anonymity on the web: a brief overview by: nipun arora uni-na2271
TRANSCRIPT
Anonymity on the Web: A Brief
Overview
By: Nipun Arora
uni-na2271
What is Anonymity?What is Anonymity?
“Anonymity is the state of being not identifiable within a set of subjects.”
◦ There is no such thing as absolute anonymity First suggested by David Chaum in his seminal paper[1] on
anonymous remailer systems Anonymity deals with hiding identity of the user
◦ Relationship between users is hidden
◦ Perfect Forward secrecy: defending against statistical analysis attacks
◦ Confidentiality/Availability/Integrity is preserved Services available even though hidden and integrity of the connection is
maintained
Why we require Why we require anonymity?anonymity?
Defends against a common form of Internet surveillance
known as "traffic analysis."
Internet traffic analysis allows adversaries to model user
behavior and interests
Confidentiality (Encryption) does not prevent adversaries
from determining the identity of the user and his/her peers.
OverviewOverview
Goal of Anonymity
◦Inititator Anonymity responder(server) cannot determine the identity of the
client(initiator)
◦Responder Anonymity attacker cannot determine who the intended receiver of
the particular package is
◦Unlikability: attacker may determine senders and receivers but not
the associations between them (attacker doesn’t know who communicates with whom)
Types of adversaries against anonymity◦Outsiders
Global Passive Adversary: Attacker which can have a Global view of the internet and monitor internet activity
◦Insiders Local eavesdropper : Attacker monitoring activity on
some restricted domain Compromised router , or malicious server
Threat Model
Taxonomy of Anonymity Taxonomy of Anonymity SystemsSystems
Recent anonymyzing systems can be divided in broadly two categories
◦ Low Latency Anonymizers: Low latency anonymity systems are used for interactive applications. Such systems guarantee low response time essential to interactive applications such as web browsing. TOR: The Onion Router is one of the most commonly used
Low Latency Anonymizers JAP- Java Anonymous Proxy An.on/Anonymizer.com
Latency Tolerant Anonymizers: Delay Tolerant anonymizers are used for applications which do not require the low response time essential to interactive applications. Eg. E=mail
Mixminion: Type III anonymous remailer system
Mix nets & Mix CascadesMix nets & Mix Cascades
David Chaum. “Untraceable electronic mail, return addresses, and digital pseudonyms”. Communications of the ACM, February 1981.
Set of anonymizing relays/proxies to evade an eavesdropper from linking initiator and the responder.
Mixes- Each relay in the network is a ‘mix’
Mix Cascade’sMix Cascade’s
String A, B and C are passed as packets to Mix1
Mix 1 randomly forwards it to Mix 2, Mix 3, Mix 4
A cascade is several such mixes put in a relay
It is extremely difficult for an adversary to make an end to end connection between sender and reveiver in case of mix cascade
Layered Encryption: Layered Encryption: ‘‘OnionOnion’’
• Several layers of data• The data being sent is encapsulated
in something similar to an ‘onion’.• At each hop in the mixed cascade the
onion is peeled to find the next relay point.
• This concept forms the basis paradigm of the onion routing project.
Address of first relay
Address of the 2nd relay
Data
Overview of Tor Architecture
What is Tor ?
- The Onion Routing Project (currently in second gen.)
Key Features:
- Network of proxies -Uses “3-hop” relays (ORs) by default
- – The three relay points are called Entry Node ,
Middleman and Exit Node .
* Although can be extended to as many hops as possible.
- Many connections can be multiplexed over the same Tor
Circuit.
Key Features(continued...)
- Encrypted connections to connect the Entry Node ,
Middle Man and Exit Node(uses SSL encryption)
-All the information is not stored in a single Onion Router
(makes it more secure)
- Provides hidden services:
- Services not accessible for an outsider
- Tor creates a new url for the server (a string ,
NOT DNS NAME) within the .onion domain.
The Tor circuit
Client (Alice) fetches the directory
listing of ORs from the directory
service (Dave)
Here Dave contains all the addresses
of the complete Tor network. Alice
creates the onion with complete
addresses of all the relay points it has
to pass through.
<IP address> : 9002
Circut made completely...
Sources of Vulnerabilities for Sources of Vulnerabilities for AnonymizersAnonymizers
Attacks strategies are mostly based on monitoring internet activity
Statistics being used are
◦ Round Trip Time
◦ Throughput
◦ Latency
◦ Clock Skew: TCP timestamp clock drift error , helps in identifying hosts which have a similar drift
An attack by a truly ‘Global Passive Adversary’ cannot be defended.
ConclusionConclusionAnonymity is Necessary!!!Used in places to maintain secrecy
in blogspots or for journalists making comments on contentious issues.
Hiding personal information mantained in histories of several servers
Secure Banking passwordsAvoiding Spams
ReferencesReferences1. D. L. Chaum. Untraceable Electronic Mail, Return
Addresses, and Digital Pseudonyms. Communincations of the ACM, 24(2):84–90, February 1981.
2. R. Dingledine, N. Mathewson, and P. Syverson Tor: The Second-Generation Onion Router. In Proceedings of the 13th USENIX Security Symposium, pages 303–319, August 2004.
Thank You