Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tor and Timing Attacks An attack within the accepted attacker model.

Published byBartholomew Blair Modified over 9 years ago

Similar presentations

Presentation on theme: "Tor and Timing Attacks An attack within the accepted attacker model."— Presentation transcript:

1 Tor and Timing Attacks An attack within the accepted attacker model

2 Onion Routing 2 –A real system for users Only true antecedent was ZKS’s Freedom Network –A variety of system enhancements PFS, congestion control, directory servers, etc.

3 Onion Routing Initiator-chosen paths −Instead of flipping a coin, the Initiator chooses the entire path and builds an onion. I  X  Y  Z  R −Layered encryption of data using the public key of each proxy in the path. data{R,data} Kz+ {Z,{R,data} Kz+ } Ky+ {Y,{Z,{R,data} Kz+ } Ky+ } Kx+ Sending the onion I  X: {Y,{Z,{R,data} Kz+ } Ky+ } Kx+ X  Y: {Z,{R,data} Kz+ } Ky+ Y  Z: {R,data} Kz+ Z  R: data

4 Tor Goals Deployability –Cannot be too expensive –Cannot be too troublesome or risky –Cannot require websites to run something different Usability Flexibility (& Good Specs) Simple Design

5 Attack Model What is the Tor Attack Model? Why is the model important?

6 Timing Attacks Timings say if they’re on the same path “Firstness” & “Lastness” can be determined –Why? A1DeltaA2 3:12:203:12:30 3:12:373:12:47 3:12:493:12:59 I A1 R A2 X 17 ms 12 ms Y

7 A Timing Attack Danezis 2004 Model: Global Passive Eavesdropper Idea –Gather timings of packets at all end points (entry and exit points) –Given a set of entry timings, produce a model of the exit timings. Look for a match. Result: Attacker obtains many correct matches

8 Another Timing Attack Levine, et al., 2004 Model: Substantial % of Tor servers (e.g. 10%) –Passive, in a sense Idea –See 2 slides ago –Handle errors gracefully –Repeat for many rounds Result: Attacker can get many good matches over time

9 A Note On the Tor Paper A Gold Mine! –28 different attacks –15 Open Questions –9 Future Directions Problem Selection –Is it interesting? –How hard a question? –Rough guesses?

10 Low-Cost Traffic Analysis of Tor Murdoch & Danezis, Oakland ‘05 A novel attack –within Tor’s attack model Key features under attack –Low-latency communication –Ease of entry & ability to use the system

11 M&D Attack Model What is it? How does it compare to prior models we have discussed? Is it realistic? Can it be stopped?

12 The Attack Setup T1T2T3 Resp. Init. A

13 The Attack Idea Tor uses Round Robin sending –each stream gets a turn –If a stream has no packets, it gets skipped Imagine node T2 has just two streams –A and Initiator –A is always on –What happens when Initiator sends a pkt?

14 Testing the Attack Set up a “victim” Set up the attack server Probes Correlation?

15 Results Some success –Usually higher correlation w/ pattern Limits –Some failure –Not clear where to set a dividing line Enhancements Possible

16 Defenses Cover traffic –Just filling the links is no good –Lots of traffic required? Delay –perfect interference –non-interference

Download ppt "Tor and Timing Attacks An attack within the accepted attacker model."

Similar presentations

SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.

SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
LASTor: A Low-Latency AS-Aware Tor Client

LASTor: A Low-Latency AS-Aware Tor Client
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Tor – The Onion Router By: David Rollé. What is Tor?  Second generation Onion Routing  Aims to improve on first generation issues  Perfect Forward.

Tor – The Onion Router By: David Rollé. What is Tor?  Second generation Onion Routing  Aims to improve on first generation issues  Perfect Forward.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
Slicing the Onion: Anonymous Routing without PKI Saurabh Shrivastava CS 259

Slicing the Onion: Anonymous Routing without PKI Saurabh Shrivastava CS 259
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
Cashmere: Resilient Anonymous Routing CS290F March 7, 2005.

Cashmere: Resilient Anonymous Routing CS290F March 7, 2005.
1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:

1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:
Loss and Delay Accountability for the Internet by Presented by:Eric Chan Kai Chen.

Loss and Delay Accountability for the Internet by Presented by:Eric Chan Kai Chen.
1 Network Tomography Venkat Padmanabhan Lili Qiu MSR Tab Meeting 22 Oct 2001.

1 Network Tomography Venkat Padmanabhan Lili Qiu MSR Tab Meeting 22 Oct 2001.
Positive Feedback Loops in DHTs or Be Careful How You Simulate January 13, 2004 Sean Rhea, Dennis Geels, Timothy Roscoe, and John Kubiatowicz From “Handling.

Positive Feedback Loops in DHTs or Be Careful How You Simulate January 13, 2004 Sean Rhea, Dennis Geels, Timothy Roscoe, and John Kubiatowicz From “Handling.
A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.

A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
RCS: A Rate Control Scheme for Real-Time Traffic in Networks with High B X Delay and High error rates J. Tang et al, Infocom 2001 Another streaming control.

RCS: A Rate Control Scheme for Real-Time Traffic in Networks with High B X Delay and High error rates J. Tang et al, Infocom 2001 Another streaming control.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

Similar presentations

Ads by Google