3rd Edition: Chapter 2
Upcoming SlideShare
Loading in...5
×
 

3rd Edition: Chapter 2

on

  • 513 views

 

Statistics

Views

Total Views
513
Views on SlideShare
513
Embed Views
0

Actions

Likes
0
Downloads
2
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • http://www.youtube.com/watch?v=J-7iNS0VzGU
  • http://www.slideshare.net/noorian/Tor-Presentation

3rd Edition: Chapter 2 3rd Edition: Chapter 2 Presentation Transcript

  • Privacy and anonymity continued
    Chapter 7.3 (traffic flow security)
    Anonymous email (chapter 10.6)
  • TOR http://www.torproject.org/
    The Onion Router (TOR)
    "Anonymity loves company [...] it is not possible to be anonymous alone“ – Roger Dingledine
    Hundreds > 700 of volunteers run their machines as TOR nodes around the world
    > 200,000 active users per week
    Typically 3 nodes used for each route
    Bandwidth < 100MB/s
    TOR nodes are TOR onion routers
    Roger Dingledine –
    many presentations on youtube
  • Alice wants to communicate with Bob
    Alice gets a directory listing from a central server of TOR nodes
    Directory server keys ship with the code
    http://www.iusmentis.com/society/privacy/remailers/onionrouting/
  • Alice randomly chooses 3 nodes and uses public-key cryptography to set up the channel
    The process is similar to Mix net
    entry node
  • Once the communication channel is established, the data is moved with symmetric keys
    TOR supports real-time communication
    exit node
  • TOR changes the route periodically (e.g., every 10 minutes) to avoid traffic analysis
  • Some security analysis
    Each TOR node routes messages for many hosts
    It is difficult to keep track of how messages are routed within TOR network
    Assuming majority of TOR nodes are not corrupted or collude
    However, there are some issues in a stronger adversary model:
    All TOR nodes are semi-honest, so entry/exit nodes know something about Alice and Bob
  • However, attacker may know who initiates or receives the traffic
    Entry node
    Knows Alice starts
    Some communication
    Attacker
    Knows Alice starts
    Some communication
    Exit node
    Knows Bob is the
    receiver
  • Solution: for Alice and Bob to become TOR nodes as well
  • Resources regarding TOR and onion routing
    http://www.onion-router.net/
    Download TOR at https://www.torproject.org/
    http://www.freehaven.net/~arma/cv-pres.html
    How TOR helps whistleblowers? --Hidden service
    E.g., wikileaks http://gaddbiwdftapglkq.onion/
    Paul Syverson NRL, onion routing inventor
  • TOR location hidden service
    Alice can connect to Bob's server without knowing where it is or possibly who he is
    Server needs to
    Be accessible from anywhere
    Resist censorship
    Require minimal redundancy for resilience in denial of service (DoS) attack
    Can survive to provide selected service even during full blown distributed DoS attack
    Resistant to physical attack (you can't find them)
    How is this possible?
  • Basic ideas of hidden services
    Use an intermediary to marry client and server
    Similar ideas used in Skype as well
    For users behind NAT (network address translator)
  • 2’. Alice obtains Service Descriptor (including Intro Pt. address) at Lookup Server
    http://www.freehaven.net/~arma/cv-pres.html
  • 4. Alice sends RP addr. and any authorization through IP to Bob