15-744: Computer NetworkingOverviewRandomized RoutingOnion RoutingRoute EstablishmentTorHow does Tor work?Slide 8Tor Circuit Setup (1)Tor Circuit Setup (2)Tor Circuit Setup (3)Using a Tor CircuitLocation Hidden ServersCreating a Location Hidden ServerUsing a Location Hidden ServerSlide 16An “Old” ProblemProxy-Based Web CensorshipGoalThe Big PictureRequirements(Un)related WorkSafeweb/Triangle boySummaryCircumventing CensorsSystem ArchitectureReceiving Content is Easier HalfExampleGoals AnalysisUpstream (Requests) is HarderSlide 31Performance vs. DeniabilityParanoid AlternativeHigher PerformanceSolution: Range MappingToy ExampleSlide 37Our Wireless WorldBest Security PracticesPrivacy Problems RemainProblem: Long-Term LinkingSlide 42Problem: Short-Term LinkingSlide 44Fundamental ProblemGoal: Make All Bits Appear RandomChallenge: Filtering without IdentifiersDesign RequirementsSolution SummaryStraw man: MAC PseudonymsSlide 51Straw man: Encrypt EverythingStraw man: Public Key ProtocolStraw man: Symmetric Key ProtocolSlide 55SlyFiSlide 57SlyFi: Data TransportSlide 59SlyFi: Discovery/BindingSlide 61Slide 62Slide 6315-744: Computer NetworkingL-23 Privacy2Overview•Routing privacy•Web Privacy•Wireless Privacyslide 3Randomized Routing•Hide message source by routing it randomly•Popular technique: Crowds, Freenet, Onion routing•Routers don’t know for sure if the apparent source of a message is the true sender or another routerOnion Routing•Sender chooses a random sequence of routers •Some routers are honest, some controlled by attacker•Sender controls the length of the pathslide 4RR4R1R2RRR3BobRRRAliceslide 5Route EstablishmentR4R1R2R3BobAlice{R2,k1}pk(R1),{ }k1{R3,k2}pk(R2),{ }k2{R4,k3}pk(R3),{ }k3{B,k4}pk(R4),{ }k4{M}pk(B) Routing info for each link encrypted with router’s public key Each router learns only the identity of the next routerTor•Second-generation onion routing network•http://tor.eff.org•Developed by Roger Dingledine, Nick Mathewson and Paul Syverson•Specifically designed for low-latency anonymous Internet communications•Running since October 2003•100s nodes on four continents, thousands of users•“Easy-to-use” client proxy•Freely available, can use it for anonymous browsingslide 6How does Tor work?How does Tor work?Tor Circuit Setup (1)•Client proxy establish a symmetric session key and circuit with Onion Router #1slide 9Tor Circuit Setup (2)•Client proxy extends the circuit by establishing a symmetric session key with Onion Router #2•Tunnel through Onion Router #1 (don’t need )slide 10Tor Circuit Setup (3)•Client proxy extends the circuit by establishing a symmetric session key with Onion Router #3•Tunnel through Onion Routers #1 and #2slide 11Using a Tor Circuit•Client applications connect and communicate over the established Tor circuit•Datagrams are decrypted and re-encrypted at each linkslide 12Location Hidden Servers•Goal: deploy a server on the Internet that anyone can connect to without knowing where it is or who runs it•Accessible from anywhere•Resistant to censorship•Can survive full-blown DoS attack•Resistant to physical attack•Can’t find the physical server!slide 13Creating a Location Hidden Serverslide 14Server creates onion routesto “introduction points”Server gives intro points’descriptors and addresses to service lookup directoryClient obtains servicedescriptor and intro pointaddress from directoryUsing a Location Hidden Serverslide 15Client creates onion routeto a “rendezvous point”Client sends address of therendezvous point and anyauthorization, if needed, toserver through intro pointIf server chooses to talk to client,connect to rendezvous pointRendezvous pointmates the circuitsfrom client & server16Overview•Routing privacy•Web Privacy•Wireless Privacy17An “Old” Problem•Many governments/companies trying to limit their citizens’ access to information•Censorship (prevent access)•Punishment (deter access)•China, Saudi Arabia, HP•How can we defeat such attempts?•Circumvent censorship•UndetectablyProxy-Based Web Censorship•Government manages national web firewall•Not optional---catches ALL web traffic•Block certain requests•Possibly based on content•More commonly on IP address/publisher•China: Western news sites, Taiwan material•Log requests to detect troublemakers•Even without blocking, may just watch traffic•But they don’t turn off the whole net•Creates a crack in their barrier18Goal•Circumvent censor via innocent web activity •Normal web server and client cooperate to create covert channel•Without consequence for client•And without consequence for server•Broad participation increases system robustness•Ensure offering service doesn’t lead to trouble •e.g., loss of business through being blocked•Also, “law knows no boundaries”19The Big Picture20Requirements•Client deniability•Detection could be embarrassing or worse•Client statistical deniability•Even suspicion could be a problem•Server covertness/statistical deniability•If server detected, can be blocked•Communication robustness•Even without detecting, censor could scramble covert channel•Performance (bandwidth, latency)21(Un)related Work•SSL•Encrypted connection---can’t tell content•Suspicious!•Doesn’t help reach blocked servers•Govt. can require revealing SSL keys•Anonymizing Proxies•Prevent servers from knowing identity of client•But proxy inside censor can’t reach content•And proxy outside censor can be blocked•And use of proxy is suspicious2223Safeweb/Triangle boy•Operation•Client contacts triangle-boy “reflector”•Reflector forwards requests to blocked server•Server returns content to client (IP spoof)•Circumvents censorship•But still easily detected•“Local monitoring of the user only reveals an encrypted conversation between User and Triangle Boy machine.” (Safeweb manual)24Summary•Easy to hide what you are getting•Just use SSL•And easy to circumvent censors•Safeweb•But hard to hide that you are doing it25Circumventing Censors•Censors allow certain traffic•Use to construct a covert channel•Talk to normal servers•Embed requests for censored content in
View Full Document