tor
play

Tor: Anonymous Communications for the Dept of Defense...and you. - PowerPoint PPT Presentation

Oct 24, 2022 •231 likes •703 views

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven Project Electronic Frontier Foundation http://tor.eff.org/ 17 September 2005 Talk Outline Motivation: Why anonymous communication? Myth 1:

  1. Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven Project Electronic Frontier Foundation http://tor.eff.org/ 17 September 2005

  2. Talk Outline  Motivation: Why anonymous communication? − Myth 1: This is only for privacy nuts. − Myth 2: This stuff enables criminals.  Tor design overview  Hidden servers and rendezvous points  Policy issues raised  Open technical issues and hard problems

  3. Bad people are doing great  Trojans, viruses, 'sploits  Botnets, zombies  Phishing -> funding  Collect user information -> spam better  Corporate espionage -> extortion -> funding

  4. Public Networks are Vulnerable to Traffic Analysis  In a Public Network (Internet):  Packet (message) headers identify recipients  Packet routes can be tracked Public Network Responder Initiator Encryption does not hide routing information.

  5. Who Needs Anonymity?  Journalists, Dissidents, Whistleblowers (Indymedia, bloggers, Iran, Tibet)  Censorship resistant publishers/readers (libraries)  Socially sensitive communicants: − Chat rooms and web forums for abuse survivors, people with illnesses

  6. Who Needs Anonymity?  You: − Where are you sending email (who is emailing you) − What web sites are you browsing − Where do you work, where are you from − What do you buy, what kind of physicians do you visit, what books do you read, ...

  7. Who Needs Anonymity?  Corporations: (Google, Wal-Mart, ...) − Who's talking to the company lawyers? Are your employees looking at monster.com? − Hiding procurement suppliers or patterns − Competitive analysis  Law Enforcement: (In-q-tel, Nye Kripos) − Anonymous tips or crime reporting − Surveillance and honeypots (sting operations)

  8. Who Needs Anonymity?  Government

  9. Government Needs Anonymity? Yes, for...  Open source intelligence gathering − Hiding individual analysts is not enough − That a query was from a govt. source may be sensitive  Defense in depth on open and classified networks − Networks with only cleared users (but a million of them)  Dynamic and semitrusted international coalitions − Network can be shared without revealing existence or amount of communication between all parties • Elections and voting

  10. Anonymity Loves Company  You can't be anonymous by yourself. − Can have confidentiality by yourself.  A network that protects only DoD network users won't hide that connections from that network are from DoD.  You must carry traffic for others to protect yourself.  But those others don't want to trust their traffic to just one entity either. Network needs distributed trust .  Security depends on diversity and dispersal of network.

  11. Who Needs Anonymity?  And yes criminals

  12. Who Needs Anonymity?  And yes criminals But they already have it. We need to protect everyone else.

  13. Privacy and Criminals  Criminals have privacy − Motivation to learn − Motivation to buy − Identity theft  Normal People, Companies, Governments, Police don’t  The worst of all possible worlds

  14. Privacy and Crackers  Crackers have privacy − Break into system − Destroy the logs − Repeat as needed − They don’t use or need our software  Normal People, Companies, Governments, Police don’t  The worst of all possible worlds

  15. Anonymous From Whom? Adversary Model  Recipient of your message  Sender of your message => Need Channel and Data Anonymity  Observer of network from outside  Network Infrastructure (Insider) => Need Channel Anonymity  Note: Anonymous authenticated communication makes perfect sense  Communicant identification should be inside the basic channel, not a property of the channel

  16. Focus of Tor is anonymity of the communication pipe, not what goes through it

  17. How Do You Get Communication Anonymity?  Many technical approaches  Overview of two extensively used approaches − Mixes − Proxies

  18. What does a mix do? message 1 message 2 message 3 Mix message 4 Randomly permutes and decrypts inputs

  19. W hat does a mix do? ? message 2 Key property: Adversary can't tell which ciphertext corresponds to a given message

  20. Basic Mix (Chaum ‘81) PK PK PK 3 1 2 Server 3 Server 2 Server 1

  21. Encryption of M essage PK PK PK 3 1 2 message Ciphertext = E PK1 [E PK2 [E PK3 [message]]]

  22. Basic Chaum -type M ix Server 1 Server 2 Server 3 decrypt m1 decrypt m2 decrypt m2 m2 and and and permute permute permute m2 m3 m3 m1 m3 m1 m1 m3

  23. One honest server preserves privacy Server 1 Server 2 Server 3 ? m3

  24. What if you need quick interaction?  Web browsing, Remote login, Chat, etc.  Mixnets introduced for email and other high latency apps  Each layer of message requires expensive public-key crypto

  25. Basic Anonymizing Proxy anonymizing proxy anonymizing proxy • Channels appear to come from proxy, not true originator • Appropriate for Web connections, etc.: SSL, TLS, SSH (lower cost symmetric encryption) • Examples: The Anonymizer • Advantages: Simple, Focuses lots of traffic for more anonymity • Main Disadvantage: Single point of failure, compromise, attack

  26. Onion Routing Traffic Analysis Resistant Infrastructure  Main Idea: Combine Advantages of mixes and proxies  Use (expensive) public-key crypto to establish circuits  Use (cheaper) symmetric-key crypto to move data − Like SSL/TLS based proxies  Distributed trust like mixes  Related Work (some implemented, some just designs): − ISDN Mixes − Crowds, JAP Webmixes, Freedom Network − Tarzan, Morphmix

  27. Tor

  28. Tor The Onion Router

  29. Tor Tor's Onion Routing

  30. Numbers and Performance  Running since October 2003 • 250 nodes on six continents • Volunteer-based infrastructure • Fifty thousand+ (?) users • Nodes process 1-100 GB / day application cells • Network has never been down

  31. Tor Circuit Setup • Client Proxy establishes session key + circuit w/ Onion Router 1 Onion Router 1 Client Initiator

  32. Tor Circuit Setup • Client Proxy establishes session key + circuit w/ Onion Router 1 Onion Router 1 • Proxy tunnels through that circuit to extend to Onion Router 2 Onion Router 2 Client Initiator

  33. Tor Circuit Setup • Client Proxy establishes session key + circuit w/ Onion Router 1 Onion Router 1 • Proxy tunnels through that circuit to extend to Onion Router 2 Onion Router 2 • Etc Client Initiator

  34. Tor Circuit Usage • Client Proxy establishes session key + circuit w/ Onion Router 1 Onion Router 1 • Proxy tunnels through that circuit to extend to Onion Router 2 Onion Router 2 • Etc • Client applications connect and communicate over Tor circuit Client Initiator

  35. Tor Circuit Usage • Client Proxy establishes session key + circuit w/ Onion Router 1 Onion Router 1 • Proxy tunnels through that circuit to extend to Onion Router 2 Onion Router 2 • Etc • Client applications connect and communicate over Tor circuit Client Initiator

  36. Tor Circuit Usage • Client Proxy establishes session key + circuit w/ Onion Router 1 Onion Router 1 • Proxy tunnels through that circuit to extend to Onion Router 2 Onion Router 2 • Etc • Client applications connect and communicate over Tor circuit Client Initiator

  37. Where do I go to connect to the network?  Directory Servers − Maintain list of which onion routers are up, their locations, current keys, exit policies, etc. − Directory server keys ship with the code − Control which nodes can join network  Important to guard against “Sybil attack” and related problems − These directories are cached and served by other servers, to reduce bottlenecks − Need to decentralize, get humans out of the loop, without letting attackers sign up 100,000 nodes.

  38. Some Tor Properties  Simple modular design, restricted ambitions. − ~40K lines of C code − Even servers run in user space, no need to be root − Flexible exit policies, each node chooses what applications/destinations can emerge from it − Server usability is key to adoption. Without a network, we are nothing.

  39. Some Tor Properties  Simple modular design, restricted ambitions. − Just anonymize the pipe  Can use, e.g., privoxy as front end if desired to anonymize data − SOCKS compliant TCP: includes Web, remote login, mail, chat, more  No need to build proxies for every application

  40. Some Tor Properties  Lots of supported platforms: Linux, BSD, MacOS X, Solaris, Windows, ... (Tor servers on xbox, linksys wireless routers.)  Deployment paradigm: − Volunteer server operators − No payments, not proprietary − Moving to a P2P incentives model

  41. Number of running Tor servers

  42. Total traffic through Tor network

  43. Location Hidden Servers  Alice can connect to Bob's server without knowing where it is or possibly who he is  Can provide servers that − Are accessible from anywhere − Resist censorship − Require minimal redundancy for resilience in denial of service (DoS) attack − Can survive to provide selected service even during full blown distributed DoS attack − Resistant to physical attack (you can't find them)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ExecScent: Mining for New C&C Domains in Live Networks

ExecScent: Mining for New C&C Domains in Live Networks

ExecScent: Mining for New C&C Domains in Live Networks with Adap?ve Control Protocol Templates Terry Nelms 1,2 , Roberto Perdisci 3,2 , Mustaque Ahamad 2,4 1

506 views • 33 slides
On E-Vote Integrity in the Case of Malicious Voter Computers Sven Heiberg Helger Lipmaa Filip

On E-Vote Integrity in the Case of Malicious Voter Computers Sven Heiberg Helger Lipmaa Filip

Motivation Rage against the Machine Our Solution On E-Vote Integrity in the Case of Malicious Voter Computers Sven Heiberg Helger Lipmaa Filip Van Laenen Cybernetica AS, Estonia Computas AS, Norway September 21, 2010 Heiberg, Lipmaa, Van

464 views • 18 slides
Compact Explanation of Why Malware is Bad Speaker: Wei Chen 1 Joint Work with Charles Sutton 1 ,

Compact Explanation of Why Malware is Bad Speaker: Wei Chen 1 Joint Work with Charles Sutton 1 ,

Compact Explanation of Why Malware is Bad Speaker: Wei Chen 1 Joint Work with Charles Sutton 1 , David Aspinall 1 , Andrew D. Gordon 1 , 2 , Igor Muttik 3 , and Qi Shen 4 App Guarden Project 1 University of Edinburgh 2 Microsoft Research Cambridge

426 views • 31 slides
The POD file NAME iaoptions.config Main (and only) configuration file for JACoW.upload,

The POD file NAME iaoptions.config Main (and only) configuration file for JACoW.upload,

File Upload / Download Perl Scripts The five Perl scripts must be installed on the conference file server to enable authors and editors to upload and download manuscript and talk files. The file server must have an up-to-date version of

272 views • 9 slides
A Moose Once Bit My Honeypot A Story of an Embedded Linux Botnet by Olivier Bilodeau (

A Moose Once Bit My Honeypot A Story of an Embedded Linux Botnet by Olivier Bilodeau (

A Moose Once Bit My Honeypot A Story of an Embedded Linux Botnet by Olivier Bilodeau ( @obilodeau ) $ apropos Embedded Linux Malware Moose DNA (description) Moose Herding (the Operation) Whats New? Take Aways $ whoami Malware

1.19k views • 97 slides
IETF 74 DHC draft-dhankins-softwire-tunnel-option draft-ietf-dhc-option-guidelines

IETF 74 DHC draft-dhankins-softwire-tunnel-option draft-ietf-dhc-option-guidelines

IETF 74 DHC draft-dhankins-softwire-tunnel-option draft-ietf-dhc-option-guidelines draft-ietf-dhc-dhcpinform-clarify David W. Hankins Internet Systems Consortium, Inc. March, 2009 softwire-tunnel-option-03 No material changes.

347 views • 15 slides
Communication Systems Security Overview University of Freiburg Computer Science Computer

Communication Systems Security Overview University of Freiburg Computer Science Computer

Communication Systems Security Overview University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer Organization I. Data and voice communication in IP networks II. Security issues in

792 views • 25 slides
1 Some Old Examples Some Recent Examples Western Digital House Keys Compromise went

1 Some Old Examples Some Recent Examples Western Digital House Keys Compromise went

Administrivia P561: Network Systems Fishnet Assignment #4 Week 9: Network Security Due next Monday, Dec 1 Final Exam Tom Anderson Handed out next Monday night (and by email) Ratul Mahajan Due Monday, 12/8, 11:59pm, no extensions

393 views • 11 slides
Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture

Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture

Topics Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture 24 Phishing 13/11/2008 Firewall Censorship of the Internet 2 Examples Hacking or Cracking Virus Cracking = Subverting

462 views • 6 slides
Exam 2 Review CS461/ECE422 Fall 2009 Exam guidelines Same as for first exam A single page

Exam 2 Review CS461/ECE422 Fall 2009 Exam guidelines Same as for first exam A single page

Exam 2 Review CS461/ECE422 Fall 2009 Exam guidelines Same as for first exam A single page of supplementary notes is allowed 8.5x11. Both sides. Write as small as you like. Closed book No calculator or other widgets.

481 views • 22 slides
Problems Implementing a points-to analysis to handle the details of Java is a lot of work. is

Problems Implementing a points-to analysis to handle the details of Java is a lot of work. is

Scaling Java Points-To Analysis Using S PARK (Soot Pointer Analysis Research Kit) Ond rej Lhot ak and Laurie Hendren Sable Research Group McGill University April 8th, 2003 p. 1/53 Problems Implementing a points-to analysis to

610 views • 59 slides
Tutorial Slides for Week 13 ENEL 353: Digital Circuits Fall 2014 Term Steve Norman, PhD, PEng

Tutorial Slides for Week 13 ENEL 353: Digital Circuits Fall 2014 Term Steve Norman, PhD, PEng

Tutorial Slides for Week 13 ENEL 353: Digital Circuits Fall 2014 Term Steve Norman, PhD, PEng Electrical & Computer Engineering Schulich School of Engineering University of Calgary 2 December, 2014 slide 2/9 ENEL 353 F14 T02 Tutorial

479 views • 9 slides
Detectors with high precision timing ( t ~ 10 ps = 3 mm light travel) Michael Albrow for T979

Detectors with high precision timing ( t ~ 10 ps = 3 mm light travel) Michael Albrow for T979

Detectors with high precision timing ( t ~ 10 ps = 3 mm light travel) Michael Albrow for T979 detector development & test beam project With Sergey Los, Erik Ramberg, Anatoly Ronzhin, Andriy Zatserklyaniy Classical particle timing

413 views • 5 slides
Gluino/squarks will be produced copiously at the LHC if the masses are less than 1 TeV.

Gluino/squarks will be produced copiously at the LHC if the masses are less than 1 TeV.

N ovel reconstruction technique for new physics with ISR Yasuhiro Shimizu( IIAIR, Tohoku) J.Alwall, K.Hiramatsu, M.M.Nojiri, Y.S, PRL:103(2009)151802 2010/5/10-13@Madison,WI 1 Introduction Gluino/squarks will be produced copiously at

581 views • 14 slides
Overview General Principles of Pipelining Goal Computer Architecture: Pipelining

Overview General Principles of Pipelining Goal Computer Architecture: Pipelining

Overview General Principles of Pipelining Goal Computer Architecture: Pipelining Difficulties Creating a Pipelined Y86-64 Processor CSci 2021: Machine Architecture and Organization Rearranging SEQ March 25th-27th, 2020 Inserting

558 views • 6 slides
1 last time HCL details/built in components HCL debug/interactive options walkthrough of SEQ

1 last time HCL details/built in components HCL debug/interactive options walkthrough of SEQ

1 last time HCL details/built in components HCL debug/interactive options walkthrough of SEQ stages/needed MUXes 2 critical path every path from state output to state input needs enough time output may change on rising edge of clock

1.14k views • 77 slides
Vector spaces DS-GA 1013 / MATH-GA 2824 Optimization-based Data Analysis

Vector spaces DS-GA 1013 / MATH-GA 2824 Optimization-based Data Analysis

Vector spaces DS-GA 1013 / MATH-GA 2824 Optimization-based Data Analysis http://www.cims.nyu.edu/~cfgranda/pages/OBDA_fall17/index.html Carlos Fernandez-Granda Vector space Consists of: A set V A scalar field (usually R or C ) Two

1.06k views • 69 slides
Transfer of Samples in Policy Search via Multiple Importance Sampling Andrea Tirinzoni, Mattia

Transfer of Samples in Policy Search via Multiple Importance Sampling Andrea Tirinzoni, Mattia

Transfer of Samples in Policy Search via Multiple Importance Sampling Andrea Tirinzoni, Mattia Salvini, and Marcello Restelli 36th International Conference on Machine Learning, Long Beach, California 1 Motivation Policy Search (PS) : very

507 views • 19 slides
Numerical optimization minimizing a function by evaluating it at many trial points. Main

Numerical optimization minimizing a function by evaluating it at many trial points. Main

Numerical optimization minimizing a function by evaluating it at many trial points. Main points: 1. optimizers can fail to find the global optimum: (a) multiple modes are a problem. (b) result is often starting point dependent. 2. limited

342 views • 8 slides
Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical

Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical

Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical and Computational Genomics Prof. James H. Thomas Are these proteins related? SEQ 1: RVVNLVPS--FWVLDATYKNYAINYNCDVTYKLY NO (score = 9) L P W L

607 views • 24 slides
Basic Pipelining Wrap-up Exploiting ILP (from Slide Set 20) Chapter 6 and beyond 1 2

Basic Pipelining Wrap-up Exploiting ILP (from Slide Set 20) Chapter 6 and beyond 1 2

Slide Set #21: Basic Pipelining Wrap-up Exploiting ILP (from Slide Set 20) Chapter 6 and beyond 1 2 Pipelining Big Picture Remember the single-cycle implementation Improve performance by increasing instruction throughput

392 views • 5 slides
The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and

The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and

The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and GDPR-related applications 11 December 2019, Madrid, GDPR@Jurix workshop Giovanni Sileno (g.sileno@uva.nl), Thomas van Binsbergen

527 views • 23 slides
Power Expectation Propagation for Deep Gaussian Processes Dr. Richard E. Turner ( ret26@cam.ac.uk

Power Expectation Propagation for Deep Gaussian Processes Dr. Richard E. Turner ( ret26@cam.ac.uk

Power Expectation Propagation for Deep Gaussian Processes Dr. Richard E. Turner ( ret26@cam.ac.uk ) Computational and Biological Learning Lab, Department of Engineering, University of Cambridge with Thang Bui, Yingzhen Li, Jos e Miguel Hern

957 views • 69 slides
Pseudo-Relevance Feedback CS6200: Information Retrieval Slides by: Jesse Anderton

Pseudo-Relevance Feedback CS6200: Information Retrieval Slides by: Jesse Anderton

Pseudo-Relevance Feedback CS6200: Information Retrieval Slides by: Jesse Anderton Pseudo-Relevance Feedback If we assume the first k documents are relevant, we can update our query to find more relevant documents. Rocchios Algorithm for

80 views • 7 slides

More recommend