tor and circumvention lessons learned
play

Tor and circumvention: Lessons learned Roger Dingledine The Tor - PowerPoint PPT Presentation

Aug 21, 2022 •11 likes •661 views

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/ 1 What is Tor? Online anonymity 1) software, 2) network, 3) protocol Open source, freely available Community of researchers,

  1. Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/ 1

  2. What is Tor? ● Online anonymity 1) software, 2) network, 3) protocol ● Open source, freely available ● Community of researchers, developers, users, and relay operators ● Funding from US DoD, Electronic Frontier Foundation, Voice of America, Google, NLnet, Human Rights Watch, ... 2

  3. The Tor Project, Inc. ● 501(c)(3) non-profit organization dedicated to the research and development of tools for online anonymity and privacy 3

  4. Estimated 500,000 daily Tor users 4

  5. Threat model: what can the attacker do? Alice Anonymity network Bob watch Alice! watch (or be!) Bob! Control part of the network! 5

  6. Anonymity isn't cryptography: Cryptography just protects contents. “Hi, Bob!” “Hi, Bob!” <gibberish> Alice attacker Bob 6

  7. Anonymity isn't just wishful thinking... “You can't prove it was me!” “Promise you won't look!” “Promise you won't remember!” “Promise you won't tell!” “I didn't write my name on it!” “Isn't the Internet already anonymous?” 7

  8. Anonymity serves different interests for different user groups. Anonymity Private citizens “It's privacy!” 8

  9. Anonymity serves different interests for different user groups. Businesses Anonymity “It's network security!” Private citizens “It's privacy!” 9

  10. Anonymity serves different interests for different user groups. “It's traffic-analysis resistance!” Businesses Governments Anonymity “It's network security!” Private citizens “It's privacy!” 10

  11. Anonymity serves different interests for different user groups. “It's reachability!” Human rights “It's traffic-analysis activists resistance!” Businesses Governments Anonymity “It's network security!” Private citizens “It's privacy!” 11

  12. Four pieces to today's talk ● 1) Who uses Tor and why? ● 2) The Tor design in a nutshell ● 3) Tor and censorship ● 4) We have data 12

  13. Regular citizens don't want to be watched and tracked. “I sell the logs.” Blogger Hostile Bob Alice “Oops, I lost the logs.” 8-year-old Incompetent Bob The AOL fiasco Alice “Hey, they aren't Indifferent Bob Sick my secrets.” Alice Name, address, age, friends, (the network can track too) Consumer interests Alice .... (medical, financial, etc), unpopular opinions, Oppressed Alice illegal opinions.... 13

  14. Businesses need to keep trade secrets. “Oh, your employees are reading Competitor our patents/jobs page/product sheets?” “Hey, it's Alice! Give her the 'Alice' version!” Competitor AliceCorp “Wanna buy a list of Alice's suppliers? Compromised What about her customers? network What about her engineering department's favorite search terms?” 14

  15. Law enforcement needs anonymity to get the job done. “Why is alice.localpolice.gov reading Investigated my website?” suspect “Why no, alice.localpolice.gov! Officer Sting I would never sell counterfeits on ebay!” Alice target “Is my family safe if I Organized go after these guys?” Crime Witness/informer “Are they really going to ensure Anonymous Alice my anonymity?” tips 15

  16. Governments need anonymity for their security “What will you bid for a list of Baghdad IP addresses that get email from .gov?” Untrusted ISP Agent “ Somebody in that hotel room just Alice checked his Navy.mil mail! ” Compromised “ What does FBI Google for? ” service Shared “Do I really want to reveal my Coalition network internal network topology?” member Alice Defense in “What about insiders?” Depth 16

  17. Journalists and activists need Tor for their personal safety Monitoring “Did you just post to that website?” ISP Activist/ Whistleblower “Where are the bloggers connecting from?” Alice Monitored “I run livejournal and track my users” website “Of course I tell China about my users” “What does the Global Voices website Filtered say today?” Blocked website “I want to tell people what's going on Alice in my country” Monitored “I think they're watching. I'm not even network going to try.” 17

  18. You can't get anonymity on your own: private solutions are ineffective... Alice's small Citizen “One of the 25 users ... anonymity net Alice on AliceNet.” Officer Municipal Investigated Alice “Looks like a cop.” anonymity net suspect AliceCorp AliceCorp “It's somebody at Competitor anonymity net AliceCorp!” 18

  19. ... so, anonymity loves company! Citizen “???” ... Alice Officer Investigated Alice Shared “???” suspect anonymity net AliceCorp Competitor “???” 19

  20. Yes, bad people need anonymity too. But they are already doing well. Compromised botnet Stolen mobile phones Evil Criminal Alice Open wireless nets ..... 20

  21. Current situation: Bad people on the Internet are doing fine Trojans Viruses Exploits Botnets Zombies Espionage Phishing DDoS Spam Extortion 21

  22. The simplest designs use a single relay to hide connections. Bob1 Alice1 E(Bob3,“X”) “Y” Relay Alice2 “Z” Bob2 E(Bob1, “Y”) ) “X” ” Z “ , 2 b o B ( E Bob3 Alice3 (example: some commercial proxy providers) 22

  23. But a single relay (or eavesdropper!) is a single point of failure. Bob1 Alice1 E(Bob3,“X”) “Y” Evil Alice2 Relay “Z” Bob2 E(Bob1, “Y”) ) “X” ” Z “ , 2 b o B ( E Bob3 Alice3 23

  24. ... or a single point of bypass. Bob1 Alice1 E(Bob3,“X”) “Y” Irrelevant Alice2 Relay “Z” Bob2 E(Bob1, “Y”) ) “X” ” Z “ , 2 b o B ( E Bob3 Alice3 Timing analysis bridges all connections ⇒ An attractive fat target through relay 24

  25. So, add multiple relays so that no single one can betray Alice. Bob Alice R1 R3 R5 R4 R2 25

  26. A corrupt first hop can tell that Alice is talking, but not to whom. Bob Alice R1 R3 R5 R4 R2 26

  27. A corrupt final hop can tell that somebody is talking to Bob, but not who. Bob Alice R1 R3 R5 R4 R2 27

  28. Alice makes a session key with R1 ...And then tunnels to R2...and to R3 Bob Alice R1 R3 Bob2 R5 R4 R2 28

  29. What we spend our time on ● Performance and scalability ● Maintaining the whole software ecosystem ● Blocking-resistance (circumvention) ● Basic research on anonymity ● Reusability and modularity ● Advocacy, education, and trainings around the world ● Metrics, data, and analysis 29

  30. Relay versus Discovery ● There are two pieces to all these “proxying” schemes: ● a relay component: building circuits, sending traffic over them, getting the crypto right ● a discovery component: learning what relays are available 30

  31. The basic Tor design uses a simple centralized directory protocol. cache S1 Trusted directory Alice S2 Alice downloads consensus and Trusted directory cache descriptors from anywhere Authorities S3 publish a consensus Servers publish list of all descriptors self-signed descriptors. 31

  32. Attackers can block users from connecting to the Tor network ● By blocking the directory authorities ● By blocking all the relay IP addresses in the directory ● By filtering based on Tor's network fingerprint ● By preventing users from finding the Tor software 32

  33. Alice Alice Alice Blocked Alice Alice User R3 Alice Blocked R4 Bob User Alice Alice R2 Blocked User Alice R1 Alice Blocked Alice User Alice Blocked Alice User Alice Alice 33

  34. “Bridge” relays ● Hundreds of thousands of Tor users, already self-selected for caring about privacy. ● Rather than signing up as a normal relay, you can sign up as a special “bridge” relay that isn't listed in any directory. ● No need to be an “exit” (so no abuse worries), and you can rate limit if needed ● Integrated into Vidalia (our GUI) so it's easy to offer a bridge or to use a bridge 34

  35. 35

  36. 36

  37. 37

  38. How do you find a bridge? ● If you can, go to https://bridges.torproject.org/ and it will tell you a few based on time and your IP address ● Mail bridges@torproject.org from a gmail/yahoo address, and we'll send you a few ● From your friends and neighbors, like before 38

  39. One working bridge is enough ● Connect via that bridge to the bridge authority. ● ...and to the main Tor network. ● Remember, all of this happens in the background. ● “How to circumvent for all transactions (and trust the pages you get)” is now reduced to “How to learn about a working bridge”. 39

  40. Hiding Tor's network fingerprint ● We got rid of plaintext HTTP (used by directories). Now clients tunnel their directory requests over the same TLS connection as their other Tor traffic. ● We've made Tor's TLS handshake look more like Firefox+Apache. ● When Iran kicked out Smartfilter in early 2009, Tor's old v2 dir design worked again! 40

  41. Attacker's goals (1) ● Restrict the flow of certain kinds of information – Embarrassing (rights violations, corruption) – Opposing (opposition movements, sites that organize protests) ● Chill behavior by impression that online activities are monitored 41

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Tor and circumvention: Lessons learned Nick Mathewson The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Nick Mathewson The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Nick Mathewson The Tor Project https://torproject.org/ 1 What is Tor? Online anonymity 1) open source software, 2) network, 3) protocol Community of researchers, developers, users, and relay operators

1.03k views • 68 slides
Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/ 1 What is Tor? Online anonymity 1) open source software, 2) network, 3) protocol Community of researchers, developers, users, and relay

975 views • 68 slides
Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/ 1 What is Tor? Online anonymity 1) software, 2) network, 3) protocol Open source, freely available Community of researchers,

1.04k views • 56 slides
Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/ 1 What is Tor? Online anonymity 1) software, 2) network, 3) protocol Open source, freely available Community of researchers,

886 views • 54 slides
Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/ 1 Today's plan 0) Crash course on Tor 1) History of Tor censorship attempts 2) Attacks on low-latency anonymity 3) Tor performance

1.36k views • 101 slides
Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From

Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From

Protg 2006, July 26th, Stanford I R I S A C 1 R E C Saint-Cyr Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From Ontology Ontology Design Design Ontology Ontology Design Design Jean Andr B

371 views • 12 slides
Institutionalizing Lessons Learned October 25, 2006 Loren Plisco Region II Background

Institutionalizing Lessons Learned October 25, 2006 Loren Plisco Region II Background

Institutionalizing Lessons Learned October 25, 2006 Loren Plisco Region II Background SEP 2002 Davis-Besse Lessons Learned Task Force AUG 2004 - Effectiveness Review Lessons Learned Task Force JAN 2005 - EDO Charters

269 views • 22 slides
OSHA Lessons Learned Adam Fries OSHA Compliance Officer February 13, 2018 OSHA Lessons Learned

OSHA Lessons Learned Adam Fries OSHA Compliance Officer February 13, 2018 OSHA Lessons Learned

OSHA Lessons Learned Adam Fries OSHA Compliance Officer February 13, 2018 OSHA Lessons Learned Jobsite Safety and Health Inspections/Audits better known as; PAPER WORK You hate it, Your safety director requires it, OSHA loves it, Does it

926 views • 35 slides
3/8/2019 Epidemiology, Risk Factors, and Outcomes of Pediatric PVD: LESSONS learned from the

3/8/2019 Epidemiology, Risk Factors, and Outcomes of Pediatric PVD: LESSONS learned from the

3/8/2019 Epidemiology, Risk Factors, and Outcomes of Pediatric PVD: LESSONS learned from the Spanish Registry: Lessons Learned from the Registries o Is It possible (and worthy) to do a national registry? Lessons learned from the o

1.16k views • 43 slides
DEBUGGING LESSONS LEARNED WHILE DEBUGGING LESSONS LEARNED WHILE FIXING NETBSD FIXING NETBSD

DEBUGGING LESSONS LEARNED WHILE DEBUGGING LESSONS LEARNED WHILE FIXING NETBSD FIXING NETBSD

DEBUGGING LESSONS LEARNED WHILE DEBUGGING LESSONS LEARNED WHILE FIXING NETBSD FIXING NETBSD ABOUT ME ABOUT ME maya@NetBSD.org coypu@sdf.org NetBSD/pkgsrc for the last 3 years THIS TALK THIS TALK Mix of a bunch of bugs Not solo work

695 views • 31 slides
Lessons Learned A Value Added Product of the Project Life Cycle R Gilman April 19, 2006 Agenda

Lessons Learned A Value Added Product of the Project Life Cycle R Gilman April 19, 2006 Agenda

Lessons Learned A Value Added Product of the Project Life Cycle R Gilman April 19, 2006 Agenda Introduction What are Lessons Learned? Value to the Project Process and Organization Keanes Approach to Lessons Learned Keys to

261 views • 24 slides
Four Major Events in Our History and the Lessons Learned Coleen Reiswig, Isobel McDonald, Ted

Four Major Events in Our History and the Lessons Learned Coleen Reiswig, Isobel McDonald, Ted

Four Major Events in Our History and the Lessons Learned Coleen Reiswig, Isobel McDonald, Ted Pincock, Carolyn Bouchard Joanne Archer Outline: 1) Common Themes 2) The Event and lessons learned: Spanish Influenza 1918 SARS

417 views • 38 slides
Lessons Learned from Japans NPL Experience Ladies and gentlemen, today I would like to discuss

Lessons Learned from Japans NPL Experience Ladies and gentlemen, today I would like to discuss

Beijing International Finance Forum Chairman Junichi Ujiie 2004/05/19 Lessons Learned from Japans NPL Experience Ladies and gentlemen, today I would like to discuss the lessons to be learned from Japans NPL problems: first, the disposal

344 views • 3 slides
Some lessons learned from Team Science Some lessons learned from Team Science Lewis Cantley Weill

Some lessons learned from Team Science Some lessons learned from Team Science Lewis Cantley Weill

Some lessons learned from Team Science Some lessons learned from Team Science Lewis Cantley Weill Cornell Medical College, New York Presbyterian Hospital Past participation in Team Science Period Period Type of grant Type of grant Role in Grant

380 views • 20 slides
MDG-SDG TRANSITION IN IVORY COAST: LESSONS LEARNED AND IMPLICATIONS ON CURRENT PUBLIC POLICIES

MDG-SDG TRANSITION IN IVORY COAST: LESSONS LEARNED AND IMPLICATIONS ON CURRENT PUBLIC POLICIES

MDG-SDG TRANSITION IN IVORY COAST: LESSONS LEARNED AND IMPLICATIONS ON CURRENT PUBLIC POLICIES SAKO G. . Oumar CONTENTS I. Context II. Assessment and lessons learned from implemention of MDGs III. Domestication/contextaulisation of SDGs

151 views • 12 slides
VALUE: Lessons Learned Kate McConnell &amp; Erin Horan Association of American Colleges and

VALUE: Lessons Learned Kate McConnell &amp; Erin Horan Association of American Colleges and

VALUE: Lessons Learned Kate McConnell &amp; Erin Horan Association of American Colleges and Universities Todays session Overview of the MSC Scoring and reporting Lessons learned as related to validity Unintended consequences?

661 views • 40 slides
MKO Melt Maggie Jeffries, MD and Chris Bender, CRNA Why is the type of anesthesia important?

MKO Melt Maggie Jeffries, MD and Chris Bender, CRNA Why is the type of anesthesia important?

Non-IV Sedation And the MKO Melt Maggie Jeffries, MD and Chris Bender, CRNA Why is the type of anesthesia important? Cataract surgery is the most common procedure performed by Ophthalmologists, the most commonly performed surgical procedure

383 views • 14 slides
CS5412: HOW DURABLE SHOULD IT BE? Lecture XV Ken Birman Durability 2 When a system accepts

CS5412: HOW DURABLE SHOULD IT BE? Lecture XV Ken Birman Durability 2 When a system accepts

CS5412 Spring 2012 (Cloud Computing: Birman) 1 CS5412: HOW DURABLE SHOULD IT BE? Lecture XV Ken Birman Durability 2 When a system accepts an update and wont lose it, we say that event has become durable Everyone jokes that the

653 views • 38 slides
Five ways to detect correlation in panels Jesse Wursten 1 1 jesse.wursten@kuleuven.be Faculty of

Five ways to detect correlation in panels Jesse Wursten 1 1 jesse.wursten@kuleuven.be Faculty of

Five ways to detect correlation in panels Jesse Wursten 1 1 jesse.wursten@kuleuven.be Faculty of Economics and Business KU Leuven 23rd London Stata User Group Meeting, September 2017 Jesse Wursten (KUL) Five panel correlation tests SUGM 2017

260 views • 15 slides
Beyond Classical Search C h a p t e r 4 (Adapted from Stuart Russel, Dan Klein, and others.

Beyond Classical Search C h a p t e r 4 (Adapted from Stuart Russel, Dan Klein, and others.

Beyond Classical Search C h a p t e r 4 (Adapted from Stuart Russel, Dan Klein, and others. Thanks guys!) 1 Outline Hill-climbing Simulated annealing Genetic algorithms (briefly) Local search in continuous spaces (very

695 views • 34 slides
Beyond Classical Search Sections 4.1 and 4.2 Ch. 04 p.1/20 Outline Iterative improvement

Beyond Classical Search Sections 4.1 and 4.2 Ch. 04 p.1/20 Outline Iterative improvement

Beyond Classical Search Sections 4.1 and 4.2 Ch. 04 p.1/20 Outline Iterative improvement algorithms Hill climbing Simulated annealing Local beam search Genetic algorithms References: The slides were adapted to the 3 rd edition of Russell

383 views • 20 slides
You know youre a Tahoe Local is: When you realize many historical sites are younger than

You know youre a Tahoe Local is: When you realize many historical sites are younger than

You know youre a Tahoe Local is: When you realize many historical sites are younger than you are. South Lake Tahoe Airstrips Landing on the surface of Lake Tahoe with Float Planes - 1920s Johnson Field - 1930s to 1940s -

684 views • 49 slides
Iterative improvement algorithms In many optimization problems, path is irrelevant; the goal state

Iterative improvement algorithms In many optimization problems, path is irrelevant; the goal state

Iterative improvement algorithms In many optimization problems, path is irrelevant; the goal state itself is the solution Then state space = set of complete configurations; Beyond Classical Search find optimal configuration, e.g., TSP or,

303 views • 8 slides
CS 103 Unit 11 Linked Lists Mark Redekopp 2 NULL Pointer Just like there was a null

CS 103 Unit 11 Linked Lists Mark Redekopp 2 NULL Pointer Just like there was a null

1 CS 103 Unit 11 Linked Lists Mark Redekopp 2 NULL Pointer Just like there was a null character in ASCII = '\0' whose value was 0 there is a NULL pointer whose value is 0 Used to represent a pointer to &quot;nothing&quot; NULL is

698 views • 28 slides

More recommend