Your SlideShare is downloading. ×
0
Privacy and anonymity continued<br />Chapter 7.3 (traffic flow security) <br />Anonymous email (chapter  10.6) <br />
TOR http://www.torproject.org/<br />The Onion Router (TOR)<br />"Anonymity loves company [...] it is not possible to be an...
Alice wants to communicate with Bob<br />Alice gets a directory listing from a central server of TOR nodes<br />Directory ...
Alice randomly chooses 3 nodes and uses public-key cryptography to set up the channel<br />The process is similar to Mix n...
Once the communication channel is established, the data is moved with symmetric keys <br />TOR supports real-time communic...
TOR changes the route periodically (e.g., every 10 minutes) to avoid traffic analysis<br />
Some security analysis <br />Each TOR node routes messages for many hosts<br />It is difficult to keep track of how messag...
However, attacker may know who initiates or receives the traffic<br />Entry node<br />Knows Alice starts<br />Some communi...
Solution: for Alice and Bob to become TOR nodes as well<br />
Resources regarding TOR and onion routing<br />http://www.onion-router.net/<br />Download TOR at https://www.torproject.or...
TOR location hidden service <br />Alice can connect to Bob's server without knowing where it is or possibly who he is<br /...
Basic ideas of hidden services<br />Use an intermediary to marry client and server<br />Similar ideas used in Skype as wel...
2’. Alice obtains Service Descriptor (including Intro Pt. address) at Lookup Server<br />http://www.freehaven.net/~arma/cv...
4. Alice sends RP addr. and any authorization through IP to Bob<br />
3rd Edition: Chapter 2
Upcoming SlideShare
Loading in...5
×

3rd Edition: Chapter 2

378

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
378
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • http://www.youtube.com/watch?v=J-7iNS0VzGU
  • http://www.slideshare.net/noorian/Tor-Presentation
  • Transcript of "3rd Edition: Chapter 2"

    1. 1. Privacy and anonymity continued<br />Chapter 7.3 (traffic flow security) <br />Anonymous email (chapter 10.6) <br />
    2. 2. TOR http://www.torproject.org/<br />The Onion Router (TOR)<br />"Anonymity loves company [...] it is not possible to be anonymous alone“ – Roger Dingledine<br />Hundreds > 700 of volunteers run their machines as TOR nodes around the world<br />> 200,000 active users per week<br />Typically 3 nodes used for each route<br />Bandwidth < 100MB/s<br />TOR nodes are TOR onion routers<br />Roger Dingledine – <br />many presentations on youtube<br />
    3. 3. Alice wants to communicate with Bob<br />Alice gets a directory listing from a central server of TOR nodes<br />Directory server keys ship with the code<br />http://www.iusmentis.com/society/privacy/remailers/onionrouting/<br />
    4. 4. Alice randomly chooses 3 nodes and uses public-key cryptography to set up the channel<br />The process is similar to Mix net<br />entry node<br />
    5. 5. Once the communication channel is established, the data is moved with symmetric keys <br />TOR supports real-time communication <br />exit node<br />
    6. 6. TOR changes the route periodically (e.g., every 10 minutes) to avoid traffic analysis<br />
    7. 7. Some security analysis <br />Each TOR node routes messages for many hosts<br />It is difficult to keep track of how messages are routed within TOR network <br />Assuming majority of TOR nodes are not corrupted or collude<br />However, there are some issues in a stronger adversary model:<br />All TOR nodes are semi-honest, so entry/exit nodes know something about Alice and Bob<br />
    8. 8. However, attacker may know who initiates or receives the traffic<br />Entry node<br />Knows Alice starts<br />Some communication <br />Attacker<br />Knows Alice starts<br />Some communication <br />Exit node<br />Knows Bob is the <br />receiver <br />
    9. 9. Solution: for Alice and Bob to become TOR nodes as well<br />
    10. 10. Resources regarding TOR and onion routing<br />http://www.onion-router.net/<br />Download TOR at https://www.torproject.org/<br />http://www.freehaven.net/~arma/cv-pres.html<br />How TOR helps whistleblowers? --Hidden service <br />E.g., wikileaks http://gaddbiwdftapglkq.onion/<br />Paul Syverson NRL, onion routing inventor<br />
    11. 11. TOR location hidden service <br />Alice can connect to Bob's server without knowing where it is or possibly who he is<br />Server needs to <br />Be accessible from anywhere<br />Resist censorship<br />Require minimal redundancy for resilience in denial of service (DoS) attack<br />Can survive to provide selected service even during full blown distributed DoS attack <br />Resistant to physical attack (you can't find them)<br />How is this possible?<br />
    12. 12. Basic ideas of hidden services<br />Use an intermediary to marry client and server<br />Similar ideas used in Skype as well <br />For users behind NAT (network address translator) <br />
    13. 13. 2’. Alice obtains Service Descriptor (including Intro Pt. address) at Lookup Server<br />http://www.freehaven.net/~arma/cv-pres.html<br />
    14. 14. 4. Alice sends RP addr. and any authorization through IP to Bob<br />
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×