Presentation is loading. Please wait.

Presentation is loading. Please wait.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

Published bySydney Cameron Modified over 9 years ago

Similar presentations

Presentation on theme: "How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011."— Presentation transcript:

1 How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011

2 Goal of every anonymous communication scheme is to allow users to communicate while concealing information about who communicates with whom.

3 The Idea Chaum proposed sending messages through a “Mix server” that mixes together messages from several senders before forwarding these messages to their destinations, concealing relationship between sender and receiver. There are many schemes, yet all rely on “mixing” relays.

4 High-latency Like Mixmaster and Mixminion Deliver messages at a significant delay Schemes implement countermeasures that increase delay – Pool Mixing – Consume Bandwidth Cover Traffic

5 Low-Latency Like Tor, I2P, AN.ON, Crowds, Anonymizer.com Commercial proxy aggregators Allows anonymous use of application services – Remote login and web browsing Reduced anonymity guaranteed Security against “local” adversary

6 Malicious servers acting as local adversaries can observe the network latency of a connection made over a Tor circuit 3 experiments that measure the extent to which this information leakage compromises the anonymity of clients using a low-latency anonymity scheme – Analysis of noise-free anonymity leakage – A passive linkability attack – An active client-identification attack

7 Quick overview of Tor Low-latency, bandwidth-efficient, anonymizing layer for TCP streams With use of at least 3 nodes, no node knows the identities of both communicating parties

8 Latency without Noise Anonymity circuit imposed no delay at all Difference between connecting to a server normally and over the anonymity service is in the latter, the client’s IP address is missing Best possible case for an attack based solely on Round-Trip Time (RTT) information. Analyzed on MIT King Data Set and PlanetLab systems

9 Circuit Linking via Latency 2 colluding servers both accept connections from the same exit node The 2 servers try to determine whether they are communicating with different clients or the same client.

10 Are they the same? The servers have to calculate the RTT between each node in the connection The servers then have to calculate the “queueing” time for each node Add everything to gether If everything is equivalent, then it indicates probabilistically they are the same If not, they come from different distributions

11 Attack by the server Sends HTML with 1000 separate tags printing empty images. Causes browser to make 1000 separate connections to server. The amount of calls varies, but with a possible 24 concurrent connections, this requires about 42 “rounds” of connections.

12 2 different tests Comparison of means – Confidence interval for the mean of each sample population with traversal at fixed time Kolmogorov-Smirnov – Computes the largest difference in cumulative probability density between two sample sets Receiver Operating Characteristic Curves – Each point corresponds to the true positive and false positive rates for one setting of the rejection thresholds

13 Client Location Via Latency Adversary is three logical entities: Aserver, Aclient and Ator Goal is to identify V’s network latency

14 The Attack Basic Idea – Calculate the RTT between V and E 3 steps – Measuring first hop latency – Estimating candidate RTTs – Eliminating Candidates

15 Measuring first hop latency Aserver and Ator can determine circuit order after several iterations Aclient connects using the circuit and calculates RTT With information we can estimate the RTT from V to E

16 Estimating candidate RTTs Need a method to obtain the RTT between two hosts without explicit cooperation of either Vivaldi embedding algorithm – Ease of implementation – Disadvantage: in order to be accurate without cooperation, several nodes must be used for the service

17 Eliminating Candidates Check all candidates to see if their RTTs are consistent with the estimated RTT between V and E Accepting means the RTT is within 85% of the estimate RTT between V and E

18 Limitations Limited data on conditional information gain Client location attack assumes that a user repeatedly accesses a server from the same network location

19 Mitigation Onion routing minimizes the success probability of Murdoch-Danezis’ clogging attack Adding sufficient delays to make the RTT and timing characteristics of Tor servers independent of the underlying network topology

20 Thank you! Questions?

Download ppt "How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011."

Similar presentations

Dynamic Source Routing (DSR) algorithm is simple and best suited for high mobility nodes in wireless ad hoc networks. Due to high mobility in ad-hoc network,

Dynamic Source Routing (DSR) algorithm is simple and best suited for high mobility nodes in wireless ad hoc networks. Due to high mobility in ad-hoc network,
A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.

A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.
SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.

SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.
Switching Techniques In large networks there might be multiple paths linking sender and receiver. Information may be switched as it travels through various.

Switching Techniques In large networks there might be multiple paths linking sender and receiver. Information may be switched as it travels through various.
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
LASTor: A Low-Latency AS-Aware Tor Client

LASTor: A Low-Latency AS-Aware Tor Client
PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.
Page 1 / 14 The Mesh Comparison PLANET’s Layer 3 MAP products v.s. 3 rd ’s Layer 2 Mesh.

Page 1 / 14 The Mesh Comparison PLANET’s Layer 3 MAP products v.s. 3 rd ’s Layer 2 Mesh.
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.
Predicting Tor Path Compromise by Exit Port IEEE WIDA 2009December 16, 2009 Kevin Bauer, Dirk Grunwald, and Douglas Sicker University of Colorado Client.

Predicting Tor Path Compromise by Exit Port IEEE WIDA 2009December 16, 2009 Kevin Bauer, Dirk Grunwald, and Douglas Sicker University of Colorado Client.
Winter 2008CS244a Handout #61 CS244a: An Introduction to Computer Networks Handout 6: The Transport Layer, Transmission Control Protocol (TCP), and User.

Winter 2008CS244a Handout #61 CS244a: An Introduction to Computer Networks Handout 6: The Transport Layer, Transmission Control Protocol (TCP), and User.
A Flexible Model for Resource Management in Virtual Private Networks Presenter: Huang, Rigao Kang, Yuefang.

A Flexible Model for Resource Management in Virtual Private Networks Presenter: Huang, Rigao Kang, Yuefang.
Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Visualizing Privacy II.

Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Visualizing Privacy II.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:

1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002

Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002

Similar presentations

Ads by Google