Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in P2P environments Anonymity on the internet.

Similar presentations


Presentation on theme: "Security in P2P environments Anonymity on the internet."— Presentation transcript:

1 Security in P2P environments Anonymity on the internet

2 What is anonymity? “Generally speaking, our purpose is to hide the relationship between an observable action (for example, a message sent across a public network) and the identity of the users involved with this action”* * A Survey of Anonymous Peer-to-Peer File-Sharing ( Tom Chothia and Konstantinos Chatzikokolakis)

3 So who knows? The internet service provider (ISP) know who you are. For example my IP address is: [Example]Visit [Example]The ISP would know that I did that

4 So? Your IP address is your digital fingerprint, the ISP can link that to you So if, for example, you are sharing music in an unprotected system, the RIAA / IFPI / whatever, can file a subpoena against your ISP to tell them who you are Then you will properly get a nasty letter

5 A more extreme case Companies Health insurance (Visiting netdoktor.dk a lot?) Marketing (Only visiting book sites?) Governments Perhaps I am a potential terrorist Who could be interested in your browsing habits?

6 People using the internet for nasty stuff HackersTerroristsCopyright infringementPeople watching child pornography

7 People using the internet for “illegal” stuff Political activist in, for example, China

8 People using the internet for legal stuff Us? (Active session)

9 A few examples Journalist (Investigative reporters)?Socially sensitive communication (Illness, abuse)?Law enforcement (Anonymous tips)?People with marketing paranoiaJust to name a few

10 Is it relevant ? This summer, France suggested that in EU, the internet traffic should be monitored so you could be “excluded” from the internet, if you did something they deemed illegal 3 times. The Swedish “FRA-lov” allows the Swedish government to monitor all traffic going in and out of Sweden (using a very powerful computer). Last Wednesday, the Danish ISP Tele2, was force to close access to the bit torrent site “Pirate Bay”

11 You could encrypt your message but That does not ensure anonymity It is still known who sent it, and where it was sent to

12 You could go to an internet cafe but You are properly logged and videotaped while being there / going there (extreme case) People will properly remember you being there (again extreme case)

13 You could use a proxy server but You can find a proxy server at Can you trust the proxy server? Single point of failure Single point of “lawsuit”

14 You can install a Trojan on another computer It’s tediousIt’s illegal It’s only complicating the search for you, somewhere you properly still left a digital fingerprint

15 Agenda TORFreenetMUTE

16 TOR

17 Archiving anonymity Problems with basic routingRouting – chain of nodesCryptostuffThe onion reveals!Breakable?

18 Basic routing

19 Every router knows YOU!

20 ECHELON is listening !!

21 Claims Total client anonymity, hidden routing information Compromised routers/proxies does not break anonymity! Traffic analysis in practice impossible

22 TOR solves this - The Onion Router

23 Remember Ogres = TOR

24 But how ???! Connects through a chain of proxynodesEncrypts messages in layers for each node Each node only knows its neighbors in the chain Routing information is also encrypted (important)

25 Routing chain 1

26 Routing chain 2

27 Routing chain 3

28 Cryptostuff

29

30 Public/private key encryption is slow TOR uses this only for estabilishing symmetric key based encrypted link (faster)

31 Hiding routing info 1 Client establishes routing path 2 Each message is encrypted in layers with nodes public key 3 Each node can unwrap their layer 4 Each node decrypts the information and only gets encrypted ciphertext and IP on next node 5 And so forth…

32 Requirements VolunteersYou can't get anonymity aloneDistributed trust (more than one node)Preferably nodes are as worldwide and spread as possibleSecurity increases with larger network (makes traffic analysis harder)

33 Neat features General purpose TCP proxy – not just HTTPLow latencyEasy to participateConfigurable – only relay HTTP traffic for exampleComes with bundled browser[Example]and Vuze [Example]

34 Breakable? Active session – what weaknesses can you see in this approach? Identification of a client is possible, by comparing the list of known ”stable” nodes, with nodes hopping on and off (probably end clients) Is 3 hops enough? How about DNS lookups? If your ISP logs your DNS requests, it is easy to see which sites you're visiting

35 Freenet

36 INTERNET

37

38 FREENET YOU

39 CLIENTS SERVERS END-POINTS

40 DECENTRALIZED PUBLISHERS CONSUMERS

41

42 HOW DO I LOCATE MY NEIGHBORS? Somewhat paranoid Opennet Truly paranoid Darknet

43 Content distributionPublishing websites or 'freesites'Communicating via message boardsSending messagesReading/updating wikis WHAT IS FREENET USED FOR?

44 UNIQUE RESOURCE IDENTIFIERS Content Hash Key (CHK) Great for content that does not change Examples: images, audio files, copies of secret CIA documents Signed Subspace Key (SSK) Like an Internet domain name, but using crypto stuff Useful for content that changes (sites, discussions, etc.) Keyword-Signed Keys (KSK) Easy to remember, but not very secure

45 HARD DRIVE SPACE BANDWIDTH BY DEMAND

46

47

48 DEMO

49 MUTE

50 Mute is a P2P file sharing systemDesigned with anonymity in mindClassical search (you may know this)Uses an algorithm inspired by antsDesigned for ad-hoc networks[Example] What is MUTE

51 So how does it work? Each node have a pseudo identity To search the network, a node broadcasts a message with its own pseudo identity, a unique message identifier and a time to live (TTL) counter. This is sent to all the nodes neighbours and they send it to their neighbours Until the TTL expire

52 Uses a non-deterministic time-to-live counter (decided up start up)There are three phasesFirst phase: A count down to zero (To hide the originating node)Second phase: Standard 5 hop counter Third phase: Non-deterministic forwarding (A node will drop a message with ¾ probability and forward the message to n neighbours with 1 / (3*2 2 )

53 When a node receives a message it records the pseudo address of the sender and the connection upon it was received Each node builds and maintains this routing table for all the pseudo identities it sees A node can respond over the most used connection (if it already has it in the routing table) or send the response to all its neighbours You neighbours know your IP address but they do NOT know your virtual address Each neighbour connection is encrypted so even though you could tap into the traffic between your neighbour, it would be unreadable

54

55

56

57 Normal P2P system : Madonna_Holiday.mp3In MUTE7213..DCA5: Madonna_Holiday.mp3 So how would this look?

58 Should you trust these systems? Winny (P2P file sharing) 2 people using it got arrested (movie sharing) And the author (Researcher at Tokyo CS department)

59 title = {Peer-To-Peer: Harnessing the Benefits of a Disruptive Technology}, editor = {Andy Oram}, publisher = {O'Reilly \& Associates}, year = {2001} title = {A Survey of Anonymous Peer-to-Peer File-Sharing}, author= { Tom Chothia and Konstantinos Chatzikokolakis }, year = {2005} }

60 @article{piCalculus, title = {Analysing the MUTE Anonymous File- Sharing System Using the Pi-Calculus}, author= {Tom Chothia}, year = {2006} FreeNet and TOR respectively: }

61 @article{lowcost, title = {Low-Cost Traffic Analysis of Tor}, author= {Steven J. Murdoch and George Danezis}, year = {2005} title = {Anonymous Communications for the United States Department of Defense...and you}, author= {Roger Dingledine}, year = {2005} }


Download ppt "Security in P2P environments Anonymity on the internet."

Similar presentations


Ads by Google