tor and timing attacks
Download
Skip this Video
Download Presentation
Tor and Timing Attacks

Loading in 2 Seconds...

play fullscreen
1 / 16

Tor and Timing Attacks - PowerPoint PPT Presentation


  • 88 Views
  • Uploaded on

Tor and Timing Attacks. An attack within the accepted attacker model. Onion Routing 2 A real system for users Only true antecedent was ZKS’s Freedom Network A variety of system enhancements PFS, congestion control, directory servers, etc. Onion Routing. Initiator-chosen paths

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Tor and Timing Attacks' - conan-ashley


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
tor and timing attacks

Tor and Timing Attacks

An attack within the accepted attacker model

slide2
Onion Routing 2
    • A real system for users
      • Only true antecedent was ZKS’s Freedom Network
    • A variety of system enhancements
      • PFS, congestion control, directory servers, etc.
onion routing
Onion Routing
  • Initiator-chosen paths
    • Instead of flipping a coin, the Initiator chooses the entire path and builds an onion. IàXàYàZàR
    • Layered encryption of data using the public key of each proxy in the path.

{Z,{R,data}Kz+}Ky+

{Y,{Z,{R,data}Kz+}Ky+}Kx+

{R,data}Kz+

data

  • Sending the onion
  • I àX: {Y,{Z,{R,data}Kz+}Ky+}Kx+
  • XàY: {Z,{R,data}Kz+}Ky+
  • YàZ: {R,data}Kz+
  • ZàR: data
tor goals
Tor Goals
  • Deployability
    • Cannot be too expensive
    • Cannot be too troublesome or risky
    • Cannot require websites to run something different
  • Usability
  • Flexibility (& Good Specs)
  • Simple Design
attack model
Attack Model
  • What is the Tor Attack Model?
  • Why is the model important?
timing attacks

17 ms

12 ms

Timing Attacks
  • Timings say if they’re on the same path
  • “Firstness” & “Lastness” can be determined
    • Why?

R

X

Y

I

A1

A2

a timing attack
A Timing Attack
  • Danezis 2004
  • Model: Global Passive Eavesdropper
  • Idea
    • Gather timings of packets at all end points (entry and exit points)
    • Given a set of entry timings, produce a model of the exit timings. Look for a match.
  • Result: Attacker obtains many correct matches
another timing attack
Another Timing Attack
  • Levine, et al., 2004
  • Model: Substantial % of Tor servers (e.g. 10%)
    • Passive, in a sense
  • Idea
    • See 2 slides ago
    • Handle errors gracefully
    • Repeat for many rounds
  • Result: Attacker can get many good matches over time
a note on the tor paper
A Note On the Tor Paper
  • A Gold Mine!
    • 28 different attacks
    • 15 Open Questions
    • 9 Future Directions
  • Problem Selection
    • Is it interesting?
    • How hard a question?
    • Rough guesses?
low cost traffic analysis of tor
Low-Cost Traffic Analysis of Tor
  • Murdoch & Danezis, Oakland ‘05
  • A novel attack
    • within Tor’s attack model
  • Key features under attack
    • Low-latency communication
    • Ease of entry & ability to use the system
m d attack model
M&D Attack Model
  • What is it?
  • How does it compare to prior models we have discussed?
  • Is it realistic?
  • Can it be stopped?
the attack setup
The Attack Setup

Init.

Resp.

T1

T2

T3

A

the attack idea
The Attack Idea
  • Tor uses Round Robin sending
    • each stream gets a turn
    • If a stream has no packets, it gets skipped
  • Imagine node T2 has just two streams
    • A and Initiator
    • A is always on
    • What happens when Initiator sends a pkt?
testing the attack
Testing the Attack
  • Set up a “victim”
  • Set up the attack server
  • Probes
  • Correlation?
results
Results
  • Some success
    • Usually higher correlation w/ pattern
  • Limits
    • Some failure
    • Not clear where to set a dividing line
  • Enhancements Possible
defenses
Defenses
  • Cover traffic
    • Just filling the links is no good
    • Lots of traffic required?
  • Delay
    • perfect interference
    • non-interference
ad