I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.

Slides:

Advertisements

Similar presentations

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Advertisements

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Network Layer and Transport Layer.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.

Analysis of Privacy Jim McCann & Daniel Kuo EECS 598.

Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

Anonymity on the Internet -By Jacob Palme and Mikael Berglund Presented by – Harsha Alagud.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.

Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.

1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.

Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.

Who am I? Mats Ohlin Swedish Defence Materiel Administration (FMV) IT Security area –International Standardisation: ISO/IEC JTC 1/SC 27/WG 3 (Security.

CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.

CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.

Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.

NetworkProtocols. Objectives Identify characteristics of TCP/IP, IPX/SPX, NetBIOS, and AppleTalk Understand position of network protocols in OSI Model.

Chapter 4. After completion of this chapter, you should be able to: Explain “what is the Internet? And how we connect to the Internet using an ISP. Explain.

The Internet in Education Objectives Introduction Overview –The World Wide Web –Web Page v. Web Site v. Portal Unique and Compelling Characteristics Navigation.

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.

Anonymity on the Internet Presented by Randy Unger.

Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Reinventing Digital Identity Design Goals Product Overview Technology & Cryptography Overview Question & Answer.

TCP/IP (Transmission Control Protocol / Internet Protocol)

Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.

The Silk Road: An Online Marketplace

The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.

Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–

Nathaniel Ley CIS235 Dec. 09, Why do we need Tor?  Encryption is not enough to ensure complete anonymity, since packet headers can still reveal.

Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

K. Salah1 Security Protocols in the Internet IPSec.

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.

NT1210 Introduction to Networking

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.

Hiding in the Dark: The Internet You Cannot See Marc Visnick

1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.

Anonymous Internet Protocols

Onions and Garlic: the protocols of I2P

Anonymous Communication

Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017

Exercise ?: TOR.

Privacy Through Anonymous Connection and Browsing

An Introduction to Privacy and Anonymous Communication

0x1A Great Papers in Computer Security

Anonymous Communication

Anonymity (Privacy) Suppose you are surfing the Web.

ONLINE SECURE DATA SERVICE

Protocol Application TCP/IP Layer Model

Anonymous Communication

Presentation transcript:

I NTERNET A NONYMITY By Esra Erdin

Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P Conclusion

I NTRODUCTION Anonymity means that the real author of a message is not known

I NTRODUCTION Anonymity is a combination of both Unidentifiability; observers cannot identify any individual agent Unlinkability; observers cannot link an agent to a specific message or action

I NTRODUCTION Why is anonymity needed on Internet? Privacy Freedom of Speech Anti-cencorship

Received: from n12.groups.yahoo.com (n12.groups.yahoo.com [ ]) by unni.dsv.su.se (8.9.3/8.9.3) with SMTP id CAA21903 for ; Wed, 12 Dec :19: (MET) X-eGroups-Return: Received: from [ ] by n12.groups.yahoo.com with NNFMP; 12 Dec :19: Received: (qmail invoked from network); 12 Dec :18: Received: from unknown ( ) by m8.grp.snv.yahoo.com with QMQP; 12 Dec :18: Received: from unknown (HELO n26.groups.yahoo.com) ( ) by mta1.grp.snv.yahoo.com with SMTP; 12 Dec :18: X-eGroups-Return: Received: from [ ] by n26.groups.yahoo.com with NNFMP; 12 Dec :12: X-eGroups-Approved-By: simparl via web; 12 Dec :18: X-Sender: X-Apparently-To: Received: (EGP: mail-8_0_1_2); 11 Dec :50: Received: (qmail invoked from network); 11 Dec :50: Received: from unknown ( ) by m12.grp.snv.yahoo.com with QMQP; 11 Dec :50: Received: from unknown (HELO micexchange.loanperformance.com) ( ) by mta2.grp.snv.yahoo.com with SMTP; 11 Dec :50: Received: from mrlizard.com (IAN2 [ ]) by micexchange.loanperformance.com with SMTP (Microsoft Exchange Internet Mail Service Version ) id W11PL97B; Tue, 11 Dec :53:

Steps to hide the real identity through several servers

P ROXY S ERVERS The basic idea behind a proxy server is that a client uses a proxy server to surf the web as in the figure below.

R ERS R ers enable users to send electronic messages through their server so that sender can not be traced. R ers typically remove all identifying information from s before forwarding them to their destination. Known examples are Cypherpunk, Mixmaster.

M IX N ETWORK The basic building block of these systems, is a set of mix processes where each mix process takes ciphertext messages that are encrypted with the mix process’s public key as inputs. Mix process groups messages together as a batch and forwards the encrypted messages to the next mix process at certain flush times along with dummy messages.

O NION R OUTING The basic idea is very similar to the mix system but performance is improved by using symmetric keys for relaying messages and asymmetric keys to establish circuits in the system.

T OR The Tor (The Onion Router) Project is one of the open-source solutions available to protect privacy and security over the network communication.

Originally developed by the US Naval Research Laboratory and formerly funded by the Electronic Frontier Foundation, Tor is designed to protect users from traffic analysis and other kinds of network surveillance.

H OW T OR W ORKS

H IDDEN S ERVICES Tor also makes it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. Using Tor "rendezvous points," other Tor users can connect to these hidden services, each without knowing the other's network identity

Keep in Mind! TOR does not provide end-to-end encryption. Any unencrypted traffic sent through TOR will only be protected until it exits the TOR network

I2P I2P (Invisible Internet Project) is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other.

I2P works by routing traffic through other peers, as shown in the picture. All traffic is encrypted end-to-end.

C ONCLUSION Anonymity networks such as Tor & I2P can't solve all anonymity problems. It focuses only on protecting the transport of data.

Also, to protect your anonymity, be smart. Don't provide your name or other revealing information in web forms.

Be aware that, like all anonymizing networks that are fast enough for web browsing, Tor does not provide protection against end-to-end timing attacks: If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit.

QUESTIONS ?

To gain higher protection of anonymity, a clever impostor can use various techniques to make identification more difficult. Examples of such techniques are: IP numbers, trace lists and other identification can be falsified. Since this information is often created in servers, it is easier to falsify them if you have control of one or more servers.

Even though anonymity and pseudonymity is not something new with the Internet, the net has increased the ease for a person to distribute anonymous and pseudonymous messages. Anonymity on the Internet is almost never 100 %, there is always a possibility to find the perpetrator, especially if the same person uses the same way to gain anonymity multiple times.

Anon.penet.fri was a pseudonymity server started by Johan Helsingius in Finland in It was very popular by people in other countries, since they thought that relaying messages through an anonymity server in Finland would reduce the risk of their real identity being divulged. At its peak, it had registered users and transferred messages per day.