Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Slides:



Advertisements
Similar presentations
Tor: The Second-Generation Onion Router
Advertisements

Internetworking II: MPLS, Security, and Traffic Engineering
Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.
One Cell is Enough to Break Tor’s Anonymity Xinwen Fu University of Massachusetts Lowell Team members Zhen Ling, Southeast University Junzhou Luo, Southeast.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.
Tor – The Onion Router By: David Rollé. What is Tor?  Second generation Onion Routing  Aims to improve on first generation issues  Perfect Forward.
UNIT-IV Computer Network Network Layer. Network Layer Prepared by - ROHIT KOSHTA In the seven-layer OSI model of computer networking, the network layer.
Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
Firewalls and Intrusion Detection Systems
Point-to-Point Network Switching Advanced Computer Networks.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
A New Replay Attack Against Anonymous Communication Networks Xinwen Fu June 30, 2015.
K. Salah1 Security Protocols in the Internet IPSec.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Data Communications and Networking
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Network Address Translation (NAT) CS-480b Dick Steflik.
© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
Presentation on Osi & TCP/IP MODEL
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
Common Devices Used In Computer Networks
BY OLIVIA WILSON AND BRITTANY MCDONALD Up Your Shields with Shields Up!
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Microsoft MVP (Enterprise Security) Microsoft Certified Trainer (18 years) Founder: Cybercrime Security Forum! Winner: Microsoft Speaker Idol 2006 Author:
The Second-Generation Onion Router
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 Virtual Trunking Protocol.
MIS Week 13 Site:
Networking Components WILLIAM NELSON LTEC HUB  Device that operated on Layer 1 of the OSI stack.  All I/O flows out all other ports besides the.
Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–
Nathaniel Ley CIS235 Dec. 09, Why do we need Tor?  Encryption is not enough to ensure complete anonymity, since packet headers can still reveal.
Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.
Networking Components Assignment 3 Corbin Watkins.
1 Review – The Internet’s Protocol Architecture. Protocols, Internetworking & the Internet 2 Introduction Internet standards Internet standards Layered.
Tor Bruce Maggs relying on materials from
ROGER DINGLEDINE, NICK MATHEWSON, PAUL SYVERSON THE FREE HAVEN PROJECT &NAVAL RESEARCH LAB PRESENTED BY: COREY WHITE Tor: The Second-Generation Onion Router.
K. Salah1 Security Protocols in the Internet IPSec.
TCP/IP1 Address Resolution Protocol Internet uses IP address to recognize a computer. But IP address needs to be translated to physical address (NIC).
Securing Access to Data Using IPsec Josh Jones Cosc352.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Ch. 23, 25 Q and A (NAT and UDP) Victor Norman IS333 Spring 2015.
ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.
Tor Bruce Maggs relying on materials from
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.
Hiding in the Dark: The Internet You Cannot See Marc Visnick
1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.
Anonymous Internet Protocols
Instructor Materials Chapter 9: Transport Layer
Section 4 – Computer Networks
0x1A Great Papers in Computer Security
Protocol Application TCP/IP Layer Model
Presentation transcript:

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011

Outline Problem Tor I2P (Invisible Internet Project) Comparison Questions/Comments

Problem Internet surveillance like traffic analysis reveals users privacy. Encryption does not work, since packet headers still reveal a great deal about users. End-to-end anonymity is needed. Solution: a distributed, anonymous network

What is Tor Tor is a distributed anonymous communication service using an overlay network that allows people and groups to improve their privacy and security on the Internet. Individuals use Tor to keep websites from tracking them, or to connect to those internet services blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site.

Design Overlay network on the user level Onion Routers (OR) route traffic Onion Proxy (OP) fetches directories and creates virtual circuits on the network on behalf of users. Uses TCP with TLS All data is sent in fixed size (bytes) cells

Xinwen Lowell 6/41 Components of Tor Client: the user of the Tor network Server: the target TCP applications such as web servers Tor (onion) router: the special proxy relays the application data Directory server: servers holding Tor router information

How does Tor work?

Xinwen Lowell 10/41 How Tor Works? --- Onion Routing Alice Bob OR2 OR1 M √ M A circuit is built incrementally one hop by one hop Onion-like encryption  Alice negotiates an AES key with each router  Messages are divided into equal sized cells  Each router knows only its predecessor and successor  Only the Exit router (OR3) can see the message, however it does not know where the message is from M OR3 M C1 C2 C3 C1 C2 C3 Port

Cells It’s similar to cells in ATM All data is sent in fixed size (bytes) cells Control cell commands:  Padding, create, destroy Relay cell commands:  Begin, data, connected, teardown,...

Commands in Use

Additional functionality Integrity checking  Only done at the edges of a stream  SHA-1 digest of data sent and received  First 4 bytes of digest are sent with each message for verification

Congestion Control OR-to-OR congestion might happen if too many users choose the same OR-to-OR connection. Circuit Level throttling  2 windows keep track of relay data to be transmitted to other ORs (packaging window) and data transmitted out of the network (delivery window)  Windows are decremented after forwarding packets and increments on a relay sendme message towards OP with streamID zero.  When a window reaches 0, no messages are forwarded

Hidden Service and Rendezvous Points Location-hidden services allow Bob to offer a TCP service without revealing his IP address. Tor accommodates receiver anonymity by allowing location hidden services Design goals for location hidden services  Access Control: filtering incoming requests  Robustness: maintain a long-term pseudonymous identity  Smear-resistance: against socially disapproved acts  Application transparency Location hidden service leverage rendezvous points

Creating and connecting to a Location hidden service

Questions about Tor?

I2P: The Invisible Internet Project

What is I2P? An anonymizing P2P network providing end to end encryption*. Utilizes decentralized structure to protect the identity of both the sender and receiver. It is built for use with multiple applications including , torrents, web browsing, IM and more. UDP based (unlike Tor’s TCP streams)

What is I2P Not? I2P is not Tor even though they are similar in some ways. While you can use it as an anonymizing gateway to the internet, that is not its intended purpose I2P was designed primarily to host its own services

I2P Definitions Router Tunnel Gateway Endpoint NetDB

I2P Tunnels

NetDB Each router holds a network database This contains both “routerInfo” and “leaseSets” rotuerInfo – stores information on specific I2P routers and how to contact them leaseSets – stores information on a specific destinations (i.e. I2P websites, servers, etc.)

Joining the Network

Establishing a Tunnel

Establishing a Connection

Encryption View

Comparison: Tor vs. I2P TCP vs. UDP Directory Server vs. NetDB (P2P) Separation of Nodes and Clients vs. Everyone Routes Traffic Exit Nodes vs. Outproxies Circuits vs. Tunnels

Questions/Comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.