Modified Onion Routing and its Proof of Concept By: Gyanranjan Hazarika.

Slides:



Advertisements
Similar presentations
Tor: The Second-Generation Onion Router
Advertisements

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany.
Privacy Protection In Grid Computing System Presented by Jiaying Shi.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
Traffic Analysis Prevention Chris Conger CIS6935 – Cryptographic Protocols 11/16/2004.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Anonymous Communication -- a brief survey
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Lecture 14: Anonymity on the Web (cont) Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.
R. Newman Anonymity - Background. Defining anonymity Defining anonymity Need for anonymity Need for anonymity Defining privacy Defining privacy Threats.
CIS 325: Data Communications1 Chapter Seventeen Network Security.
Ways to reduce the risks of Crowds and further study of web anonymity By: Manasi N Pradhan.
UNIT-VIII Syllabus Application Layer – Network Security, Domain name system, SNMP, Electronic Mail; the World WEB, Multi Media.
Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.
The Silk Road: An Online Marketplace
Onion Routing R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.
The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.
Effectiveness of Blending Attacks on Mixes Meng Tang.
Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.
Making the Neutral Traffic Matrix More Meaningful Joseph Choi.
1 Anonymous Communications CSE 5473: Network Security Lecture due to Prof. Dong Xuan Some material from Prof. Joan Feigenbaum.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.
1 Internet data security (HTTPS and SSL) Ruiwu Chen.
Systems Architecture Anonymous Key Agreement Dominik Oepen
Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum
Chapter 5 Network Security Protocols in Practice Part I
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
Zueyong Zhu† and J. William Atwood‡
Network Security.
What is network security?
Anonymous Communication
What's the buzz about HORNET?
Information and Network Security
CSE 4905 Network Security Overview
Dark Web, Deep Web, and I2P Dante Taylor, Dayton Chamberlin, Kade Randall, Trevor, Tanner, Harshit Joshi, Troy.
An Introduction to Privacy and Anonymous Communication
0x1A Great Papers in Computer Security
SPINS: Security Protocols for Sensor Networks
Network Security: Anonymity
Free-route Mixes vs. Cascades
Anonymity - Background
Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li  University of Pittsburgh, Pittsburgh, PA Hui Ling.
Anonymous Communication
Cryptography and Network Security
Security Of Wireless Sensor Networks
Chapter 15 – Part 2 Networks The Internal Operating System
Amar B. Patel , Shushan Zhao
Security of Wireless Sensor Networks
Unit 8 Network Security.
Introduction to Cryptography
Electronic Payment Security Technologies
Anonymous Communication
Module 4 System and Application Security
Anonymous Communication
Message Authentication
Trust-based Privacy Preservation for Peer-to-peer Data Sharing
Contributors: Connor McCoy
Presentation transcript:

Modified Onion Routing and its Proof of Concept By: Gyanranjan Hazarika

The Goal is not to explain what is OR or TOR Goal is to overcome some of the vulnerabilities of OR Provide a proof of concept of the proposed modifications

Vulnerabilities of OR OP Y X Link encrypted between routing nodes Proxy/Router controlled by Secure Site Routing node Secure Site Initiator host EF U Responder host Responder’s Proxy/Router Unsecured socket connection No MAC Passive adversary can link sender & recipient

How do we overcome? OP Y X Link encrypted between routing nodes Proxy/Router controlled by Secure Site Routing node Secure Site Initiator host EF U Responder host Responder’s Proxy/Router Unsecured socket connection Initiator Host Responder host Add MAC MIX

Time to Provide Proof of Concept Challenges? Encryption is a big challenge! We have link encryption, onion layer encryption and forward & backward encryption D. Goldschlag et al[1] says use PKCS for onion layer encryption. Nothing on link encryption

Use of DH Key May be symmetric key is better in terms of computation Used Diffie-Hellman secret for link encryption and onion layer encryption Used 256 bit long secret key A word on Diffie-Hellman exchange…..

Diffie-Hellman Key Exchange Not going to spend time on it. Perhaps, we all know……

More challenges What about forward and backward cryption? What about network layout? How members connect to each other? Introduced ORCS. Onion Routing Central Server. An idea borrowed from Crowds!

ORCS

Base Architecture

A Layer of an Onion In Packet Format

A Typical Packet A Flaw in the packet format?

Proposed Packet Format

DEMO Demo Part-1 Demo Part-2 We can make it work!

Some Results No of sender's msg Threshold pool mix (n[pool]- s[threshold]) Avg No of Dummy msgs No of trials 1(2-1) (3, 1, 1, 2, 3, 1, 2, 2, 6, 2) 2(2-1)35 (6, 3, 2, 3, 1) 1(3-1)4 10 (2, 3, 3, 12, 5, 0, 9, 4, 1, 1) 2(3-1)55(8, 17, 2, 5, 3) 1(3-2) (3, 7, 1, 15, 1, 1, 11, 7, 3, 15) 2(3-2)75(6, 10, 6, 4, 9) Limited Testing Only!

Blending Attack Behavior For performing blending attack the attacker needs to flush the pool and ensure that all the good messages are out. Till then he delays the target message.

Strong Protection against Blending Attack With this design where OR and MIX blends together, it will be very difficult for an attacker to inject bad messages into the MIXes as he needs to at least have the (forward fn, Key) pair to form a bad message which is distinguishable when it comes out of the MIX. (forward fn, Key) pair is available with the sender and the MIX itself. So, unless the sender or the MIX itself is compromised attacker can't perform blending attack. The chances of the sender compromising its own anonymity is nil, otherwise, he would not have gone through the hurdle of a OR network. If MIX is compromised there is no need of blending attack. The link encryption will be an extra hurdle.

What if ORCS is compromised? Only way ORCS can aid an adversary is by facilitating MITM An authorization code will help preventing! How to distribute the code?

A Word about the Source Code It consists of 32 files and around 8200 LOC. Plan to open source it after receiving feedback from the Professor. May have to incorporate comments. Any suggestion is welcome!

References  [1] D. Goldschlag, M. Reed, and P. Syverson. Hiding routing information. In Ross Anderson, editor, Information Hiding, First International Workshop, pages Springer-Verlag, LNCS 1174, May  [2] Michael K. Reiter and Aviel D. Rubin. Crowds: anonymity for web transactions. ACM Transactions on Information and System Security, 1(1):66-92,  [3] B. Schneier. Applied Cryptography: Protocols, Algorithms and Source Code in C, John Wiley and Sons,  [4] Paul F. Syverson, David M. Goldschlag, and Michael G. Reed, “Anonymous Connections and Onion Routing “, IEEE Journal on Selected Areas in Communication, Vol 16, No.4, pp , May 1998, Naval Research Laboratory  [5] Andrei Serjantov, Roger Dingledine, and Paul Syverson. From a trickle to a flood: Active attacks on several mix types. In Fabien Petitcolas, editor, Proceedings of Information Hiding Workshop (IH 2002). LNCS 2578, Springer, October 2002.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.