Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Tor Network: Freedom and Privacy Online Aaron Johnson U. S

Published byOndřej Beran Modified over 6 years ago

Similar presentations

Presentation on theme: "The Tor Network: Freedom and Privacy Online Aaron Johnson U. S"— Presentation transcript:

1 The Tor Network: Freedom and Privacy Online Aaron Johnson U. S
The Tor Network: Freedom and Privacy Online Aaron Johnson U.S. Naval Research Laboratory June 21st, 2018

2 Overview

3 What is Tor? Tor is a system for anonymous communication and censorship circumvention.

4 Tor is based on onion routing.
What is Tor? Users Onion Routers Destinations Tor is based on onion routing.

5 Tor is based on onion routing.
What is Tor? Users Onion Routers Destinations Tor is based on onion routing.

6 Tor is based on onion routing.
What is Tor? Users Onion Routers Destinations Tor is based on onion routing.

7 Tor is based on onion routing.
What is Tor? Users Onion Routers Destinations Tor is based on onion routing.

8 Tor is based on onion routing.
What is Tor? Unencrypted Users Onion Routers Destinations Tor is based on onion routing.

9 Tor Projects <https://www.torproject.org/projects>
tor – Tor client, relay, and onion service Tor Browser – Web browser over Tor Orbot – Tor on Android The Amnesic Incognito Live System (Tails) Open Observatory of Network Interference

10 Motivation

11 Why Use Tor? Individuals avoiding censorship
Individuals avoiding surveillance Journalists protecting themselves or sources Law enforcement during investigations Intelligence analysts for gathering data

12 Why Use Tor? Over 6000 relays in over 75 countries
Over 2,000,000 daily users 100Gbps aggregate traffic

13 Tor History 1996: “Hiding Routing Information” by David M. Goldschlag, Michael G. Reed, and Paul F. Syverson. Information Hiding: First International Workshop. 1997: "Anonymous Connections and Onion Routing," Paul F. Syverson, David M. Goldschlag, and Michael G. Reed. IEEE Security & Privacy Symposium. 1998: Distributed network of 13 nodes at NRL, NRAD, and UMD. 2000: “Towards an Analysis of Onion Routing Security” by Paul Syverson, Gene Tsudik, Michael Reed, and Carl Landwehr. Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability. 2003: Tor network is deployed (12 US nodes, 1 German), and Tor code is released by Roger Dingledine and Nick Mathewson under the free and open MIT license. 2004: “Tor: The Second-Generation Onion Router” by Roger Dingledine, Nick Mathewson, and Paul Syverson. USENIX Security Symposium. 2006: The Tor Project, Inc. incorporated as a non-profit.

14 Tor Today Funding levels at $2-3 million in 2015 (current funders include Fastly, individuals, NSF, Mozilla, Open Tech. Fund, US State Dept.) The Tor Project, Inc. employs a team (30+ paid employees) for software development, research, office, funding, community outreach, and user support Much bandwidth, research, development, and outreach still contributed by third parties

15 Other anonymous communication designs and systems
Dining Cryptographers network: Dissent, Herbivore Mix networks: MixMinion, MixMaster, BitLaundry, Riffle, Vuvuzela Onion routing: Aqua, Crowds, Freedom, I2P, Java Anon Proxy, PipeNet Privacy-focused VPNs: anonymizer.com, anonymouse.org Private Information Retrieval: Pynchon Gate, Pung, Riposte Others: Anonymous buses, XOR trees, broadcast

16 Security Model

17 Adversary is local and active.
Threat Model Adversary is local and active.

18 Adversary is local and active.
Threat Model Adversary is local and active. Not global

19 Adversary is local and active.
Threat Model Adversary is local and active. Adversary may run relays

20 Adversary is local and active.
Threat Model Adversary is local and active. Adversary may run relays Destination may be malicious

21 Adversary is local and active.
Threat Model Adversary is local and active. Adversary may run relays Destination may be malicious Adversary may observe some ISPs

22 Security Definitions Identity is primarily IP address but can include other identifying information Sender anonymity: Connection initiator cannot be determined Receiver anonymity: Connection recipient cannot be determined Unobservability: It cannot be determined who is using the system.

23 Design

24 General Tor Functionality
Provides connection-oriented bidirectional communication Only makes TCP connections Provides standard SOCKS interface to applications Provides application-specific software for some popular applications (e.g. HTTP)

25 Tor Protocols Exit circuits (anonymity wrt all but sender)
Onion services (anonymity wrt all) Censorship circumvention (unobservability)

26 Tor Protocols Exit circuits (anonymity wrt all but sender)
Onion services (anonymity wrt all) Censorship circumvention (unobservability)

27 Exit Circuits

28 Exit Circuits Client learns about relays from a directory server.

29 Exit Circuits Client learns about relays from a directory server.
Semi-centralized Exit Circuits Client learns about relays from a directory server.

30 Exit Circuits Client learns about relays from a directory server.
Clients begin all circuits with a selected guard.

31 Only guards directly observe client
Exit Circuits Only guards directly observe client Client learns about relays from a directory server. Clients begin all circuits with a selected guard.

32 Exit Circuits Client learns about relays from a directory server.
Clients begin all circuits with a selected guard. Relays define individual exit policies.

33 Exit Circuits Client learns about relays from a directory server.
Clients begin all circuits with a selected guard. Relays define individual exit policies. Clients multiplex streams over a circuit.

34 Different streams on circuit can be linked.
Exit Circuits Different streams on circuit can be linked. Client learns about relays from a directory server. Clients begin all circuits with a selected guard. Relays define individual exit policies. Clients multiplex streams over a circuit.

35 Exit Circuits Client learns about relays from a directory server.
Clients begin all circuits with a selected guard. Relays define individual exit policies. Clients multiplex streams over a circuit. New circuits replace existing ones periodically.

36 Circuits creation protects anonymity with respect to all but sender
Exit Circuits Circuits creation protects anonymity with respect to all but sender Client learns about relays from a directory server. Clients begin all circuits with a selected guard. Relays define individual exit policies. Clients multiplex streams over a circuit. New circuits replace existing ones periodically.

37 Tor Protocols Exit circuits (anonymity wrt all but sender)
Onion services (anonymity wrt all) Censorship circumvention (unobservability)

38 Onion Service Directory
Onion Services Onion Service Directory Client Onion Service (xyz.onion)

39 Onion Services Onion Service Directory Introduction Point (IP) Client Onion Service (xyz.onion) Onion service chooses and publishes Introduction Point (IP).

40 Onion Services Client learns onion address (xyz.onion) out of band.
Onion Service Directory Introduction Point (IP) Client Onion Service (xyz.onion) Client learns onion address (xyz.onion) out of band.

41 Onion Services Onion Service Directory Introduction Point (IP) Client Onion Service (xyz.onion) Client looks up IP at an Onion Service Directory using .onion address.

42 Onion Services Onion Service Directory Introduction Point (IP) Client Onion Service (xyz.onion) Rendezvous Point (RP) Client builds circuits to IP and to chosen Rendezvous Point (RP).

43 Onion Services Client notifies onion service of RP through IP. RP
Onion Service Directory Introduction Point (IP) Client Onion Service (xyz.onion) Rendezvous Point (RP) Client notifies onion service of RP through IP.

44 Onion Services Onion service builds new circuit to RP.
Onion Service Directory Introduction Point (IP) Client Onion Service (xyz.onion) Rendezvous Point (RP) Onion service builds new circuit to RP.

45 Onion Services Onion Service Directory Introduction Point (IP) Client Onion Service (xyz.onion) Rendezvous Point (RP) Client and onion service communicate through RP circuits.

46 Tor Protocols Exit circuits (anonymity wrt all but sender)
Hidden services (anonymity wrt all) Censorship circumvention (unobservability)

47 Blocking Tor Tor directory and relay IPs are public
Tor connections are made over TLS Tor cells have a fixed length

48 Blocking Tor Tor directory and relay IPs are public
Tor connections are made over TLS Tor cells have a fixed length Private Tor bridges released via CAPTCHA request Personal communication Meek uses cloud services (e.g. Azure) and domain fronting

49 Blocking Tor Tor directory and relay IPs are public
Tor connections are made over TLS Tor cells have a fixed length Pluggable transports obfsproxy4 makes protocol look like strings of random bits SkypeMorph/FreeWave; Steganographic VOIP

50 Blocking Tor Tor directory and relay IPs are public Defenses
Tor connections are made over TLS Tor cells have a fixed length Defenses ScrambleSuit: randomized lengths StegoTorus: Steganographic HTTP

51 Blocking Tor Tor directory and relay IPs are public
Tor connections are made over TLS Tor cells have a fixed length Weaknesses Countries have manpower to enumerate bridges Network surveillance used to detect possible Tor connections, followup scans confirm

52 Attacks

53 Attacks on Tor Application-layer attacks Bandwidth manipulation
Congestion/throughput attack Correlation attack Denial-of-service attacks Guard discovery & compromise Latency attack Route hijacking/interception Sniper attack Website fingerprinting

54 Attacks on Tor Application-layer attacks Bandwidth manipulation
Congestion/throughput attack Correlation attack Denial-of-service attacks Guard discovery & compromise Latency attack Route hijacking/interception Sniper attack Website fingerprinting

55 Correlation Attack

56 Correlation Attack

57 Correlation Attack

58 Correlation Attack

59 Correlation Attack

60 Correlation Attack Possible when:

61 Correlation Attack Possible when: Adversary controls relays.

62 Correlation Attack Possible when: Adversary controls relays.

63 Correlation Attack Possible when: Adversary controls relays.
Adversary observes parts of the network.

64 Correlation Attack Possible when: Adversary controls relays.
Adversary observes parts of the network.

65 Correlation Attack Adversary relays are 10% of guard bandwidth
1% of exit bandwidth 1. Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries by Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, and Paul Syverson. CCS 2013.

66 The Future

67 The Future of Tor Improved security Most critical for security
Difficult to secure – change frequently to prevent tracking

68 The Future of Tor Improved security
Location guards: Prevent traffic correlation Route sentinels: Observe route hijacks Vanguards: Prevent guard discovery Most critical for security Difficult to secure – change frequently to prevent tracking 2. The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network By Rob Jansen, Florian Tschorsch, Aaron Johnson, and Björn Scheuermann. NDSS 2014. 3. Avoiding The Man on the Wire: Improving Tor's Security with Trust-Aware Path Selection By Aaron Johnson,Rob Jansen, Aaron D. Jaggard,Joan Feigenbaum,and Paul Syverson. NDSS 2017. 4. Tempest: Temporal Dynamics in Anonymity Systems By Ryan Wails, Yixin Sun, Aaron Johnson, Mung Chiang, and Prateek Mittal. PoPETS 2018.

69 The Future of Tor Improved performance

70 The Future of Tor Improved performance
QUIC/UDP: Enhanced congestion control Scalability: consensus and onion services Secure bandwidth measurement 5. LIRA: Lightweight Incentivized Routing for Anonymity By Rob G. Jansen, Aaron Johnson, and Paul Syverson. NDSS 2013. 6. PeerFlow: Secure Load Balancing in Tor By Aaron Johnson, Rob Jansen, Nicholas Hopper, Aaron Segal, and Paul Syverson. PoPETS 2017.

71 The Future of Tor Improved transparency while protecting privacy
What is going on inside Tor? How many users? How many onion services? How much traffic? Where do users visit? Any attacks on Tor? Any abusers using Tor?

72 The Future of Tor Improved transparency while protecting privacy
Publish network statistics Monitor Tor for attacks Detect uses of Tor for abuse What is going on inside Tor? How many users? How many onion services? How much traffic? Where do users visit? Any attacks on Tor? Any abusers using Tor? 7. Hidden-service statistics reported by relays By David Goulet, Aaron Johnson, George Kadianakis, and Karsten Loesing. Tor TR 8. Safely Measuring Tor By Rob Jansen and Aaron Johnson. CCS 2016. 9. Distributed Measurement with Private Set-Union Cardinality By Ellis Fenske, Akshaya Mani, Aaron Johnson, and Micah Sherr. CCS 2017.

73 The Future of Tor Onionize the Internet
Clearweb -> onionspace: single onion services Debian.org ( DuckDuckGo ( Facebook ( New York Times ( ProPublica ( Self-authentication: Invulnerable to Certificate Authority attacks Secure name lookup: Encrypted, authenticated, anonymous (unlike DNS) 10. Rendezvous Single Onion Services By Tim Wilson-Brown, John Brooks, Aaron Johnson, Rob Jansen, George Kadianakis, Paul Syverson, and Roger Dingledine. Tor Proposal 260, 2015.

74 The Future of Tor Tor Browser = Mozilla Firefox Private Browser
Fusion (Firefox USIng ONions) Currently: Tor Uplift Project ( Mass-market anonymity and tracking protection Disable common attack vectors Eliminate supercookies Perform per-tab isolation

75 Questions?

Download ppt "The Tor Network: Freedom and Privacy Online Aaron Johnson U. S"

Similar presentations

A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.

A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.
Trust-based Anonymous Communication: Models and Routing Algorithms Aaron Johnson Paul Syverson Roger Dingledine Nick Mathewson U.S. Naval Research Laboratory.

Trust-based Anonymous Communication: Models and Routing Algorithms Aaron Johnson Paul Syverson Roger Dingledine Nick Mathewson U.S. Naval Research Laboratory.
Memory-based DoS and Deanonymization Attacks on Tor DCAPS Seminar October 11 th, 2013 Rob Jansen U.S. Naval Research Laboratory

Memory-based DoS and Deanonymization Attacks on Tor DCAPS Seminar October 11 th, 2013 Rob Jansen U.S. Naval Research Laboratory
Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Privacy Protection In Grid Computing System Presented by Jiaying Shi.

Privacy Protection In Grid Computing System Presented by Jiaying Shi.
Location-Aware Onion Routing Aaron Johnson U.S. Naval Research Laboratory IEEE Symposium on Security and Privacy May 19, 2015.

Location-Aware Onion Routing Aaron Johnson U.S. Naval Research Laboratory IEEE Symposium on Security and Privacy May 19, 2015.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Toward Understanding Congestion in Tor DC-area Anonymity, Privacy, and Security Seminar January 24 th, 2014 Rob Jansen U.S. Naval Research Laboratory *Joint.

Toward Understanding Congestion in Tor DC-area Anonymity, Privacy, and Security Seminar January 24 th, 2014 Rob Jansen U.S. Naval Research Laboratory *Joint.
Towards an Analysis of Onion Routing Security Syverson, Tsudik, Reed, and Landwehr PET 2000 Presented by: Adam Lee 1/26/2006 Syverson, Tsudik, Reed, and.

Towards an Analysis of Onion Routing Security Syverson, Tsudik, Reed, and Landwehr PET 2000 Presented by: Adam Lee 1/26/2006 Syverson, Tsudik, Reed, and.
Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.

Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

Similar presentations

Ads by Google