Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.

Slides:



Advertisements
Similar presentations
Aaron Johnson with Joan Feigenbaum Paul Syverson
Advertisements

A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.
A Formal Analysis of Onion Routing 10/26/2007 Aaron Johnson (Yale) with Joan Feigenbaum (Yale) Paul Syverson (NRL)
IPSec.
Tor: The Second-Generation Onion Router
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
Privacy Protection In Grid Computing System Presented by Jiaying Shi.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.
Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Analysis of Onion Routing Presented in by Jayanthkumar Kannan On 10/8/03.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Anonymization and Privacy Services Infranet: Circumventing Web Censorship and Surveillance, Feamster et al, Usenix Security Symposium 2002.
Providing Anonymity Services in SIP L. Kazatzopoulos, K. Delakouridis, G.F. Marias PIMRC 2008 Sept. 15,
Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Network Security Sorina Persa Group 3250 Group 3250.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)
Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.
Privacy and Anonymity CS432 - Security in Computing Copyright © 2005, 2006 by Scott Orr and the Trustees of Indiana University.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Anonymous Communication -- a brief survey
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Lecture 14: Anonymity on the Web (cont) Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.
Lecture 11 Page 1 Advanced Network Security Cryptography and Networks: IPSec and SSL/TLS Advanced Network Security Peter Reiher August, 2014.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Computer Networking P2P. Why P2P? Scaling: system scales with number of clients, by definition Eliminate centralization: Eliminate single point.
Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
Ways to reduce the risks of Crowds and further study of web anonymity By: Manasi N Pradhan.
The Silk Road: An Online Marketplace
Onion Routing R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.
The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.
Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–
Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.
1 Anonymous Communications CSE 5473: Network Security Lecture due to Prof. Dong Xuan Some material from Prof. Joan Feigenbaum.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.
Port Based Network Access Control
Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.
Modified Onion Routing and its Proof of Concept By: Gyanranjan Hazarika.
IPSecurity.
Chapter 18 IP Security  IP Security (IPSec)
Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin
Dark Web, Deep Web, and I2P Dante Taylor, Dayton Chamberlin, Kade Randall, Trevor, Tanner, Harshit Joshi, Troy.
An Introduction to Privacy and Anonymous Communication
0x1A Great Papers in Computer Security
Chapter 15 – Part 2 Networks The Internal Operating System
Public-Key, Digital Signatures, Management, Security
Presentation transcript:

Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI

Onion Routing  Provides measures against traffic analysis.  Provides protection against eavesdropping.  Provides bi-directional anonymous communication.  Provides anonymous socket connection through a proxy server for easy deployment.

Routing Topology  Creates an anonymous, bi- directional, real-time VC between initiator and responder.  Information is hidden by making a data stream pass through the anonymous circuit en route to its destination  Each node (except initiator’s proxy server) knows nothing but the previous and the next hops in the communication chain  Consists of the initiator, it’s proxy server, the responder’s proxy server, the responder and the nodes on the route between the initiator and responder

Onion Structure Initiator’s proxy identifies a series of routing nodes forming a route through the network. It then creates an onion which encapsulates the route. The basic onion structure depends on the route to the responder chosen by the initiators proxy. Based on this route the initiator’s proxy encrypts first for the responder’s proxy, then for the preceding node on the route and so on back to the first routing node to whom the onion will be sent

Formation & Delivery of Onion Sender(S)S’s ProxyRouter 1Router 2R’s Proxy Receiver(R)

Limitations  It is assumed that the public key certificates for each node have been distributed to all others prior to operations.  No mechanism of checking message authenticity.  Single point of failure: If proxy server is compromised, then the entire system fails.  Two level encryptions for the header and payload.  No way to authenticate a returning participant in the network.  It is assumed that the proxy/routing nodes and the intermediate routing nodes know about each other in advance.  No sender receiver unlinkability.

Proposed Modifications  Remove proxy servers  Use authentication code with message to protect against message corruption by an attacker  Use ‘Type’ field indicationg whether message can tolerate delay or not. If it can, then each routing node assumes the functionality of BINOMIAL MIX !!  Encrypt message with sec_keyxy rather than encrypting header and payload separately  Eliminate need of random bits in message by use of sex_keyxy

Progress Status & References  ORCS (Onion Routing Central Server) Implementation in Java is in-progress.  Sender, Router & Client implementation in C is in-progress. References:  D. Goldschlag, M. Reed, and P. Syverson. Hiding routing information. In Ross Anderson, editor, Information Hiding, First International Workshop, pages Springer-Verlag, LNCS 1174, May  Michael K. Reiter and Aviel D. Rubin. Crowds: anonymity for web transactions. ACM Transactions on Information and System Security, 1(1):66-92,  B. Schneier. Applied Cryptography: Protocols, Algorithms and Source Code in C, John Wiley and Sons,  THANK YOU