Presentation is loading. Please wait.

Presentation is loading. Please wait.

Anonymous Internet Protocols

Published byCamron Cain Modified over 6 years ago

Similar presentations

Presentation on theme: "Anonymous Internet Protocols"— Presentation transcript:

1 Anonymous Internet Protocols
Gregory Martin

2 Why should I be anonymous
Releasing information to the public domain without a name attached Rights to free speech Rights to discuss things without being watched Don’t want people seeing what your looking at Most importantly it just has to do with a basic right to privacy Earlier this year Yahoo, MSN and AOL turned data over to the government including profiles on users search habits

3 What does anonymous mean
Pseudonymity – This is almost anonymous Real world identity is hidden by a user name or “handle” Gives user a sense of safety from being identified Not really anonymous as your IP address can still be determined IP address gives out enough information to often reveal your real world identity First step towards true anonymity is to hide your IP address

4 First steps to becoming anonymous
Firewalls for protection Protects you from outsiders finding you Packet filtering prevents others from sending things to you based on IP address, ports, or protocol Does not really make you anonymous when you go looking for things but can help prevent others from finding you when they are actively looking for holes in security You can make filters based on whether traffic comes form intra or internet also can dictate IP zones for what is trusted

5 Next step: Proxies Proxies are a way of communicating through something else. A tells B, B tells C in a sense hiding A’s identity from C Can be used as a medium to reformat pages for cell phones and PDA’s (skweezer) This can also be used to view a site that is blocked by your school or works network Want to check sports scores at work, find a proxy so work sees the connection to the proxy not espn.com Not only makes it so work can’t see where you go, it can make it so that the site can’t see where you came from(

6 The first proxy downfall to be addressed
Logging. If a proxy server is between you and the site you are going to what happens if it is logging what you are doing. The site you go to does not know who you are, but the proxy does and the proxy also knows what you requested. To address the proxy knowing who you are you can have a proxy go to a proxy go to a proxy go to a proxy…….. This makes the proxy not know your address, maybe. The more proxies you go to the bigger chance you have that one of them is logging, and if they are logging are you sure your header data isn’t in there anywhere. Sometimes this ends up being not much more than an illusion of safety

7 Types of proxies Web Proxy Can speed up operations through cache hits
Can be used to filter information to your corporation Can be used to detect malicious intent through use of log files

8 Reverse Proxy Using a proxy to host a website
Web servers connect to the proxy that can be placed outside a firewall so you can keep your web servers protected inside the firewall Can be used to lower traffic requests to a web server Can use a cache as well and can also help load balance between web servers.

9 More uses of basic proxies
Encryption or compression can be done at the proxy area instead of on the web server or desktop connecting to it If the proxy has hardware acceleration for compression or encryption it can lower traffic costs and speed up transmissions If you build a web interface on top of an application you can use a proxy to serve more than just websites. Ex: Citrix can be used to enable use of a whole desktop through a website.

10 A side note: Encryption
Anonymous proxies are on the way next While encryption is not necessarily used for anonymity it needs to be mentioned as many of the things I will mention use encryption Also encryption has the ability of hiding the content of what you are looking at from people between you and where you go. A encrypts file hands to B, B can’t read it and hands it to C, C has the key to decrypt file and so can read it. So long as B does not have access to the key they cannot read the information that is being passed through it. Some forms of encryption are AES and DES Also public/private key encryptions

11 ANTS P2P Ants is simply a peer to peer network that uses multiple hops that cascade as you search to make it so you don’t know who has the info and they don’t know who you are Data sent is encrypted with AES encryption and therefore secret from eavesdroppers.

12 SOCKS SOCKetS Is an internet protocol used to allow client server proxying Made for allowing of clients inside a firewall to use a proxy outside the firewall, works opposite direction as well Provides an interface for the proxying of programs through a standard protocol

13 Back to proxies: Anonymous proxies

14 JAP - Java Anonymous Proxy
For a while this had code in it so that if someone used it to access certain IP’s it recorded it and sent it to the police. Found later by observant users Don’t always trust your proxy

15 I want to get lost in the cloud
Anonymous proxies are used as a go between measure to hide your identity If the proxy is being monitored though it eliminates the security. If you are the only person connected to a proxy it would be pretty easy to guess who might be on the other end. So again the proxy chain is an idea. One proxy to another to another, you would have to monitor multiple proxies. Also make sure you don’t have personal data in the message itself.

16 Onion Routing Each router has a public key
First router selects a group of onion routers and generates each of them a symmetric key as well as the next router in the path Encrypt message send to first router, it gets decrypted using its private key revealing the next router, it then sends to that router which decrypts using its private key and sends along Until it reaches the destination and has all layers peeled

17 Onion Routing Replys are sent as the sender generates an onion and a reply onion. The reply onion is sent to the recipient and this is used to initiate the reply, Because this is multiply encrypted you must either break the public key encryption or compromise all routers in route to find out much info Weaknesses – Traffic analysis If you can see the whole network you can watch where things start and end If you stay on the network you can watch connections going through yourself, if you find yourself seeing the same session multiple times you will tend to see the source most often Also you can analyze based on traffic cannot go through onions that recently left, or ones that very recently joined

18 TOR – “onion V2” Provides a network proxy for any application to use
It creates a hop to hop connection to find a way to a server, still using an onion peel Can be plugged into chat, , P2P or any other application that supports SOCKS proxies

19 TOR Because it does away with the onion routing layer it makes it general purpose TCP so you can use it for general purposes. Its reply system is a rendezvous point system which also allows for hidden web servers (.onion) and things such as messaging back and forth while both people remain anonymous Still weak to some traffic analyisis, such as viewing the whole network, or watching timings on both ends of a conversation Active X and Virtual machines, or other such things running on your computer can still give out information. This protects the packets, not the contents of the packets.

20 I2P Similar to TOR UDP instead of TCP Java instead of C
More meant for plugging into to P2P networks than TOR Uses Garlic routing where each clove has padded information to prevent traffic analysis, and can also pad latency times to prevent this as well. The routing does not use SOCKS it uses java, c and python API’s I2P allows each clove to contain multiple messages instead of just one onion being passed. Every person on network has to be a server

21 I2P and TOR cont’ I2P is packet switched instead of circuit switched which can speed it up a bit Connections are unidirectional instead of bidirectional meaning you have to compromise 2x as many computers to do traffic analysis successfully Tunnels are shorter lived Because all clients have to be servers there is an inherent overhead from using it You can use that to compare uptimes of services to uptimes of nodes to analyze and get addresses Hidden sites are .I2P Very similar concept, very opposite approaches, very similar results Websites of both do a fair analysis of the other

22 Freenet

23 Freenet Mainly meant for hiding information about who published something You send request for key, it is forwarded until found and then sent back same route you sent on. Any of the hops on the way back may cache the file thus making later searches faster and also making it so there is no single source node Updates are done in a similar way, the updated page is sent into the network looking for the key to update the page SSK is a public key encryption to veryify author and to make sure that your document is not tampered with This allows for a pseudonymous identity on the network

24 Freenet As more things are inserted by the same person it will cause things with similar keys to end up in the same area Future versions use darknet which uses a friends system to allow for an increase in performance. Though many users won’t use new versions of freenet because of the darknet implementation Also the possibility does exist to combine an onion routing protocol into the networks message passing

25 Bibliography http://en.wikipedia.org/wiki/Anonymity
2434c16e03401abd07e4d027e0d0c3ad7518e358

Download ppt "Anonymous Internet Protocols"

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Proxy Servers CS-480b Dick Steflik Proxy Servers Part of an overall Firewall strategy Sits between the local network and the external network Originally.

Proxy Servers CS-480b Dick Steflik Proxy Servers Part of an overall Firewall strategy Sits between the local network and the external network Originally.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.

Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.
Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  E-mail Virus  Trojan Horse  Phishing 

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.

CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.
Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.

Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.

Similar presentations

Ads by Google