issues ● Tab tagging ● XPCOM hooking and XPCOM policies ● Javascript hooking

  17. Improving Speed and Usability ● Key component of Tor security: Large userbase ● Users want speed and ease of use – Many do not need as much anonymity – Two hop proposal (semi-controversial) – Intelligent path selection ● Tor network is unbalanced – Guard node issues (bug #440) – Exit selection issues

  18. Final Thoughts ● Tor security != Internet security – Superset, actually – Adversary has different goals – Many apps do not consider privacy vulnerabilities as real vulnerabilities

  19. Credits+Contributions Scott Squires (Original TorButton Author) Collin Jackson (History blocking+Cookie jars) Johannes Renner (TorFlow contributions+research) Nick & Roger (Advice, Tor in general) Dave, Nitin G, Thom (Advice, moral support)

  20. “What can I do to help Tor?” ● Extra bandwidth? Run a node! – See conference CD for Linux 'tc' prioritization script – No need to impact your own traffic flows ● Post patches/plugins to your favorite apps to protect against info disclosure. – Work to raise awareness that privacy issues should be considered as part of security measures

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Web Security Thierry Sans Securing the web architecture means securing ... The network

Web Security Thierry Sans Securing the web architecture means securing ... The network

Web Security Thierry Sans Securing the web architecture means securing ... The network The operating system The web server ( Apache for instance) The administration server ( SSH for instance) The database ( Oracle for instance)

1.37k views • 61 slides
IPsec (AH, ESP), IKE Guevara Noubir CSG254: Network Security noubir@ccs.neu.edu Securing

IPsec (AH, ESP), IKE Guevara Noubir CSG254: Network Security noubir@ccs.neu.edu Securing

IPsec (AH, ESP), IKE Guevara Noubir CSG254: Network Security noubir@ccs.neu.edu Securing Networks Applications Layer Monitoring/Logging/Intrusion Detection Control/Management (configuration) telnet/ftp: ssh, http: https , mail: PGP Network

1.4k views • 26 slides
Network Security Securing communications (SSL/TLS and IPSec) Marcus Bendtsen, Andrei Gurtov

Network Security Securing communications (SSL/TLS and IPSec) Marcus Bendtsen, Andrei Gurtov

Network Security Securing communications (SSL/TLS and IPSec) Marcus Bendtsen, Andrei Gurtov Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) Network communication Who are you talking to?

636 views • 35 slides
S-NFV: Securing NFV states by using SGX Ming-Wei Shih Mohan Kumar Taesoo Kim Ada

S-NFV: Securing NFV states by using SGX Ming-Wei Shih Mohan Kumar Taesoo Kim Ada

S-NFV: Securing NFV states by using SGX Ming-Wei Shih Mohan Kumar Taesoo Kim Ada Gavrilovska Georgia Institute of Technology Network Function Virtualization (NFV) Virtualized Network Functions (VNFs) NAT IDS Web Caching VNF NF OS

542 views • 16 slides
Securing Internet Communication: TLS, contd Network security CS 161: Computer Security Prof.

Securing Internet Communication: TLS, contd Network security CS 161: Computer Security Prof.

Securing Internet Communication: TLS, contd Network security CS 161: Computer Security Prof. Raluca Ada Popa Feb 27, 2018 Some slides credit David Wagner Announcements Midterm grades released Regrades: Read the follow-ups on the

1.75k views • 156 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
Securing the last mile of DNS with CGA-TSIG Marc Buijsman Master System & Network Engineering

Securing the last mile of DNS with CGA-TSIG Marc Buijsman Master System & Network Engineering

Securing the last mile of DNS with CGA-TSIG Marc Buijsman Master System & Network Engineering 19 December 2013 Problem statement last mile not secured internet authoritative name server client recursive authoritative last

608 views • 40 slides
Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

www.securing.pl Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl @_r3ggi wojciech.regula@securing.pl www.securing.pl www.securing.pl WHOAMI -Senior IT Security Consultant @ SecuRing -Focused on

998 views • 67 slides
Securing the Cloud Identity Management and Network Security in the Cloud Mark Ryland Chief

Securing the Cloud Identity Management and Network Security in the Cloud Mark Ryland Chief

Securing the Cloud Identity Management and Network Security in the Cloud Mark Ryland Chief Solutions Architect AWS Public Sector team Khawaja Shams Cloud Architect Jet Propulsion Labs / NASA QCon New York 2012 Agenda Identity &

594 views • 21 slides
Securing Network Traffic Tunneled Over Kernel managed TCP/UDP sockets Sowmini

Securing Network Traffic Tunneled Over Kernel managed TCP/UDP sockets Sowmini

Securing Network Traffic Tunneled Over Kernel managed TCP/UDP sockets Sowmini Varadhan(sowmini.varadhan@oracle.com) Agenda What problem are we trying to solve? Privacy, integrity protection, authentication of traffic that gets tunneled

628 views • 36 slides
Securing Your Cloud with Xen Projects Advanced Security Features Russell Pavlicek, Xen Project

Securing Your Cloud with Xen Projects Advanced Security Features Russell Pavlicek, Xen Project

Introduction Network path Bootloader Device model Xen Conclusion Securing Your Cloud with Xen Projects Advanced Security Features Russell Pavlicek, Xen Project Evangelist CloudOpen North America 2013 Introduction Network path

553 views • 32 slides
Securing Europe's Information Society Dr. Udo Helmbrecht Executive Director European Network

Securing Europe's Information Society Dr. Udo Helmbrecht Executive Director European Network

Securing Europe's Information Society Dr. Udo Helmbrecht Executive Director European Network and Information Security Agency 16 June 2010 FIRST AGM Miami 16/6/2010 1 Agenda ENISA overview Challenges EU policy on NIS Overview of

465 views • 30 slides
SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web based Centrally Administrated Divisionally managed Consistent content Central reporting Ability to add custom content (Policy's)

761 views • 10 slides
Securing the SDN Northbound Interface With the aid of Anomaly Detection Jan J. Laan July 2, 2015

Securing the SDN Northbound Interface With the aid of Anomaly Detection Jan J. Laan July 2, 2015

Securing the SDN Northbound Interface With the aid of Anomaly Detection Jan J. Laan July 2, 2015 Introduction Current status Anomaly detection Conclusion Introduction Traditional network Securing the SDN Northbound Interface 1 / 19

482 views • 30 slides
Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br

Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br

Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br Instituto de Informtica UFRGS Securing Networks in the Programmable Data Plane Era Network softwarization : the first wave P4 programs are

607 views • 12 slides
Securing and Protecting Securing and Protecting Water Rights and Uses in Water Rights and Uses

Securing and Protecting Securing and Protecting Water Rights and Uses in Water Rights and Uses

Securing and Protecting Securing and Protecting Water Rights and Uses in Water Rights and Uses in Arizona Arizona L. William Staudenmaier One Arizona Center 400 East Van Buren Street, Suite 1900 Phoenix, Arizona 85004 2202 602.382.6000 |

574 views • 32 slides
2 Preliminaries of the same size and covered by the same superset. For ex- ample, ab , ac and ad

2 Preliminaries of the same size and covered by the same superset. For ex- ample, ab , ac and ad

-Tolerance Closed Frequent Itemsets James Cheng Yiping Ke Wilfred Ng Department of Computer Science and Engineering The Hong Kong University of Science and Technology { csjames, keyiping, wilfred } @cse.ust.hk size n has (2 n 1)

451 views • 10 slides
SmartMiner: A Depth First Algorithm Guided by Tail Information for Mining Maximal Frequent

SmartMiner: A Depth First Algorithm Guided by Tail Information for Mining Maximal Frequent

SmartMiner: A Depth First Algorithm Guided by Tail Information for Mining Maximal Frequent Itemsets Qinghua Zou Wesley W. Chu Baojing Lu Computer Science Department Computer Science Department Computer Science Department University of

305 views • 8 slides
Using Unsupervised Paradigm Acquisition for Prefixes Daniel Zeman FAL MFF, Univerzita Karlova,

Using Unsupervised Paradigm Acquisition for Prefixes Daniel Zeman FAL MFF, Univerzita Karlova,

Using Unsupervised Paradigm Acquisition for Prefixes Daniel Zeman FAL MFF, Univerzita Karlova, Praha Morphological Paradigm Declension / conjugation table set of affixes German (to have): ha+be, ha+st, ha+t, ha+ben, ha+bt,

575 views • 32 slides
PREGEL: A SYSTEM FOR LARGE-SCALE GRAPH PROCESSING Grzegorz Malewicz, Matthew H. Austern, Aart J.

PREGEL: A SYSTEM FOR LARGE-SCALE GRAPH PROCESSING Grzegorz Malewicz, Matthew H. Austern, Aart J.

PREGEL: A SYSTEM FOR LARGE-SCALE GRAPH PROCESSING Grzegorz Malewicz, Matthew H. Austern, Aart J. C. Bik, James C. Dehnert, Ilan Horn, Naty Leiser, and Grzegorz Czajkowski -2010 Presented by K.M.D.Muthumali Karunarathna 27 th October 2015

218 views • 18 slides
financial misstatement prediction A comparison of deep learning and text mining approach for

financial misstatement prediction A comparison of deep learning and text mining approach for

The sentiment features of MD&As and financial misstatement prediction A comparison of deep learning and text mining approach for textual analysis Ting Sun, Yue Liu, Miklos A. Vasarhelyi Presented by Ting Sun Rutgers Business School

502 views • 13 slides
Jena Hwang Na-Rae Han Vivek Srikumar Archna Bhatia Tim OGorman Nathan Schneider August 4,

Jena Hwang Na-Rae Han Vivek Srikumar Archna Bhatia Tim OGorman Nathan Schneider August 4,

Double Trouble: The Problem of Construal in Semantic Annotation of Adpositions Jena Hwang Na-Rae Han Vivek Srikumar Archna Bhatia Tim OGorman Nathan Schneider August 4, 2017, *SEM, Vancouver Most languages have adpositions . in on at

478 views • 37 slides
Introduction to Qualitative Comparative Analysis (QCA) Morning Session: The Basics of QCA as an

Introduction to Qualitative Comparative Analysis (QCA) Morning Session: The Basics of QCA as an

Introduction to Qualitative Comparative Analysis (QCA) Morning Session: The Basics of QCA as an Approach IUSF- TIAS Autumn School on Concepts, Frameworks and Methods for the Comparative Analysis of Water Governance Jlich, Germany, November

1.17k views • 75 slides
From NetFlow to IPFIX the evolution of IP flow information export Brian Trammell - CERT/NetSA -

From NetFlow to IPFIX the evolution of IP flow information export Brian Trammell - CERT/NetSA -

From NetFlow to IPFIX the evolution of IP flow information export Brian Trammell - CERT/NetSA - Pittsburgh, PA, US Elisa Boschi - Hitachi Europe - Zurich, CH NANOG 41 - Albuquerque, NM, US - October 15, 2007 What is IPFIX? Emerging IETF

316 views • 17 slides

More recommend