This document provides an overview of anonymity systems like Tor and I2P. It describes how Tor works by passing data through a series of proxies to hide a user's location and usage. The Tor Project is a non-profit organization that maintains the Tor network software to provide anonymity online. The document outlines potential attacks against Tor like traffic analysis, compromised relays, and social engineering. It also lists current sponsors and tools that can be used to access or configure the Tor network.

2. Overview
 Anonymity systems
 Review of how Tor works
 Tor Project Inc.
 Helper tools and accessories
 Advanced Tor control
 Attack Vectors

3. Anonymity Systems
 JAP
 I2P
 Freenet
 Xerobank
 Botnets

4. Freenet
 Storage network p2p based
 Shares files on your system to other nodes
 Plausabile Deniability

5. I2P
 Opposing design of Tor
 UDP based
 Darknet design
 Java, Python, and C API’s
 Mixed routing based on packets
 Splits tunneling between upstream and
downstream
 “Garlic Routing” – mix streams together to
prevent traffic analysis
 Variable latency design

6. Tor
 Tor(not TOR) – previously stood for The
Onion Router
 Provides a method of anonymity by
passing data between proxies

7. Tor Network

8. Terminology
 Cell – your message
 Circuit – tunnel made up of relays
 Entry Node: first hop into the Tor network
 Exit Node: last hop before destination
 Relay Node: middle hop
 Bridge Node: nodes not listed in the Tor
directory to evade filtering

9. Who’s Using Tor?
 Whistleblowers
 Wikileaks – runs hidden service
 Militaries
 field ops
 command and control using hidden
services
 Chinese journalists and dissidents

10. Tor Project
 501(c)(3) NFP
 Freely available
 Full spec and full documentation

11. Project Finances
https://www.torproject.org/about/financials.html

12. Current Project Sponsors
 Federal Grant:
 International Program to Support Democracy Human
Rights and Labor
 $632,189
 International Broadcasting Bureau
 Voice of America, Radio Free Europe/Radio
Liberty, Radio and TV Martí, Radio Free Asia, Radio
Sawa/Alhurra TV
 $270,000
 Stichting.Net
 Association of NFP’s in the Netherlands
 $38,279
 Google: $29,083
 ITT: $27,000
 Other: $9,997
https://www.torproject.org/about/sponsors.html.en

13. Past Funders
 DARPA and Naval Research Labratory
2001-2006
 EFF – 2004-2005

14. Tor Performance

15. Number of Relays

16. Number of Users

17. Tor Tools
 Torbutton
 Tor Browser Bundle
 Vidalia
 TorCheck
 Arm
 Tor-ramdisk
 Anthony G. Basile from Buffalo

19. Tor Control Port
 Telnet to the control port authenticate "“
 Create custom circuits (long or short) extendcircuit 0 a,b,c,…
extendcircuit 0 a,b
 Show live circuit information setevents circ
 Change configuration on the fly setconf confitem
 Map a site to an exit node Mapaddress google.com=a.b
 Reload a configuration Getconf confitem

20. Attacks

21. Tor Passive Attack Vectors
 Traffic
profiling – entry and exit analysis
 Cleartext exit node transmission
 Fingerprinting -
OS, browser, configuration, activity
 Timing correlation
 Network partitioning
 End to end Size correlation

22. Tor Active Attack Vectors
 Compromised keys
 Malicious web servers
 Malicious Exit/Relay nodes
 DoS non-controlled nodes
 Timestamping and tagging
 Injecting or replacing unencrypted info
 Malicious Tor client

23. Tor Client Side Attacks
 DNS rebinding
 Disbanding attack – javascript, java, flash
 History disclosure
 Timezone information (partitioning)

24. Social Engineering Attacks
 Getting more traffic
 “Use my relay. I have huge tubes!”
 “Nick’s relay sucks”
 “I’ve added a feature to my node.”
 Replacement
 687474703a2f2f7777772e726f63686573746572323
630302e636f6d2f6861782f
 Partitioning
 “Don’t use servers from this country”
 “These servers are amazing!”

25. More Info
 www.torproject.org
 Metrics.torproject.org
 Blog.torproject.org
 Check.torproject.org
 @torproject