Title: Selling an Idea or a Product
191.580.203 Computer Network Forensics
Xinwen Fu Anonymous Communication Computer
Forensics
2Outline
- Background
- Onion routing
- Attacks against anonymity
- Tor
3Motivation
Protect the identity of participants in a
distributed application, such as E-voting,
E-shopping, E-cash, and military applications
I know whats going on!!!
Eavesdropping
4Current Network Status
- Commercial routers not under government control
- Unencrypted data is completely open
- Encrypted data still exposes communicating parties
5Traffic Analysis Attack
- Public networks are vulnerable to traffic
analysis attack. - In a public network
- Packet headers identify recipients
- Packet routes can be tracked
- Volume and timing signatures are exposed
Encryption does not hide identity information of
a sender and receiver.
6Traffic Analysis Attack (cont.)
- Traffic Analysis reveals identities.
- Who is talking to whom may be confidential or
private - Who is searching a public database?
- What web-sites are you surfing?
- Which agencies or companies are collaborating?
- Where are your e-mail correspondents?
- What supplies/quantities are you ordering from
whom? - Knowing traffic properties can help an adversary
decide where to spend resources for decryption,
penetration,...
7Goals of Anonymity Receiver Untraceability
Evil
Alice
Bob
Receivers are not observable i.e. the attacker
does not know if B received a message
Senders are observable i.e. the attacker knows
that A sent a message to someone
Example radio
8Goals of Anonymity Sender Untraceability
Evil
Bob
Alice
Example Wireless routers using NAT
Senders unobservable.
9Goals of Anonymity Sender/Receiver Unlinkability
Alice
Evil
Bob
Senders and Receivers are observable, but not
clear who is talking to whom
10Outline
- Background
- Onion routing
- Attacks against anonymity
- Tor
11Anonymous Communication Systems
- A number of Anonymous Communication Systems have
been realized. Several well-known systems are - Anonymizer (anonymizer.com)
- Onion-Routing (NRL)
- Crowds (Reiter and Rubin)
- Anonymous Remailer (MIT LCS)
- Tor (MIT and EFF)
- Freedom (Zero-Knowledge Systems)
- Hordes (Shields and Levine)
- PipeNet (Dai)
- SafeWeb (Symantec)
12Basic Approach Anonymizing Proxy
anonymizing proxy
- Channels appear to come from proxy, not true
originator - May also filter traffic for identifying
information - Examples Penet Remailer (shut down), The
Anonymizer, SafeWeb (Symantec)
13Anonymizer for Web Browsing
anonymizing proxy anonymizer.com
- User connects to the proxy first and types the
URL in a web form - Channels appear to come from proxy, not true
originator - The proxy may also filter traffic to remove
identifying information - It offers encrypted link to the proxy (SSL or SSH)
14Problems of Anonymizer
Internet
Phone System
Proxy
ISP
Responders
Encrypted link user to proxy
- ISP knows user connection times/volumes Can
easily eavesdrop on outgoing proxy connections
and learn all - Proxy knows everything about connections
- So, both are fully trusted (single points of
failure)
15Chaum Mixes (David Chaum)
- Underlying Idea for Mixmaster remailer, Onion
Routing, ZKS Freedom, Web Mixes - Basic description A network of mix nodes
- Special Onion-like encryption Cell
(message/packet) wrapped in multiple layers of
public-key encryption by sender, one for each
node in a route - Decrypted layer tells mix next node in route
- Reordering Mixes hold different cells for a time
and reorder before forwarding to respective
destinations - Rerouting use a few proxies
16Onion Routing Based on Mix Networks
Traditional Spy Network
- Sender selects a route through the mix network
- An intermediate mix only knows where the packet
comes from, and what is the next stop of the
packet
17Review of Public Key Cryptography
- PrivateKeyBob(PublicKeyBob(Message))Message
- PublicKeyBob(PrivateKeyBob(Message))Message
18Onion-Like Encryption
Receiver
Sender
B
A
19Why Buffering and Reordering Packets?
- Disrupt the timing correlation between packets
into and out of a mix
mix
20Crowds
Sender
Blender
Web server
- User machines are the network
- "Blender" announces crowd members to all members
- Jondo" at machine flips weighted coin
- If Heads forwards to random crowd member
- If Tails connects to end Web address
- All Jondos on path know path key
- All connections from a source use same path for
lifetime of that crowd
21Crowds Virtues
- Good on sender protections
- No single point of failure
- Peer-to-peer design means minimal long-term
network services - More lightweight crypto than mix-based systems
22Crowds Limitations
- All users must run Perl code
- Requires users to have longrunning high-speed
Internet connections - Entirely new network graph needed for new or
reconnecting Crowd member - Connection anonymity dependent on data anonymity
- Anonymity protection limited to Crowd size
- Rather weak on responder protections
- Lacks perfect forward anonymity
- The intermediate nodes knows the receiver
23Outline
- Background
- Onion routing
- Attacks against anonymity
- Tor
24Connectivity Analysis Attacks
Attacks against Mix Networks
B
Sender
Receiver
C
A
The adversary knows that Sender communicates with
Receiver
25Outline
- Background
- Onion routing
- Attacks against anonymity
- Tor
26Tor A Practical Anonymous Protocol
- Some combination of Chaums Mix and Crowds
- Encrypt data packets by symmetric keys
- Implement forward and backward anonymity
- Has P2P functions
- Easy to use
- Open source
27First Sight
- A web server knows your ip http//www.proxyway.co
m/www/check-ip-address/whatis-my-ip-address.html - Tor to hide your ip
- Tor downloading webpage
- http//tor.eff.org/download.html.en
- Manual for Windows setup
- http//tor.eff.org/docs/tor-doc-win32.html.en
28(No Transcript)
29IE
30Tor Components
Internet
WWW Server
31Tor Network
- Onion router list C\Documents and
Settings\fu\Application Data\Tor\cached-status
Application Server
Client
Tor Network
Legend
Client or Server or Onion Router
Onion Router
Directory Server
32References
- D. Chaum, (1981), Untraceable electronic mail,
return addresses, and digital pseudonyms,
Communications of the ACM, Vol. 24, No. 2,
February, pp. 84--88. - Andrei Serjantov, Roger Dingledine and Paul
Syverson, From a Trickle to a Flood Active
Attacks on Several Mix Types , In Proceedings of
the Information Hiding Workshop, 2002 - Andreas Pfitzmann et al., Anonymity,
Unobservability, and Pseudonymity A Proposal
for Terminology, 2000, - Xinwen Fu, welcome to Xinwen Fus homepage,
http//www.homepages.dsu.edu/fux/, 2007 - Cisco Systems, Inc., Catalyst 2950 and Catalyst
2955 Switch Software Configuration Guide,
12.1(19)EA1, 2007 - Cisco Systems, Inc., Catalyst 2900 Series
Configuration Guide and Command Ref, 2007