Presentation is loading. Please wait.

Presentation is loading. Please wait.

Xinwen Fu Anonymous Communication & Computer Forensics 91.580.203 Computer & Network Forensics.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Xinwen Fu Anonymous Communication & Computer Forensics 91.580.203 Computer & Network Forensics."— Presentation transcript:

1 Xinwen Fu Anonymous Communication & Computer Forensics 91.580.203 Computer & Network Forensics

2 CS@UML 2 Outline  Background  Onion routing  Attacks against anonymity  Tor

3 CS@UML 3 Motivation I know what’s going on!!! Protect the identity of participants in a distributed application, such as E-voting, E-shopping, E-cash, and military applications Eavesdropping

4 CS@UML 4  Commercial routers not under government control  Unencrypted data is completely open  Encrypted data still exposes communicating parties Current Network Status Sender Address Receiver Address IP Packet Header Structure

5 CS@UML 5 Public networks are vulnerable to traffic analysis attack. In a public network:  Packet headers identify recipients  Packet routes can be tracked  Volume and timing signatures are exposed Encryption does not hide identity information of a sender and receiver. Sender Public Network Receiver Traffic Analysis Attack

6 CS@UML 6 Traffic Analysis reveals identities. Who is talking to whom may be confidential or private:  Who is searching a public database?  What web-sites are you surfing?  Which agencies or companies are collaborating?  Where are your e-mail correspondents?  What supplies/quantities are you ordering from whom ? Knowing traffic properties can help an adversary decide where to spend resources for decryption, penetration,... Traffic Analysis Attack (cont.)

7 CS@UML 7 Goals of Anonymity: Receiver Untraceability Senders are observable – i.e. the attacker knows that A sent a message to someone Receivers are not observable – i.e. the attacker does not know if B received a message Alice Bob Example: radio Evil

8 CS@UML 8 Goals of Anonymity: Sender Untraceability Senders unobservable…. Example: Wireless routers using NAT Alice Bob Evil

9 CS@UML 9 Goals of Anonymity: Sender/Receiver Unlinkability Senders and Receivers are observable, but not clear who is talking to whom Alice Bob Evil

10 CS@UML 10 Outline  Background  Onion routing  Attacks against anonymity  Tor

11 CS@UML 11 Anonymous Communication Systems  A number of Anonymous Communication Systems have been realized. Several well-known systems are: Anonymizer (anonymizer.com) Onion-Routing (NRL) Crowds (Reiter and Rubin) Anonymous Remailer (MIT LCS) Tor (MIT and EFF) Freedom (Zero-Knowledge Systems) Hordes (Shields and Levine) PipeNet (Dai) SafeWeb (Symantec)

12 CS@UML 12  Channels appear to come from proxy, not true originator  May also filter traffic for identifying information  Examples: Penet Remailer (shut down), The Anonymizer, SafeWeb (Symantec) anonymizing proxy Basic Approach: Anonymizing Proxy

13 CS@UML 13  User connects to the proxy first and types the URL in a web form  Channels appear to come from proxy, not true originator  The proxy may also filter traffic to remove identifying information  It offers encrypted link to the proxy (SSL or SSH) anonymizing proxy: anonymizer.com Anonymizer for Web Browsing

14 CS@UML 14  ISP knows user connection times/volumes: Can easily eavesdrop on outgoing proxy connections and learn all  Proxy knows everything about connections  So, both are fully trusted (single points of failure) Internet Phone System Responders ISP Encrypted link: user to proxy Proxy Problems of Anonymizer

15 CS@UML 15  Underlying Idea for Mixmaster remailer, Onion Routing, ZKS Freedom, Web Mixes  Basic description: A network of mix nodes Special Onion-like encryption: Cell (message/packet) wrapped in multiple layers of public-key encryption by sender, one for each node in a route Decrypted layer tells mix next node in route Reordering: Mixes hold different cells for a time and reorder before forwarding to respective destinations Rerouting: use a few proxies Chaum Mixes (David Chaum)

16 CS@UML 16 Anonymity Network Sender Receiver A B Onion Routing Based on Mix Networks  Sender selects a route through the mix network  An intermediate mix only knows where the packet comes from, and what is the next stop of the packet Traditional Spy Network S to A B to R A to B

17 CS@UML 17 Review of Public Key Cryptography  PrivateKey Bob (PublicKey Bob (Message))=Message  PublicKey Bob (PrivateKey Bob (Message))=Message e B (message) d B (e B (message))=message (e B, d B ) (e A, d A ) Bob Alice

18 CS@UML 18 Onion-Like Encryption Sender S to R Receiver B A √ M B R S to A A to B M R M B to R

19 CS@UML 19 Why Buffering and Reordering Packets?  Disrupt the timing correlation between packets into and out of a mix mix

20 CS@UML 20 Crowds  User machines are the network  "Blender" announces crowd members to all members  “Jondo" at machine flips weighted coin If Heads forwards to random crowd member If Tails connects to end Web address  All Jondos on path know path key  All connections from a source use same path for lifetime of that crowd Sender Web server Blender

21 CS@UML 21 Crowds Virtues  Good on sender protections  No single point of failure  Peer-to-peer design means minimal long-term network services  More lightweight crypto than mix-based systems

22 CS@UML 22 Crowds Limitations  All users must run Perl code  Requires users to have longrunning high-speed Internet connections  Entirely new network graph needed for new or reconnecting Crowd member  Connection anonymity dependent on data anonymity  Anonymity protection limited to Crowd size  Rather weak on responder protections  Lacks perfect forward anonymity The intermediate nodes knows the receiver

23 CS@UML 23 Outline  Background  Onion routing  Attacks against anonymity  Tor

24 CS@UML 24 Sender B S to A A to B Receiver B to C C to R C A Adversary HQ S to A & A to B B to C & C to R The adversary knows that Sender communicates with Receiver Attacks against Mix Networks x x Connectivity Analysis Attacks

25 CS@UML 25 Outline  Background  Onion routing  Attacks against anonymity  Tor

26 CS@UML 26 Tor: A Practical Anonymous Protocol  Some combination of Chaum’s Mix and Crowds Encrypt data packets by symmetric keys Implement forward and backward anonymity Has P2P functions Easy to use  Open source

27 CS@UML 27 First Sight  A web server knows your ip: http://www.proxyway.com/www/check-ip- address/whatis-my-ip-address.html http://www.proxyway.com/www/check-ip- address/whatis-my-ip-address.html  Tor to hide your ip Tor downloading webpage  http://tor.eff.org/download.html.en http://tor.eff.org/download.html.en Manual for Windows setup  http://tor.eff.org/docs/tor-doc-win32.html.en http://tor.eff.org/docs/tor-doc-win32.html.en

28 CS@UML 28

29 CS@UML 29 IE

30 CS@UML 30 Tor Components Interne t WWWServer Vidalia Privoxy tor

31 CS@UML 31 Tor Network  Onion router list: C:\Documents and Settings\fu\Application Data\Tor\cached-status Client Application Server Tor Network Directory Server Legend: Client or Server or Onion Router Onion Router Directory Server

32 CS@UML 32 References  D. Chaum, (1981), Untraceable electronic mail, return addresses, and digital pseudonyms, Communications of the ACM, Vol. 24, No. 2, February, pp. 84--88.Untraceable electronic mail, return addresses, and digital pseudonyms  Andrei Serjantov, Roger Dingledine and Paul Syverson, From a Trickle to a Flood: Active Attacks on Several Mix Types, In Proceedings of the Information Hiding Workshop, 2002From a Trickle to a Flood: Active Attacks on Several Mix Types  Andreas Pfitzmann et al., Anonymity, Unobservability, and Pseudonymity – A Proposal for Terminology, 2000,Anonymity, Unobservability, and Pseudonymity – A Proposal for Terminology  Xinwen Fu, welcome to Xinwen Fu’s homepage, http://www.homepages.dsu.edu/fux/, 2007 http://www.homepages.dsu.edu/fux/  Cisco Systems, Inc., Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide, 12.1(19)EA1, 2007Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide, 12.1(19)EA1  Cisco Systems, Inc., Catalyst 2900 Series Configuration Guide and Command Ref, 2007Catalyst 2900 Series Configuration Guide and Command Ref

Download ppt "Xinwen Fu Anonymous Communication & Computer Forensics 91.580.203 Computer & Network Forensics."

Similar presentations

Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.

Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
236349 Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.

Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
Reusable Anonymous Return Channels

Reusable Anonymous Return Channels
Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany.

Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany.
Network Layer and Transport Layer.

Network Layer and Transport Layer.
Privacy Protection In Grid Computing System Presented by Jiaying Shi.

Privacy Protection In Grid Computing System Presented by Jiaying Shi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.

Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.
I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.

I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.
Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002

Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002
A New Replay Attack Against Anonymous Communication Networks Xinwen Fu June 30, 2015.

A New Replay Attack Against Anonymous Communication Networks Xinwen Fu June 30, 2015.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.

A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Similar presentations

Ads by Google