Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie."— Presentation transcript:

1 A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie

2 What is Tor? An onion routing protocol originally sponsored by the US Naval Research Laboratory From 2004 to 2006 was supported by EFF Since 2006 has been it’s own 501(c)(3) nonprofit Image courtesy indymedia.de

3 Q: What is an onion routing protocol? A: Like a proxy. But better.

4 So How Does an Onion Routing Protocol Work? The user creates a “circuit” leading to their destination. At each hop, the node “unwraps” a layer from the packet via symmetric keys, revealing the next destination. Full technical details: http://www.torproject.org/tor-design.pdf

5 Image courtesy torproject.org

6

7

8 Photo courtesy Wikimedia Commons

9 So Why Use Tor? Law enforcement uses Tor to visit target websites without leaving government IP addresses in their web log, and for security during sting operations. Whistleblowers use Tor to anonymously contact media organizations Dissidents use Tor to get outside information in oppresive regimes.

10 Real Life Example: 2009 Iranian Presidential Election All Western Media deported or sequestered in hotels Internet Filtering of popular social networking sites (twitter, facebook, youtube, etc) US State Dept asks twitter to delay maintenance ((http://www.nytimes.com/2009/06/17/world/m iddleeast/17media.html?_r=1)

11 Case in point: The Death of Neda Agha-Soltan Video of unarmed protester fatally shot by Basij militia Video uploaded to youtube, shared via twitter. #neda becomes trending topic on twitter Photo Courtesy Wikimedia Commons

12 So How Do I Use Tor? Option 1: Command line Option 2: GUI We of course, want to use option 2. Example of Tor controlled via GUI: Torbutton

13

14

15 Torbutton: Designed for Usability

16 Photo courtesy Wikimedia Commons

17 Tor is Not Perfect

18 The 3 Traditional Threats to Tor's Security: DNS Leaks Traffic Analysis Malicious Exit Nodes

19 Threat 1: DNS Leaks DNS requests not sent through Tor network by default Attacker could see what websites are being visited external software such as Foxyproxy and Privoxy can be used to route DNS requests through tor network, but this is _not_ default behavior

20 Threat 2: Traffic Analysis "Traffic-analysis is extracting and inferring information from network meta-data, including the volumes and timing of network packets, as well as the visible network addresses they are originating from and destined for." Tor is a low latency network, and thus is vulnerable to an attacker who can see both ends of a connection Further reading: Low Cost Traffic Analysis of Tor: (http://www.cl.cam.ac.uk/~sjm217/pa pers/oakland05torta.pdf)

21 Threat 3: Rogue Exit Nodes Traffic going over Tor is not encrypted, just anonymous Malicious exit node can observe traffic Swedish researcher Dan Egerstad obtained emails from embassies belonging to Australia, Japan, Iran, India and Russia, publishes them on the net. Sydney Morning Herald called it “hack of the year” in interview with Egerstad

22 Additional Reading Tor design document: https://git.torproject.org/checkout/tor/master/doc/design- paper/tor-design.html Usability of Anonymous web browsing: an examination of Tor Interfaces and deployability Clark, J., van Oorschot, P. C., and Adams, C. 2007. (http://cups.cs.cmu.edu/soups/2007/proceedings/p41_clark.pdf) Article in Wired on Malicious exit nodes: http://www.wired.com/politics/security/news/2007/09/embassy_hacks?currentPage=1 http://www.wired.com/politics/security/news/2007/09/embassy_hacks?currentPage=1 Dan Egerstad Interview: (One of first to widely publish on malicious exit nodes): http://www.smh.com.au/news/security/the-hack-of-the- year/2007/11/12/1194766589522.html?page=fullpage#contentSwap1 Low-Cost Traffic Analysis of Tor: http://www.cl.cam.ac.uk/users/sjm217/papers/oakland05torta.pdf http://www.cl.cam.ac.uk/users/sjm217/papers/oakland05torta.pdf Why Tor is Slow and What We're Doing About It: https://svn.torproject.org/svn/tor/trunk/doc/roadmaps/2009-03-11-performance.pdf

23 Something to Think About: "A hard-to-use system has fewer users — and because anonymity systems hide users among users, a system with fewer users provides less anonymity. Usability is thus not only a convenience: it is a security requirement" -Tor Design Document

24 #1 Tor Usability Issue: TOR IS SLOW Example: TCP backoff slows down every circuit at once. “Tor combines all the circuits going between two Tor relays into a single TCP connection. Smart approach in terms of anonymity, since putting all circuits on the same connection prevents an observer from learning which packets correspond to which circuit. Bad idea in terms of performance, since TCP’s backoff mechanism only has one option when that connections sending too many bytes: slow it down, and thus slow down all the circuits going across it. This is only one subpart of one section of a 27 page paper entitled “Why Tor is Slow and What We're Doing About It”. Photo courtesy Wikimedia Commons

Download ppt "A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie."

Similar presentations

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.
SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.

SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
How Many Ways Can You Connect To The Internet?

How Many Ways Can You Connect To The Internet?
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.

1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.
236349 Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.

Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
ToR. Tor: anonymity online Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.

ToR. Tor: anonymity online Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.

Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.

I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Introduction to the Internet How did the Internet start? Why was the Internet developed? How does Internet handle the traffic? Why WWW changed the Internet.

Introduction to the Internet How did the Internet start? Why was the Internet developed? How does Internet handle the traffic? Why WWW changed the Internet.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.

Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –

Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Similar presentations

Ads by Google