Andrew Lewman andrew@torproject.org.

Slides:



Advertisements
Similar presentations
A Formal Analysis of Onion Routing 10/26/2007 Aaron Johnson (Yale) with Joan Feigenbaum (Yale) Paul Syverson (NRL)
Advertisements

Tor: The Second-Generation Onion Router
How to keep your kids safe online
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
ToR. Tor: anonymity online Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.
A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Hidden Apps Carrier IQ and Privacy in Mobile Devices.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
4/19/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.
© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
Microsoft MVP (Enterprise Security) Microsoft Certified Trainer (18 years) Founder: Cybercrime Security Forum! Winner: Microsoft Speaker Idol 2006 Author:
THINK CYBER SMART, BE CYBER SMART! CYBER SAFETY AND DIGITAL CITIZENSHIP IN A CLASSROOM.
Overview  Anonymity systems  Review of how Tor works  Tor Project Inc.  Helper tools and accessories  Advanced Tor control  Attack Vectors.
The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.
Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–
Digital Law -The Deep Web- Digital Law -The Deep Web- Liam Leppard Matthias Lee Russell Wong.
Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.
NETWORK SECURITY HERD: A SCALABLE, TRAFFIC ANALYSIS RESISTANT ANONYMITY NETWORK FOR VOIP SYSTEMS JINGTAO YAO JIAJUN LI ACM HORNORED CLASS.
1 How to make Tor play well with the rest of the Internet. Roger Dingledine The Tor Project
The Tor Project
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project
1 Tor: a brief intro Roger Dingledine The Tor Project
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project
1 Tor blocking-resistance design overview Roger Dingledine The Tor Project
Online Anonymity & Privacy Andrew Lewman The Tor Project
The Tor Project Anonymity Online Erinn Clark
17- 1 Last time ● Internet Application Security and Privacy ● Link-layer security: WEP, WPA, WPA2 ● Network-layer security: VPN, IPSec.
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project
Online Anonymity The Tor Project
1 Paul Syverson U.S. Naval Research Laboratory Anonymous Internet Communication.
The Tor Project Anonymity Online Erinn Clark TU-Berlin Techtalks January 2011.
1 Tor: Anonymous Communications for the EFF... and you. Roger Dingledine The Tor Project
1 Tor: a quick overview Roger Dingledine The Tor Project
Andrew Lewman The Tor Project
Hotspot Shield Protect Your Online Identity
CS590B/690B Detecting Network Interference (Fall 2016)
CS590B/690B Detecting Network Interference (Fall 2016)
CS590B/690B Detecting Network Interference (FALL 2016)
Vulnerabilities in Tor: (past,) present, future
The Tor Project
The Tor Project
Online Anonymity Roger Dingledine, Andrew Lewman The Tor Project
Tor Internals and Hidden Services
Anonymous Communication
Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017
Andrew Lewman The Tor Project
Karen Reilly Andrew Lewman
Andrew Lewman The Tor Project
Roger Dingledine Jacob Appelbaum
Exercise ?: TOR.
Dark Web, Deep Web, and I2P Dante Taylor, Dayton Chamberlin, Kade Randall, Trevor, Tanner, Harshit Joshi, Troy.
Measuring and Monitoring the Tor Network Aaron Johnson
Progress leisure OCR GCSE ICT.
NYMBLE: BLOCKING MISBEHAVING USERS IN ANONYMIZING NETWORKS
0x1A Great Papers in Computer Security
Anonymous Communication
Anupam Das , Nikita Borisov
Privacy-Preserving Dynamic Learning of Tor Network Traffic
Anonymous Communications
Bruce Maggs relying on materials from
Anonymous Communication
Anonymous Communication
Bruce Maggs relying on materials from
Presentation transcript:

Andrew Lewman andrew@torproject.org

The Tor Project, Inc. 501(c)(3) non-profit organization dedicated to the research and development of technologies for online anonymity and privacy

Anonymous Communications Topics Anonymous Communications Tor Overview The Future

What is Anonymity? 4 /

Anonymity isn't: Cryptography

Anonymity isn't: Cryptography Stenography

Anonymity isn't: Cryptography Stenography Wishful Thinking

Examples of Wishful Thinking “They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Examples of Wishful Thinking

“They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?”

“They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Proof is a very strong word. Statistical analysis allows suspicion to become certainty.

“Promise you won't tell.” “They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?”

“Promise you won't tell.” “They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Will other parties have the abilities and incentives to keep these promises?

“Well, I didn't sign it.” “They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?”

Not what we're talking about. “They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Not what we're talking about.

“The Internet is already anonymous, right?” “They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?”

Nope! “The Internet is already anonymous, right?” “They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Nope!

Anonymous Communication People need to hide in a crowd of other people. ”Anonymity loves company.”

Anonymous Communication The goal of the system is to make all users look as similar as possible.

Anonymous Communication Hide who is communicating with whom.

Anonymous Communication Layered encryption and random delays hide correlation between input traffic and output traffic.

Anonymity serves different interests for different user groups:

Anonymity serves different interests for different user groups: Private Citizens “It's Privacy!” Anonymity

Anonymity serves different interests for different user groups: Governments Private Citizens “It's traffic-analysis resistance!” “It's Privacy!” Anonymity

Anonymity serves different interests for different user groups: Governments Private Citizens “It's traffic-analysis resistance!” “It's Privacy!” Anonymity Businesses “It's network security!”

Human Rights Activists Anonymity serves different interests for different user groups: Governments Private Citizens “It's traffic-analysis resistance!” “It's Privacy!” Anonymity Businesses Human Rights Activists “It's network security!” “It's reachability!”

Tor is not the first system: ZKS, mixmaster, single-hop proxies, Crowds, Java Anon Proxy, VPNs.

Low Latency Systems Low-latency systems are vulnerable to end-to-end correlation attacks.

High Latency Systems High-latency systems are more resistant to end-to-end correlation attacks, but by definition, are less interactive.

Low Latency Systems Low-latency systems are generally more attractive to today's user: Interactive apps: web, instant messaging, VOIP, ssh, X11, cifs/nfs, video streaming (millions of users)

Online anonymity software and network What is Tor? Online anonymity software and network

Open source, freely available, 3-clause BSD licensed What is Tor? Open source, freely available, 3-clause BSD licensed

Active research environment: What is Tor? Active research environment: Rice, UMN, NSF, NRL, Drexel, Waterloo, Cambridge UK, Bamberg Germany, Boston Univ, Harvard, MIT, RPI, Georgia Tech

Increasingly diverse toolset: What is Tor? Increasingly diverse toolset: Tor, Torbutton, Tor Browser Bundle, TA(I)LS LiveCD, Tor Weather, Tor auto-responder, Secure Updater, Orbot, Torora, Tor Check, Arm, Nymble, Tor Control, Tor Wall, TorVM

From http://www.time.com/time/world/article/0,8599,1905125,00.html Twitter In Iran: Good From http://www.time.com/time/world/article/0,8599,1905125,00.html

Twitter In USA: Bad From http://gothamist.com/2009/10/05/fbi_raids_queens_home_in_g20_protes.php

Who Uses Tor? Law Enforcement Human Rights Activists Business Executives Abuse Victims Militaries Normal People 36 /

Estimated 300k to 800k daily users worldwide 37 /

A Typical Internet Connection Network Alice Bob 38 /

Alice might be watched. Network Alice Bob 39 /

Parts of the network could be monitored. Alice Bob 40 /

Bob could be compromised. Network Alice Bob 41 /

How is Tor Different? Relay Bob Alice 42 /

A Basic Relay System Relay Bob Alice 43 /

An Evil Relay Evil Relay Bob Alice 44 /

An Evil Network Relay Bob Alice 45 /

How Tor Works Alice Entry Node Exit Node Middle Node Bob 46 /

Alice connects to an Entry Node. Exit Node Middle Node Bob 47 /

The data is routed through a Middle Node. Alice Entry Node Exit Node Middle Node Bob 48 /

The data is routed through an Exit Node. Alice Entry Node Exit Node Middle Node Bob 49 /

Alice's circuit to Bob is established. Entry Node Exit Node Middle Node Bob 50 /

Vidalia Network Map

Metrics Measuring the Tor Network anonymously NSF grant for research Archive of hourly consensus, ExoneraTor, VisiTor Metrics portal: https://metrics.torproject.org

Operating Systems leak info like a sieve... Applications, network stacks, plugins, oh my...

Operating Systems leak info like a sieve... Applications, network stacks, plugins, oh my... ...some call this sharing.

Operating Systems leak info like a sieve... Did you know Microsoft Word and OpenOffice Writer are browsers?

Operating Systems leak info like a sieve... www.decloak.net Discover how much you like to share!

Mobile Operating Systems Entirely new set of challenges for something designed to know where you are at all times. Orbot: Tor on Android. https://guardianproject.info/apps/ Tor on iphone, maemo/meego, symbian, etc Tor on Windows CE. For example:http://www.gsmk.de Guardian Project, https://guardianproject.info/

Next steps: Visit us at https://www.torproject.org/ for more information, links, and ideas.

Credits and Thanks Presentation: Andrew Lewman, Executive Director for The Tor Project – andrew@torproject.org Danger!, http://flickr.com/photos/hmvh/58185411/sizes/o/ hmvh, CC-BY-SA. 500k, http://www.flickr.com/photos/lukaskracic/334850378/sizes/l/ Luka Skracic, used with permission. Illustration and Design: J.M.Todaro – http://jmtodaro.com

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.