Download slides - People

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
Document related concepts

Distributed firewall wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

CAN bus wikipedia , lookup

Tor (anonymity network) wikipedia , lookup

Remote Desktop Services wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Airborne Networking wikipedia , lookup

Peer-to-peer wikipedia , lookup

Routing in delay-tolerant networking wikipedia , lookup

Lag wikipedia , lookup

Transcript 
How Much Anonymity does
Network Latency Leak?
Paper by: Nicholas Hopper, Eugene
Vasserman, Eric Chan-Tin
Presented by: Dan Czerniewski
October 3, 2011
• Goal of every anonymous communication
scheme is to allow users to communicate
while concealing information about who
communicates with whom.
The Idea
• Chaum proposed sending messages through a
“Mix server” that mixes together messages
from several senders before forwarding these
messages to their destinations, concealing
relationship between sender and receiver.
• There are many schemes, yet all rely on
“mixing” relays.
High-latency
• Like Mixmaster and Mixminion
• Deliver messages at a significant delay
• Schemes implement countermeasures that
increase delay
– Pool Mixing
– Consume Bandwidth
• Cover Traffic
Low-Latency
• Like Tor, I2P, AN.ON, Crowds, Anonymizer.com
• Commercial proxy aggregators
• Allows anonymous use of application services
– Remote login and web browsing
• Reduced anonymity guaranteed
• Security against “local” adversary
• Malicious servers acting as local adversaries can
observe the network latency of a connection
made over a Tor circuit
• 3 experiments that measure the extent to which
this information leakage compromises the
anonymity of clients using a low-latency
anonymity scheme
– Analysis of noise-free anonymity leakage
– A passive linkability attack
– An active client-identification attack
Quick overview of Tor
• Low-latency, bandwidth-efficient, anonymizing
layer for TCP streams
• With use of at least 3 nodes, no node knows
the identities of both communicating parties
Latency without Noise
• Anonymity circuit imposed no delay at all
• Difference between connecting to a server
normally and over the anonymity service is in
the latter, the client’s IP address is missing
• Best possible case for an attack based solely
on Round-Trip Time (RTT) information.
• Analyzed on MIT King Data Set and PlanetLab
systems
Circuit Linking via Latency
• 2 colluding servers both accept connections
from the same exit node
• The 2 servers try to determine whether they
are communicating with different clients or
the same client.
Are they the same?
• The servers have to calculate the RTT between
each node in the connection
• The servers then have to calculate the
“queueing” time for each node
• Add everything to gether
• If everything is equivalent, then it indicates
probabilistically they are the same
• If not, they come from different distributions
Attack by the server
• Sends HTML with 1000 separate tags printing
empty images.
• Causes browser to make 1000 separate
connections to server.
• The amount of calls varies, but with a possible
24 concurrent connections,
this requires about 42 “rounds”
of connections.
2 different tests
• Comparison of means
– Confidence interval for the mean of each sample
population with traversal at fixed time
• Kolmogorov-Smirnov
– Computes the largest difference in cumulative
probability density between two sample sets
• Receiver Operating Characteristic Curves
– Each point corresponds to the true positive and false
positive rates for one setting of the rejection
thresholds
Client Location Via Latency
• Adversary is three logical entities: Aserver,
Aclient and Ator
• Goal is to identify V’s network latency
The Attack
• Basic Idea
– Calculate the RTT between V and E
• 3 steps
– Measuring first hop latency
– Estimating candidate RTTs
– Eliminating Candidates
Measuring first hop latency
• Aserver and Ator can determine circuit order
after several iterations
• Aclient connects using the circuit and
calculates RTT
• With information we can estimate the RTT
from V to E
Estimating candidate RTTs
• Need a method to obtain the RTT between
two hosts without explicit cooperation of
either
• Vivaldi embedding algorithm
– Ease of implementation
– Disadvantage: in order to be accurate without
cooperation, several nodes must be used for the
service
Eliminating Candidates
• Check all candidates to see if their RTTs are
consistent with the estimated RTT between V
and E
• Accepting means the RTT is within 85% of the
estimate RTT between V and E
Limitations
• Limited data on conditional information gain
• Client location attack assumes that a user
repeatedly accesses a server from the same
network location
Mitigation
• Onion routing minimizes the success
probability of Murdoch-Danezis’ clogging
attack
• Adding sufficient delays to make the RTT and
timing characteristics of Tor servers
independent of the underlying network
topology
Thank you!
• Questions?
Related documents
Installing Chart Templates
Installing Chart Templates
NetworkingReview
NetworkingReview
“Ethics Online” Shaping social behavior online takes more than new
“Ethics Online” Shaping social behavior online takes more than new
Lecture 10
Lecture 10
RTT Remote Desktop Test Set Release
RTT Remote Desktop Test Set Release
Rett Syndrome What you wanted to know and more
Rett Syndrome What you wanted to know and more
VLSI-programming assignment 1: shift registers
VLSI-programming assignment 1: shift registers
Economics 250 Grouped Data Sometimes data are grouped into
Economics 250 Grouped Data Sometimes data are grouped into
23anon
23anon
18739A-AnonymityProtocols
18739A-AnonymityProtocols
Abstract - PG Embedded systems
Abstract - PG Embedded systems
PPT - Department of Computer Science
PPT - Department of Computer Science
Presentation_Oral_qualifying_exam_Elgzil_AbdelhamidV3
Presentation_Oral_qualifying_exam_Elgzil_AbdelhamidV3
electric current
electric current
Transforming the Clinic Outcome Form: A project to improve patient
Transforming the Clinic Outcome Form: A project to improve patient
Lecture 2c - Getting a grip on anonymity
Lecture 2c - Getting a grip on anonymity
pptx - Cornell Computer Science
pptx - Cornell Computer Science
Electricity Worksheet 2 – Voltage, Current and Resistance
Electricity Worksheet 2 – Voltage, Current and Resistance
CMPT 880: P2P Systems - SFU computer science
CMPT 880: P2P Systems - SFU computer science
- Wiley Online Library
- Wiley Online Library
European Higher Education Area Level 6 Benchmarking
European Higher Education Area Level 6 Benchmarking
20060717-phoebus-almes
20060717-phoebus-almes