COMP4337 - Tor

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

What are some hidden services design goals?

- Access control: can filter incoming requests, protect against DDoS attacks - Robustness: maintain a long-term pseudonymous identity

What is Hidden Service or Onion Service?

- Accommodates receiver anonymity - Now can hide anonymity of both client (as before) AND server.

Here is how Alice would then establish a connection to Bob.

- Alice asks the network database to get the leaseSet and network db responds with IP of inbound gateway for Bob

If Alice knows about Bob, what info does she request from the database?

Alice requests Bob's introduction points and public key. She also sets up a rendezvous point.

Here is a view of Alice requesting routerInfo from the network database

- Alice requests routerInfo, network database responds with IP addresses of entry points to connect to - Then, Alice connects to John and John connects to Peter, building the tunnel

How is the path of routers created from Alice to Bob?

- Circuit is built incrementally - First Alice negotiates an AES key with OR1 - Then Alice negotiates an AES key with OR2 through OR1 - NOTE: Alice sends a message to OR1. Then she sends a message to OR2 through OR1, but she does not know who OR2 is and OR2 does not know who Alice is - NOTE: Alice negotiates AES key with each router - The circuit is established.

What are the components of Tor?

- Client/Onion proxy (OP): fetches directories and creates virtual circuits on the network on behalf of users - Destination Server: Target TCP applications such as web servers - Tor Router (Onion Router): OR Relays application data - Directory Server: Servers holding database of current active ORs

What are some issues with TOR?

- Entry/Exit OR: Most users do not run exit OR as it could lead to legal issues - Only about 8,000 OR for millions of users (asymmetric, not every OP is an OR) - Highly centralized, only 10 DS. If you want to block Tor, you can ban the 10 DSs. - relay/path selection algorithm: how do we select algorithms so they are based on congestion - circuit based: Only supports TCP

What if Eve sniffs the message from Alice to the first router?

- Eve will not know content of message, will just know it was sent from Alice to first router.

Describe the difference between onion and garlic routing.

- Onion: Peel one layer of encryption away at a time, one route - Garlic: Able to separate encryption with different components of the route. You can establish multiple tunnels and send different pieces of your message along different routes (this provides an additional amount of security as Eve would only get components of the message)

What are bridges? Why are they used?

- Routers are advertised freely, so can identify all Tor routers operating - Can then determine all the edge routers and man the IPs so no one can connect to those IPs - Bridges are secret IPs to prevent this. - The mechanism to request bridges will only give you a few at a time - Bridges are applied to entry nodes only

How does I2P route?

- Sender only knows about the inbound gateway of the receiver - Message routed through several intermediate devices using layered encryption (garlic routing)

What are the downsides of the commercial relay?

- Single point of failure, what if the relay is malicious? - Traffic analysis can determine who users are

What is anonymity?

- The acting person's name is unknown, but the underlying information could be known or unknown

What is Tor?

- The onion router - distributed anonymous communication service using an overlay network - users use Tor to keep websites from tracking them or to connect to those internet services blocked by ISPs - Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site

What if someone sniffs the plain text message from the final router to Bob?

- They will know the message and that it was sent from router to Bob. - Will not know it was sent from Alice.

What are the general I2P steps for Alice sending a message to Bob?

1. Alice requests routerInfo from the network database and receives the location of other routers 2. Alice builds a tunnel using the routerInfo routers 3. Alice requests leaseSet from the Network database, returning the destination of Bob's inbound gateway. Alice's final router in the tunnel connects to Bob's inbound gateway 4. Alice now has a path to Bob.

Give an overview of how Tor works in terms of Alice sending a message to Bob.

1. Alice's Tor client obtains a list of Tor Routers from the Directory Server 2. Alice's Tor client picks a random path to the destination server 3. If Alice wants to access a different website, Alice's Tor client creates an entirely different path to that destination server

Describe the hidden services steps in terms of Alice connecting to Bob, where Bob is a hidden service

1. Bob picks some introduction points and builds circuits to them. 2. Bob sends introduction points and public key to the database 3. Alice knows that XYZ.onion exists and requests the database for Bob's introduction points and public key. Alice also sets up a rendezvous point 4. Alice encrypts a cookie and her rendezvous point with Bob's public key, sends to an introduction point that delivers it to Bob 5. Bob decrypts Alice's message with his private key, connects to Alice's rendezvous point and provides the cookie 6. Now that Alice knows this is Bob and Bob knows the rendezvous point, they proceed to communicate like normal TOR users.

How long are tunnels maintained for?

10 minutes

After obtaining Bob's introduction points and public key, how does Alice begin to communicate with Bob?

Alice sends a cookie/rendezvous point encrypted with Bob's public key to an introduction point, which then sends it to Bob.

How does Bob respond to receiving this message?

Bob decrypts the message using his private key, sets up a route to the rendezvous point, and sends Alice the decrypted cookie through the rendezvous point. Alice then knows it is actually Bob.

After picking introduction points, what does Bob send to the database?

Bob sends his introduction points and public key.

Describe a commercial relay

Commercial relay

How would a user get information the the I2P routers and the specific destinations?

DHT hosted network database (20,000 routers) - routerInfo stores info on specific routers and how to contact them - leaseSets store info on specific destinations

What if Eve is maliciously operating as the final router?

Eve will know the message and the final destination, but not the sender - NOTE: If HTTPS used, Eve will not know the message

What is I2P?

Invisible Internet Project - No entry and exit nodes. All nodes are routers - fully decentralized structure (no DS) - protects identity of sender and receiver - UDP based - Out-proxies used for normal Internet for web browsing

How is the message from the exit router to the destination server encrypted?

It is not so the exit router can read the message, but does not know where it came from.

Is this one database?

No, it is distributed

Is an application in I2P reachable via IP?

No, it is reachable via a location independent identifier.

If HTTPS, which uses TLS is used, can the exit router read the message?

No, it would be encrypted.

Are bridges applied to entry nodes and inner nodes?

No, just entry nodes.

When Alice negotiates an AES key with OR2, does Alice know the location of OR2? Does OR2 know the location of Alice?

No, only OR1 knows the location of Alice and OR2.

How is the message from Alice (Onion Proxy, Client) to the Destination Server encrypted

Onion encryption. - E1(E2(E3(m))) sent from Alice to OR1 - E2(E3(m)) sent from OR1 to OR2 - E3(m) sent from OR2 to OR3 - m sent from OR3 to Destination Server

Why is all communication conducted in fixed size cells?

So you cannot determine what type of message it is, what type of encryption was used, etc.

What if Eve is maliciously acting as the initial and final router?

Then Eve has cracked you, so Eve knows the sender, receiver, and content of message (unless HTTPS is used) - Would still need a timing analysis to determine that it was sent from Alice and to Bob, as they are not the only people using those routers.

What is an overlay network?

There are many layers of network abstraction, in this case many physical routers between an onion router and the entry guard or exit node.

After Alice knows it is Bob, how do Alice and Bob proceed to communicate?

They proceed like normal Tor users.

What if Eve sniffs something in the middle?

Will know the least information, as will not know the message and only know the two routers.


Kaugnay na mga set ng pag-aaral

anatomy exam 3. mcgraw hill nervous system homework

View Set

Eating Disorders - Psychopathology

View Set

World History MC Questions Semester Exam

View Set

Test #1 Microeconomics (ch. 3 only)

View Set

Economics of Financial Institutions- Chapter 6

View Set

EC 202 final University of Oregon

View Set

The Reproductive System (8th Grade Biology Test)

View Set