Presentation is loading. Please wait.

Presentation is loading. Please wait.

Andrew Lewman andrew@torproject.org.

Published byAllison Hawkins Modified over 6 years ago

Similar presentations

Presentation on theme: "Andrew Lewman andrew@torproject.org."— Presentation transcript:

1 Andrew Lewman

2 The Tor Project, Inc. 501(c)(3) non-profit organization dedicated to the research and development of technologies for online anonymity and privacy

3 Anonymous Communications
Topics Anonymous Communications Tor Overview The Future

4 What is Anonymity? 4 /

5 Anonymity isn't: Cryptography

6 Anonymity isn't: Cryptography Stenography

7 Anonymity isn't: Cryptography Stenography Wishful Thinking

8 Examples of Wishful Thinking
“They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Examples of Wishful Thinking

9 “They can't prove it was me.”
“Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?”

10 “They can't prove it was me.”
“Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Proof is a very strong word. Statistical analysis allows suspicion to become certainty.

11 “Promise you won't tell.”
“They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?”

12 “Promise you won't tell.”
“They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Will other parties have the abilities and incentives to keep these promises?

13 “Well, I didn't sign it.” “They can't prove it was me.”
“Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?”

14 Not what we're talking about.
“They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Not what we're talking about.

15 “The Internet is already anonymous, right?”
“They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?”

16 Nope! “The Internet is already anonymous, right?”
“They can't prove it was me.” “Promise you won't tell.” “Well, I didn't sign it.” “The Internet is already anonymous, right?” Nope!

17 Anonymous Communication
People need to hide in a crowd of other people. ”Anonymity loves company.”

18 Anonymous Communication
The goal of the system is to make all users look as similar as possible.

19 Anonymous Communication
Hide who is communicating with whom.

20 Anonymous Communication
Layered encryption and random delays hide correlation between input traffic and output traffic.

21 Anonymity serves different interests for different user groups:

22 Anonymity serves different interests for different user groups:
Private Citizens “It's Privacy!” Anonymity

23 Anonymity serves different interests for different user groups:
Governments Private Citizens “It's traffic-analysis resistance!” “It's Privacy!” Anonymity

24 Anonymity serves different interests for different user groups:
Governments Private Citizens “It's traffic-analysis resistance!” “It's Privacy!” Anonymity Businesses “It's network security!”

25 Human Rights Activists
Anonymity serves different interests for different user groups: Governments Private Citizens “It's traffic-analysis resistance!” “It's Privacy!” Anonymity Businesses Human Rights Activists “It's network security!” “It's reachability!”

26 Tor is not the first system: ZKS, mixmaster, single-hop proxies, Crowds, Java Anon Proxy, VPNs.

27 Low Latency Systems Low-latency systems are vulnerable to end-to-end correlation attacks.

28 High Latency Systems High-latency systems are more resistant to end-to-end correlation attacks, but by definition, are less interactive.

29 Low Latency Systems Low-latency systems are generally more attractive to today's user: Interactive apps: web, instant messaging, VOIP, ssh, X11, cifs/nfs, video streaming (millions of users)

30 Online anonymity software and network
What is Tor? Online anonymity software and network

31 Open source, freely available, 3-clause BSD licensed
What is Tor? Open source, freely available, 3-clause BSD licensed

32 Active research environment:
What is Tor? Active research environment: Rice, UMN, NSF, NRL, Drexel, Waterloo, Cambridge UK, Bamberg Germany, Boston Univ, Harvard, MIT, RPI, Georgia Tech

33 Increasingly diverse toolset:
What is Tor? Increasingly diverse toolset: Tor, Torbutton, Tor Browser Bundle, TA(I)LS LiveCD, Tor Weather, Tor auto-responder, Secure Updater, Orbot, Torora, Tor Check, Arm, Nymble, Tor Control, Tor Wall, TorVM

34 From http://www.time.com/time/world/article/0,8599,1905125,00.html
Twitter In Iran: Good From

35 Twitter In USA: Bad From

36 Who Uses Tor? Law Enforcement Human Rights Activists
Business Executives Abuse Victims Militaries Normal People 36 /

37 Estimated 300k to 800k daily users worldwide
37 /

38 A Typical Internet Connection
Network Alice Bob 38 /

39 Alice might be watched. Network Alice Bob 39 /

40 Parts of the network could be monitored.
Alice Bob 40 /

41 Bob could be compromised.
Network Alice Bob 41 /

42 How is Tor Different? Relay Bob Alice 42 /

43 A Basic Relay System Relay Bob Alice 43 /

44 An Evil Relay Evil Relay Bob Alice 44 /

45 An Evil Network Relay Bob Alice 45 /

46 How Tor Works Alice Entry Node Exit Node Middle Node Bob 46 /

47 Alice connects to an Entry Node.
Exit Node Middle Node Bob 47 /

48 The data is routed through a Middle Node.
Alice Entry Node Exit Node Middle Node Bob 48 /

49 The data is routed through an Exit Node.
Alice Entry Node Exit Node Middle Node Bob 49 /

50 Alice's circuit to Bob is established.
Entry Node Exit Node Middle Node Bob 50 /

51 Vidalia Network Map

52 Metrics Measuring the Tor Network anonymously NSF grant for research
Archive of hourly consensus, ExoneraTor, VisiTor Metrics portal:

53 Operating Systems leak info like a sieve...
Applications, network stacks, plugins, oh my...

54 Operating Systems leak info like a sieve...
Applications, network stacks, plugins, oh my some call this sharing.

55 Operating Systems leak info like a sieve...
Did you know Microsoft Word and OpenOffice Writer are browsers?

56 Operating Systems leak info like a sieve...
Discover how much you like to share!

57 Mobile Operating Systems
Entirely new set of challenges for something designed to know where you are at all times. Orbot: Tor on Android. Tor on iphone, maemo/meego, symbian, etc Tor on Windows CE. For example: Guardian Project,

58 Next steps: Visit us at for more information, links, and ideas.

59 Credits and Thanks Presentation: Andrew Lewman, Executive Director for The Tor Project – Danger!, hmvh, CC-BY-SA. 500k, Luka Skracic, used with permission. Illustration and Design: J.M.Todaro –

Download ppt "Andrew Lewman andrew@torproject.org."

Similar presentations

A Formal Analysis of Onion Routing 10/26/2007 Aaron Johnson (Yale) with Joan Feigenbaum (Yale) Paul Syverson (NRL)

A Formal Analysis of Onion Routing 10/26/2007 Aaron Johnson (Yale) with Joan Feigenbaum (Yale) Paul Syverson (NRL)
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
How to keep your kids safe online

How to keep your kids safe online
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
ToR. Tor: anonymity online Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.

ToR. Tor: anonymity online Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.
A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.

A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Hidden Apps Carrier IQ and Privacy in Mobile Devices.

Hidden Apps Carrier IQ and Privacy in Mobile Devices.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
4/19/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/19/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.

Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.
Www.sti-innsbruck.at © Copyright 2012 STI INNSBRUCK www.sti-innsbruck.at Tor project: Anonymity online.

© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.

CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
Microsoft MVP (Enterprise Security) Microsoft Certified Trainer (18 years) Founder: Cybercrime Security Forum! Winner: Microsoft Speaker Idol 2006 Author:

Microsoft MVP (Enterprise Security) Microsoft Certified Trainer (18 years) Founder: Cybercrime Security Forum! Winner: Microsoft Speaker Idol 2006 Author:
THINK CYBER SMART, BE CYBER SMART! CYBER SAFETY AND DIGITAL CITIZENSHIP IN A CLASSROOM.

THINK CYBER SMART, BE CYBER SMART! CYBER SAFETY AND DIGITAL CITIZENSHIP IN A CLASSROOM.
Overview  Anonymity systems  Review of how Tor works  Tor Project Inc.  Helper tools and accessories  Advanced Tor control  Attack Vectors.

Overview  Anonymity systems  Review of how Tor works  Tor Project Inc.  Helper tools and accessories  Advanced Tor control  Attack Vectors.
The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.

The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.

Similar presentations

Ads by Google