Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U.

Published byJuliana Perry Modified over 9 years ago

Similar presentations

Presentation on theme: "CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U."— Presentation transcript:

1 CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U.

2 WHERE WE ARE Last time: Alternative anonymity approaches Aqua Dissent Today: Review/discussion Covert channels

3 REVIEW QUESTIONS – TOR BASICS 1.What does it mean to be anonymous? Informally? Formally? 2.Where might an adversary compromise an anonymity network? 3.Why is confidentiality not enough to ensure anonymity? 4.Why might law enforcement want to be anonymous? 5.Why might dissidents want to be anonymous? 6.Why do you need multiple groups to ensure anonymity? 7.What is onion routing? 8.What are some weaknesses of Tor?

4 REVIEW – RELAY-BASED TIMING ATTACKS Why are these plots different for the different applications when we consider exit-relay or guard+exit-relay compromises but the same when we only consider guard-relay compromise? Exit relay Guard+Exit relay Guard relay

5 REVIEW – AS AWARE TOR CLIENTS What features does LASTor use to select relays that Tor does not? What features does Tor used to select relays that LASTor does not? Why might it be a bad idea for the whole Tor network to adopt LASTor? What is different between LASTor and Astoria’s threat model? What are three fundamental challenges faced by AS-aware Tor clients? How does LASTor estimate network paths? How does Astoria estimate network paths? What evaluation metric does LASTor use for performance? What might this metric miss?

6 WHERE WE ARE Last time: Alternative anonymity approaches Aqua Dissent Today: Review/discussion Covert channels

7 CHALLENGE Circumvention tools can get around censorship, but have a hard time not being observable Ie., they generally cannot hide the fact that users are using them E.g., Tor is not completely effective for circumvention because a censor can just block the IPs of known relays Users who are seen using these tools may face trouble from the government.. And the censor can leverage observability to stop the system Reduce availability

8 SKYPE MORPH Tor obfuscation Disguises communication between client and Tor relay as a Skype video call. Pluggable transport: user can specify to disguise her traffic as a Skype video call and connect to a special SkypeMorph relay Basic process: Client’s Skype log in makes a “call” to the relay, but drops the call and exchanges Tor traffic over the connection. UDP-based implementation to match Skype. Improves existing traffic shaping to preserve inter-packet delay between consecutive packets Can perform better than regular steganography because the channel is encrypted (the data looks random anyways)

9 GOALS Hard to identify: outputs encrypted traffic that resembles Skype video calls Hard to block: since SkypeMorph looks like Skype the censor can’t block it because they’d have to block all of Skype (unacceptable cost). Plausible deniability Would need to break into a users machine to prove they weren’t sending real skype traffic.

10 BACKGROUND ON SKYPE Skype encrypts data using AES cipher and uses RSA certificates for authentication Some amount of message authentication: would not accept altered messages Three types of nodes ( 1) server which handles authentication; (2) normal “peer” nodes and (3) supernodes which faciliate communication for nodes behind NATs Some TCP connections for signaling. Client listens on a given UDP port which is customizable but will fall back to TCP if UDP fails. Variety of voice and video codecs to select amongst depending on bandwidth, etc.

11 EXAMPLE OF SKYPE FLOW CONTROL

12 SKYPE MORPH OVERVIEW

13 HOW IT WORKS 1.Bridge picks a UDP port number and uses Skype API to log into the network. Upon logging in the Bridge waits for incoming calls. 2.Client picks a port and logs in using the API as well. 3.Client exchanges a public key with the server via a Skype Text Message: public key, IP of the client, and port 4.Bridge generates its own public key and responds with its IP, public key and port in Skype text. 5.Bridge + client use the shared information to compute shared secret and client sends a hash of the resulting key to the server. 6.Bridge checks the hash with the hash of its own key and sends Okay message 7.If successful client starts a video call with the server. Otherwise timeout and go back to 3

14 HOW IT WORKS 8.Client lets the call ring for a random amount of time and then drops the call. 9.Once client drops the call the server listens on its port for incoming Skype Morph message 10.Client uses shared key and UDP port to send data.

15 RESULT

16 FREEWAVE Traffic obfuscation: Hide covert traffic *within* an *actual* implementation of an application. Server obfuscation: Leverage oblivious participants in VOIP network

17 FREEWAVE: IP OVER VOICE- OVER-IP Target protocol: Voice-over IP (VoIP) Why VoIP Widely used protocol (only 663 Million Skype users) Collateral damage to block Encrypted How to hide? The dial-up modems are back! NDSS 2013 17 http://dedis.cs.yale.edu/dissent/papers/freewave-slides.pptx

18 FREEWAVE ARCHITECTURE NDSS 2013 18 Client FreeWave Server http://dedis.cs.yale.edu/dissent/papers/freewave-slides.pptx

19 THREAT MODEL + GOALS User connects to the Internet via a censoring ISP which precludes access to specific destinations. + limits access to circumvention tools ISP does not want to compromise usability of the network E.g. political/economic pressures Goals Unblockability: the systems needs to be unblockable by censors Unobservability: should hide the fact that users are using the circumvention system Security: anonymity, privacy and confidentiality of users need to be protected Deployment feasibilty: avoid dependencies on other systems (e.g ISPs) QoS: Needs to provide adequate bandwidth and latency appropriate for Web browsing.

20 BASIC IDEA OF FREEWAVE User downloads the Freewave Client and enters her VoIP ID and makes a call to the FreeWave server (by entering its VoIP ID). Server is set up such that connections will go via an oblivious VoIP client (e.g., Skype supernode). Since VoIP connection is encrypted censor cannot ID server’s VoIP ID and censor it. Components: VoIP client Virtual Sound Card (virtual sound card interface: any application can use it the same way a physical sound card is utilized). MoDem: application that translates network traffic into acoustic signals and vice versa (aka Modulator Demodulator) Proxy: Server uses this to relay traffic received via VoIP connections to its final destination.

21 BASIC COMPONENTS

22 PERFORMANCE 16-19 kbps

23 FREEWAVE’S UNOBSERVABILITY Traffic analysis (packet rates and sizes)  Fixed rate codecs (e.g., G.7 series) Not an issue  Variable bit-rates (e.g., Skype’s SILK) Simple analysis Superimpose with recoded conversation NDSS 2013 23

Download ppt "CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U."

Similar presentations

I Want My Voice to Be Heard: IP over Voice-over-IP for Unobservable Censorship Circumvention Amir Houmansadr (The University of Texas at Austin) Thomas.

I Want My Voice to Be Heard: IP over Voice-over-IP for Unobservable Censorship Circumvention Amir Houmansadr (The University of Texas at Austin) Thomas.
SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.

SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.
Voice over IP Skype.

Voice over IP Skype.
Review of a research paper on Skype

Review of a research paper on Skype
CSCI-235 Micro-Computers in Science The Network. Network Fundamentals A computer network consists of two or more computers linked together to exchange.

CSCI-235 Micro-Computers in Science The Network. Network Fundamentals A computer network consists of two or more computers linked together to exchange.
236349 Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.

Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
Network Layer and Transport Layer.

Network Layer and Transport Layer.
Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.

Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

Similar presentations

Ads by Google