The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor....

40
Tor The Onion Router

Transcript of The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor....

Page 1: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor !

The Onion Router

Page 2: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor

Page 3: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor• A way to use the internet ‘securely'.

Page 4: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor• A way to use the internet ‘securely'.

• Secure meaning:

Page 5: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor• A way to use the internet ‘securely'.

• Secure meaning:

• Privacy

Page 6: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor• A way to use the internet ‘securely'.

• Secure meaning:

• Privacy

• Anonymity

Page 7: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor• A way to use the internet ‘securely'.

• Secure meaning:

• Privacy

• Anonymity

• Censorship circumvention

Page 8: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Most common use of Tor:

Page 9: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Who uses Tor?

Page 10: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Who uses Tor?

• Journalists

• Dissidents

• ‘Normal people’

Page 11: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Who uses Tor?

• Journalists

• Dissidents

• ‘Normal people’

Page 12: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Who uses Tor?

• Journalists

• Dissidents

• ‘Normal people’

Page 13: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Who uses Tor?

• Journalists

• Dissidents

• ‘Normal people’

Page 14: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor usage often correlates with political events:

Page 15: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

How Tor works

Page 16: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

How Tor works

Page 17: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor circuit• Alice knows everything

• The individual Tor nodes know (almost) nothing

• Circuit is valid for 10 minutes

• Bob is exposed

Page 18: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor Hidden Services

Page 19: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor Hidden Services1. Bob creates a public key

Page 20: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor Hidden Services1. Bob creates a public key

2. Bob creates a circuit and publishes it as his Introduction Point

Page 21: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor Hidden Services1. Bob creates a public key

2. Bob creates a circuit and publishes it as his Introduction Point

3. Alice creates a circuit to a Rendezvous Point

Page 22: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor Hidden Services1. Bob creates a public key

2. Bob creates a circuit and publishes it as his Introduction Point

3. Alice creates a circuit to a Rendezvous Point

4. Alice creates a circuit to the IP and tells Bob about the RP

Page 23: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Tor Hidden Services1. Bob creates a public key

2. Bob creates a circuit and publishes it as his Introduction Point

3. Alice creates a circuit to a Rendezvous Point

4. Alice creates a circuit to the IP and tells Bob about the RP

5. Alice and Bob meet at the RP

Page 24: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Bob

IP

AliceRP

Page 25: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Bob

IP

AliceRP

Page 26: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Bob

IP

AliceRP

Page 27: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Bob

IP

AliceRP

Page 28: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

BobAlice

Page 29: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Attacks against Tor

Page 30: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Attacks against Tor• Correlation attack by:

Page 31: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Attacks against Tor• Correlation attack by:

• Being (un)lucky

Page 32: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Attacks against Tor• Correlation attack by:

• Being (un)lucky

• Prevention by many non-adversarial nodes

Page 33: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Attacks against Tor• Correlation attack by:

• Being (un)lucky

• Prevention by many non-adversarial nodes

• Sybil attack

Page 34: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Attacks against Tor• Correlation attack by:

• Being (un)lucky

• Prevention by many non-adversarial nodes

• Sybil attack

• Prevention by directory authorities

Page 35: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Attacks against Tor

Page 36: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

• Censorship, e.g. in China, Iran and Kazakhstan

Attacks against Tor

Page 37: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

• Censorship, e.g. in China, Iran and Kazakhstan

• Circumvention by bridges

Attacks against Tor

Page 38: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

• Censorship, e.g. in China, Iran and Kazakhstan

• Circumvention by bridges

• Private bridges

Attacks against Tor

Page 39: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

• Censorship, e.g. in China, Iran and Kazakhstan

• Circumvention by bridges

• Private bridges

• Meek bridges (Google, Amazon, Microsoft)

Attacks against Tor

Page 40: The Onion Routerhomepages.cwi.nl/.../2014/presentations/Remi_Tor.pdf · Tor! The Onion Router. Tor. Tor ... Tor Hidden Services 1. Bob creates a public key 2. Bob creates a circuit

Demo


Anonymous Network Concepts & Implementation · forensicinsight.org Page 9 Implemented Anonymous Network - Tor The Tor (the Onion Routing) at a glance Tor network consists of many

Anonymous Network Concepts & Implementation · forensicinsight.org Page 9 Implemented Anonymous Network - Tor The Tor (the Onion Routing) at a glance Tor network consists of many

COMPARATIVE ANALYSIS OF LOW LATENCY ANONYMOUS ... · cryptography to securing a communication channel, ... which onion routers download registry data. Joining TOR network using onion

COMPARATIVE ANALYSIS OF LOW LATENCY ANONYMOUS ... · cryptography to securing a communication channel, ... which onion routers download registry data. Joining TOR network using onion

How Do Tor Users Interact With Onion Services? · Despite extra security and privacy properties of onion services, many users are confronted with usability issues Susceptibility of

How Do Tor Users Interact With Onion Services? · Despite extra security and privacy properties of onion services, many users are confronted with usability issues Susceptibility of

Provably Secure and Practical Onion RoutingThe onion routing network Tor is undoubtedly the most widely employed technology for anony-mous web access. Although the underlying onion

Provably Secure and Practical Onion RoutingThe onion routing network Tor is undoubtedly the most widely employed technology for anony-mous web access. Although the underlying onion

The onion routing network(tor)

The onion routing network(tor)

Tor (The Onion Router)

Tor (The Onion Router)

Tor Deepweb Links 2016 .onion

Tor Deepweb Links 2016 .onion

TOR: The Onion Router

TOR: The Onion Router

PROTECTING PRIVACY USING TOR · 2018-10-03 · VoIP Voice over IP Tor The Onion Router TLS Transport Layer Security OR Onion Router ... research, look for news and weather forecasts,

PROTECTING PRIVACY USING TOR · 2018-10-03 · VoIP Voice over IP Tor The Onion Router TLS Transport Layer Security OR Onion Router ... research, look for news and weather forecasts,

Congestion-aware Path Selection for Tor - Cypherpunks › ~iang › pubs › Congestion_Aware_FC12.pdf · 2 Tor Background Tor is the third-generation onion routing design providing

Congestion-aware Path Selection for Tor - Cypherpunks › ~iang › pubs › Congestion_Aware_FC12.pdf · 2 Tor Background Tor is the third-generation onion routing design providing

Tor – The Onion Router

Tor – The Onion Router

How Do Tor Users Interact with Onion Services? - arxiv.org · use, and manage onion services. Our work confirms and extends previous findings on Tor Browser users’ mental models

How Do Tor Users Interact with Onion Services? - arxiv.org · use, and manage onion services. Our work confirms and extends previous findings on Tor Browser users’ mental models

Provably Secure and Practical Onion Routingiang/pubs/UC-OR.pdf · Abstract—The onion routing network Tor is undoubtedly the most widely employed technology for anonymous web access.

Provably Secure and Practical Onion Routingiang/pubs/UC-OR.pdf · Abstract—The onion routing network Tor is undoubtedly the most widely employed technology for anonymous web access.

Namecoin for Tor Onion Service Naming (And Other … · Intermediate proxy Tor Browser → Naming SOCKS5 proxy → Tor SOCKS5 proxy Tricky to do safely due to stream isolation –

Namecoin for Tor Onion Service Naming (And Other … · Intermediate proxy Tor Browser → Naming SOCKS5 proxy → Tor SOCKS5 proxy Tricky to do safely due to stream isolation –

Onion Routing - ERNET · Responder sends reply onion to onion routing proxy Z. Z peel off a layer. Gets the key seed intended for itself and an onion to be passed to Y. ... Tor Decoy

Onion Routing - ERNET · Responder sends reply onion to onion routing proxy Z. Z peel off a layer. Gets the key seed intended for itself and an onion to be passed to Y. ... Tor Decoy

Inside Job: Applying Traffic Analysis to Measure Tor from ... · • Tor website fingerprinting on onion services Use traffic patterns to guess specific webpage accessed Destination

Inside Job: Applying Traffic Analysis to Measure Tor from ... · • Tor website fingerprinting on onion services Use traffic patterns to guess specific webpage accessed Destination

How Do Tor Users Interact with Onion Services?...Figure 2: Tor Browser 7.0.10’s user interface on Windows 10 when accessing the Tor Project website via a conventional domain and

How Do Tor Users Interact with Onion Services?...Figure 2: Tor Browser 7.0.10’s user interface on Windows 10 when accessing the Tor Project website via a conventional domain and

The Onion Router (Tor): Onion Encryption Served Three Ways€¦ · Tor seeks to frustrate attackers from linking communication part-ners, or from linking multiple communications to

The Onion Router (Tor): Onion Encryption Served Three Ways€¦ · Tor seeks to frustrate attackers from linking communication part-ners, or from linking multiple communications to

Tor “The Onion Router”

Tor “The Onion Router”

Protocols for anonymity - School of Informatics · Onion routing [R. Dingledine, N. Mathewson, and P. F. Syverson: \Tor: The Second-Generation Onion Router", USENIX Security Symposium

Protocols for anonymity - School of Informatics · Onion routing [R. Dingledine, N. Mathewson, and P. F. Syverson: \Tor: The Second-Generation Onion Router", USENIX Security Symposium