1 / 31

Tor

Tor. Bruce Maggs relying on materials from http://www.torproject.org. How Tor Works. (directory server). How Tor Works. Encryption Keys in TOR. Each relay has a long-term ``identity’’ public/private key pair used to sign TLS certificates (public keys signed by directory)

waiello
Download Presentation

Tor

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tor Bruce Maggs relying on materials from http://www.torproject.org

  2. How Tor Works (directory server)

  3. How Tor Works

  4. Encryption Keys in TOR • Each relay has a long-term ``identity’’ public/private key pair used to sign TLS certificates (public keys signed by directory) • Medium-term (one week) public/private ``onion’’ keys are used to decrypt requests to extend circuits – so first node can’t spoof the whole path. These keys are deleted so that if relay is compromised, old traffic can’t be decrypted. • Short-term “connection” or “ephemeral” shared private keys are used to encrypt connections.

  5. How Tor Works

  6. Bridge Relays (a.k.a. Bridges) • Some ISPs/governments block all traffic to relays that appear in the Tor directory. • Bridges are relays that don’t appear in the directory. • User has to solve the problem of finding a bridge.

  7. Solve a Captcha to get Bridge Address

  8. Growth of Tor Network

  9. Growth of Tor Network

  10. Spike in Number of Users

  11. Possible Explanation for Spike • Botnet “Mevade.A” a.k.a. “Sefnit” a.k.a. “SBC” is using Tor for connectivity • http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-overload/

  12. Tor Exit Nodes See Plaintext! http://archive.wired.com/politics/security/news/2007/09/embassy_hacks?currentPage=all

  13. Timing Attacks • Attacker controls both an entry node and an exit node (or routers nearby) • Attacker controls inter-packet delays or throughput as traffic enters an entry node • Attacker looks for same pattern at exit node

  14. Tor Browser

  15. Tor Browser

  16. Tor-Aware Web Servers Connect directly to Tor, do not advertise their network addresses.

  17. Establishing a Hidden Service

  18. Establishing a Hidden Service

  19. Finding a Hidden Service

  20. Contacting a Hidden Service

  21. Contacting a Hidden Service

  22. Communicating with a Hidden Service

  23. Using Tor as a SOCKS5 Proxy • Can tunnel any TCP connection through Tor (and DNS requests) • First run the Tor browser, it will also act as a SOCKS5 proxy and accept connections • Configure your application, e.g., chat, to use 127.0.0.1 as SOCKS5 proxy

  24. Configure HexChat to use Proxy

  25. Now Chatting through Tor

  26. 4

More Related