Anonymous Communications

Slides:



Advertisements
Similar presentations
Tor: The Second-Generation Onion Router
Advertisements

TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.
Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.
Privacy and Anonymity CS432 - Security in Computing Copyright © 2005, 2006 by Scott Orr and the Trustees of Indiana University.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.
Anonymity on the Internet Presented by Randy Unger.
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
R. Newman Anonymity - Background. Defining anonymity Defining anonymity Need for anonymity Need for anonymity Defining privacy Defining privacy Threats.
Class 8 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–
Nathaniel Ley CIS235 Dec. 09, Why do we need Tor?  Encryption is not enough to ensure complete anonymity, since packet headers can still reveal.
Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.
Tor Bruce Maggs relying on materials from
Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.
Hiding in the Dark: The Internet You Cannot See Marc Visnick
Network Security: Anonymity
17- 1 Last time ● Internet Application Security and Privacy ● Link-layer security: WEP, WPA, WPA2 ● Network-layer security: VPN, IPSec.
Chapter 5 Network Security Protocols in Practice Part I
Anonymous Internet Protocols
Onions and Garlic: the protocols of I2P
CS590B/690B Detecting Network Interference (Fall 2016)
CS590B/690B Detecting Network Interference (FALL 2016)
Virtual Private Networks
Tor Internals and Hidden Services
Anonymous Communication
What's the buzz about HORNET?
Protocols for Anonymous Communication
Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017
Packet Sniffing.
Dark Web, I2P, and Deep Web Team 5
Privacy Through Anonymous Connection and Browsing
An Introduction to Privacy and Anonymous Communication
0x1A Great Papers in Computer Security
Anupam Das , Nikita Borisov
Network Security: Anonymity
Anonymous Communication
دیواره ی آتش.
Protocol ap1.0: Alice says “I am Alice”
Anonymity (Privacy) Suppose you are surfing the Web.
Lecture 10: Network Security.
Anonymous Communication
Bruce Maggs relying on materials from
Anonymity – Chaum Mixes
Bruce Maggs relying on materials from
Anonymous Communication
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Bruce Maggs relying on materials from
Lecture 36.
Lecture 36.
Presentation transcript:

Anonymous Communications Vyas Sekar

This lecture’s agenda Outline Objective Motivation Who needs/wants anonymity? Why do they want it? Mechanisms for anonymity Mixnet (Chaum) Anonymizing proxy Practical example: Anonymous routing with Tor Objective Introduce the cryptographic fundamentals behind anonymous communications Discuss the theory and practice behind a deployed system (Tor)

The problem Public networks such as the Internet do not provide anonymity Packet headers identify recipients (even in IPsec…) Packet routes can be traced Encryption (SSL, IPsec, …) provides secrecy of the payload but not anonymity In particular, encryption does not hide routing info You can actually use IPsec in tunneling mode to get limited anonymity but this is not IPsec’s primary intent

Motivation: Who needs anonymity? Activists in countries or regions where freedom of speech is not guaranteed Journalists, dissidents Censorship resistant libraries Socially sensitive communicants Abuse survivors People with illnesses who want to preserve their privacy Law enforcement Anonymous tips, crime reporting Witness protection program? Sting/undercover operations (although fake identity is probably more useful in that case) Corporations Hiding procurement suppliers/patterns

Anonymous from whom? Recipient of your message Sender of your message  Need channel and data anonymity Observer of network from the outside Network infrastructure Need channel anonymity Notes: - Anonymous authenticated communication makes perfect sense - Communicant identification should not be a property of the channel

Communication anonymity Many technical approaches Focus here on (commonly used) Mixes (a.k.a. mixnets) Originally proposed by David Chaum at UC Berkeley around 1980 for untraceable email Proxies Generally used by web browsing anonymizing services

(Envelopes are sealed using the recipient’s public key) Chaum Mix (1981) (Envelopes are sealed using the recipient’s public key) Bob Alice Minnie (Mix) Bob

(Envelopes are sealed using the recipient’s public key) Chaum Mix (1981) (Envelopes are sealed using the recipient’s public key) Bob Minnie Alice Minnie (Mix) Bob

(Envelopes are sealed using the recipient’s public key) Chaum Mix (1981) (Envelopes are sealed using the recipient’s public key) Bob Minnie Alice Minnie (Mix) Bob

(Envelopes are sealed using the recipient’s public key) Chaum Mix (1981) (Envelopes are sealed using the recipient’s public key) Bob Minnie Alice Minnie (Mix) Bob Bob Minnie

(Envelopes are sealed using the recipient’s public key) Chaum Mix (1981) (Envelopes are sealed using the recipient’s public key) Bob Minnie Alice Minnie (Mix) Bob Bob

(Envelopes are sealed using the recipient’s public key) Chaum Mix (1981) (Envelopes are sealed using the recipient’s public key) Bob Minnie Bob Alice Minnie (Mix) Bob

Chaum Mix No one but Minnie knows the author of the original letter However, an observer could easily guess it is Alice by observing that Alice sent something to Minnie shortly before Minnie sent it to Bob

Chaum mix w/ multiple participants Alice Bob Minnie Bob Carol Ed Minnie (Mix) Jeff (Envelopes are sealed using the recipient’s public key) Nameless guy

Chaum mix w/ multiple participants Alice Bob Minnie Bob Minnie Jeff Carol Ed Minnie (Mix) Jeff (Envelopes are sealed using the recipient’s public key) Nameless guy

Chaum mix w/ multiple participants Alice Bob Minnie Bob Minnie Jeff Carol Ed Minnie (Mix) Minnie Ed Jeff (Envelopes are sealed using the recipient’s public key) Nameless guy

Chaum mix w/ multiple participants Alice Bob Minnie Bob Bob Minnie Jeff Carol Ed Minnie (Mix) Minnie Ed Jeff (Envelopes are sealed using the recipient’s public key) Nameless guy

Chaum mix w/ multiple participants Alice Bob Minnie Bob Bob Ed Minnie Jeff Carol Ed Minnie (Mix) Minnie Ed Jeff (Envelopes are sealed using the recipient’s public key) Nameless guy

Chaum mix w/ multiple participants Alice Bob Minnie Bob Bob Ed Minnie Jeff Carol Ed Minnie (Mix) Jeff Minnie Ed Jeff (Envelopes are sealed using the recipient’s public key) Nameless guy

Chaum mix w/ multiple participants Mix (Minnie in the example) reorders messages (e.g., in lexicographic order) Only Minnie knows who is talking to whom (but she doesn’t know the content of the message) Note that Minnie can actually be part of the people talking if she can use another mix herself (e.g., if Alice can perform the functions of a mix)

Challenge #1 What if Alice sends 7 messages for Bob, Carol 3 messages for Jeff, and the nameless guy 1 message to Ed?

Challenge #1 What if Alice sends 7 messages for Bob, Carol 3 messages for Jeff, and the nameless guy 1 message to Ed? One can figure out who is talking to whom by simply counting the number of messages coming in and out of the mix for each input and each output

Dummies What if Alice sends 7 messages for Bob, Carol 3 messages for Jeff, and the nameless guy 1 message to Ed? One can figure out who is talking to whom by simply counting the number of messages coming in and out of the mix for each input and each output One way of solving the problem is to have the mix output 7 messages to Bob, Ed, and Jeff… Dummy messages for padding

Challenge #2 Minnie knows who is talking to whom What if Minnie is malicious?

Challenge #2 Minnie knows who is talking to whom What if Minnie is malicious? Use a cascade of mixes = a mixnet

Mixnet Bob, Ed, Jeff, … Mix 1 Mix 2 Mix 3 Msg 1 Msg 2 Msg 3

Mixnet Bob, Ed, Jeff, … Mix 1 Mix 2 Mix 3 Msg 1 Msg 2 Msg 2 Msg 1 Decrypt and permute Msg 1 Msg 3 Msg 3

Mixnet Bob, Ed, Jeff, … Mix 1 Mix 2 Mix 3 Msg 1 Msg 2 Msg 3 Msg 2 Decrypt and permute Msg 2 Decrypt and permute Msg 1 Decrypt and permute Msg 1 Msg 3 Msg 3 Msg 2

Mixnet Bob, Ed, Jeff, … Mix 1 Mix 2 Mix 3 Msg 1 Msg 2 Msg 3 Msg 1 Decrypt and permute Decrypt and permute Decrypt and permute Decrypt and permute Msg 2 Msg 1 Msg 1 Decrypt and permute Msg 3 Msg 3 Msg 3 Msg 2 Msg 2

Mixnets Advantages Drawbacks Only one honest server is needed to preserve anonymity Can be fully distributed e.g., can be used in peer-to-peer architectures Drawbacks Mixnets introduced for email and other high latency applications Each layer of message requires expensive public key cryptography What about remote login, chat, web browsing, and other low latency applications?

(Basic) Anonymizing proxy Conceptually much simpler solution Channels appear to come from proxy, not true originator IPsec can actually implement this!

Anonymizing proxy Advantages Drawbacks Simple Focuses a lot of traffic Very good for anonymity No complex encryption primitives required Appropriate for web transactions, etc Drawbacks Single point of failure Vulnerable to attacks Limited in scale?

Onion routing Traffic analysis resistant infrastructure Main idea: combine advantages of mixes and proxies Use public key crypto to establish circuits Like mixnets Use symmetric key crypto to move data Like SSL/TLS based proxies Related work ISDN mixes Crowds, JAP webmixes, FreeNet Tarzan, Morphmix

Tor Tor Deployed anonymizing overlay network The Onion Router Tor’s Onion Routing Deployed anonymizing overlay network Running since October 2003 5,000+ nodes on five continents (April 2014) Nodes are regular PCs for the most part ran by volunteers

Tor design Three main functions of interest to us Circuit establishment Circuit usage Hidden services

How does Tor work? [Dingledine et al., 2004] Client first gets IP address of possible Tor entry nodes from directory server Client

How does Tor work? [Dingledine et al., 2004] Client first gets IP address of possible Tor entry nodes from directory server Client

How does Tor work? [Dingledine et al., 2004] Client proxy establishes session key+circuit w/ Onion Router 1 1 Client

How does Tor work? [Dingledine et al., 2004] Client proxy establishes session key+circuit w/ Onion Router 1 Proxy tunnels through that circuit to extend to Onion Router 2 1 Client 2

How does Tor work? [Dingledine et al., 2004] Client proxy establishes session key+circuit w/ Onion Router 1 Proxy tunnels through that circuit to extend to Onion Router 2 etc 1 Client 3 2

How does Tor work? [Dingledine et al., 2004] Once circuit is established, applications connect and communicate over Tor circuit 1 Client 3 Server 2

Tor: hidden services Hidden server uses Tor to contact 3 “introduction points” (Tor relays) Server upload Introduction Points info to DB server 1 2 3 Hidden server Client 3 1 2 3 1 2 3 I2

Tor: hidden services Client hears about hidden server, gets introduction points from DB Client sets up rendez-vous point (3rd node of a circuit built by client) Hidden server Client 3 1 2 I2

Tor: hidden services Client tells hidden server about Rendez-Vous Point by contacting one of the Introduction Points and asking them to relay message to server 1 2 3 1 2 3 Hidden server Client 3 I2

Tor: hidden services Client communicate with hidden server through rendez-vous point from then on 6 hops (3 picked by client, including RP, 3 picked by server) Hidden server Client 3 1 2 I2 1 2 3

Tor bootstrapping Directory servers Effort to decentralize process Maintain list of which onion routers are up, locations, keys, exit policies, etc Control which nodes can join network Important to guard against Sybil attacks and related problems Effort to decentralize process Research challenge

Other anonymous networks Anonymous storage: Freenet Peer-to-peer network Files split in multiple pieces, pieces may use different circuits Anonymous communications: I2P Originally developed by Freenet community Complement/competitor to Tor Uses “garlic-based” routing – similar to onion routing at a high level Anonymous email: Mixminion Anonymous mailer Plug-in for email clients (e.g., mutt) Development has basically ceased as developers became more involved in Tor Used in Pitt fake bomb threats (didn’t work as well as they’d hope… why?) Numerous server-based solutions: e.g., anonymizer.net (web), Nym (email)

Take away slide Encryption does not ensure anonymity Traffic analysis always possible Combination of mixnets and proxies Clever use of cryptography Try to find again good balance between public key crypto (slow but convenient) and symmetric key crypto (fast but harder to set up) Deployed mechanisms are readily available Interesting policy/technology challenges

Caveat: Censorship arms race Censor blocks “forbidden” website Censor blocks Tor entry nodes List is publically available Censor identifies/blocks Tor traffic patterns Packet sizes indicative of Tor cells Censor attempts to detect morphed traffic User circumvents block using Tor User circumvents block using Tor bridges User attempts to morph their traffic Stegotaurus/Skypemorph etc Etc…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.