jos e-paul dominguez { timide - securimag · client message proxy server client 3 3 3 3 proxy 3 3 3...
TRANSCRIPT
![Page 1: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/1.jpg)
inside your onion
Jose-Paul Dominguez – timideconcat [first :: String, “.”, last :: String, “@e.ujf-grenoble.fr”]
securimag
March 10, 2016
1 / 19
![Page 2: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/2.jpg)
Briefly
“The Second-Generation Onion Router”paper by Roger Dingledine, Nick Mathewson, Paul Syverson
Usenix Security 2004awarded at Usenix Security 2014
2 / 19
![Page 3: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/3.jpg)
Key actors
Figure: Roger DingledineImage: Wikipedia / Tobias Klenze / CC-BY-SA 3.0
3 / 19
![Page 4: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/4.jpg)
Key actors
Figure: Jacob AppelbaumImage: Wikipedia / Tobias Klenze / CC-BY-SA 3.0
3 / 19
![Page 5: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/5.jpg)
Key actors
Many others:
I Nick Mathewson
I Paul Syverson
I https://www.torproject.org/about/corepeople.html
3 / 19
![Page 6: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/6.jpg)
Basically
I anonymity system
I decentralized
I free in code, free to use
4 / 19
![Page 7: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/7.jpg)
“Features”
I user anonymization
I hidden services
5 / 19
![Page 8: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/8.jpg)
Anonymous? You don’t say.
At least improve you privacy and security on the Internet:
I hide you behind a node which will execute requests for you
I hide you from this very node
I without being in control of these
Using one node:
Client Proxy Server
Client message Proxy Server
Client 3 3 3 3
Proxy 3 3 3 3
Server 7 3 3 3
6 / 19
![Page 9: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/9.jpg)
Anonymous? You don’t say.
At least improve you privacy and security on the Internet:
I hide you behind a node which will execute requests for you
I hide you from this very node
I without being in control of these
Using one node:
Client Proxy Server
Client message Proxy Server
Client 3 3 3 3
Proxy 3 3 3 3
Server 7 3 3 3
6 / 19
![Page 10: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/10.jpg)
Anonymous? You don’t say.
At least improve you privacy and security on the Internet:
I hide you behind a node which will execute requests for you
I hide you from this very node
I without being in control of these
Using one node:
Client Proxy Server
Client message Proxy Server
Client 3 3 3 3
Proxy 3 3 3 3
Server 7 3 3 3
6 / 19
![Page 11: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/11.jpg)
Let’s see with 2 nodes
Client R1 R2 Server
Client message R1 R2 Server
Client – 3 3 3 3
R1 3 7 – 3 7
R2 7 3 3 – 3
Server 7 3 7 3 –
This pattern becomes interesting but what if an entity is in controlof R1 and/or R2?
7 / 19
![Page 12: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/12.jpg)
Let’s see with 2 nodes
Client R1 R2 Server
Client message R1 R2 Server
Client – 3 3 3 3
R1 3 7 – 3 7
R2 7 3 3 – 3
Server 7 3 7 3 –
This pattern becomes interesting but what if an entity is in controlof R1 and/or R2?
7 / 19
![Page 13: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/13.jpg)
Let’s see with 2 nodes
Client R1 R2 Server
Client message R1 R2 Server
Client – 3 3 3 3
R1 3 7 – 3 7
R2 7 3 3 – 3
Server 7 3 7 3 –
This pattern becomes interesting but what if an entity is in controlof R1 and/or R2?
7 / 19
![Page 14: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/14.jpg)
Key exchange and layered encryptionClient R1 R2 R3 Server
key exchange: K1
key exchange: K2
key exchange: K3
EK1( EK2
( EK3( request ) ) )
EK2( EK3
( request ) )
EK3( request )
request
response
EK3( response )
EK2( EK3
( response ) )
EK1( EK2
( EK3( response ) ) )
8 / 19
![Page 15: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/15.jpg)
Key exchange and layered encryptionClient R1 R2 R3 Server
key exchange: K1
key exchange: K2
key exchange: K3
EK1( EK2
( EK3( request ) ) )
EK2( EK3
( request ) )
EK3( request )
request
response
EK3( response )
EK2( EK3
( response ) )
EK1( EK2
( EK3( response ) ) )
8 / 19
![Page 16: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/16.jpg)
Key exchange and layered encryptionClient R1 R2 R3 Server
key exchange: K1
key exchange: K2
key exchange: K3
EK1( EK2
( EK3( request ) ) )
EK2( EK3
( request ) )
EK3( request )
request
response
EK3( response )
EK2( EK3
( response ) )
EK1( EK2
( EK3( response ) ) )
8 / 19
![Page 17: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/17.jpg)
Network overview
9 / 19
![Page 18: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/18.jpg)
Network overview
9 / 19
![Page 19: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/19.jpg)
Terminology
I R1: entry relay / guard node
I R2: relay
I R3: exit relay
I (R1, R2, R3): path
I family: common organization, group
10 / 19
![Page 20: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/20.jpg)
How the hell find a path?
Directory Authorities:
I hardcoded
I maintain a list of running relays
I publish a consensus once per hour containing Tor relays
I assign flags to relays
I client path: entry guard, relay and exit node of differentfamilies
11 / 19
![Page 21: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/21.jpg)
How the hell find a path?
Directory Authorities:
I hardcodedI currently 10 DA hardcodedI defined in src/or/config.c1:
static const char ∗ default authorities []
I maintain a list of running relays
I publish a consensus once per hour containing Tor relays
I assign flags to relays
I client path: entry guard, relay and exit node of differentfamilies
1https://gitweb.torproject.org/tor.git/tree/src/or/config.c11 / 19
![Page 22: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/22.jpg)
How the hell find a path?
Directory Authorities:
I hardcoded
I maintain a list of running relays
I publish a consensus once per hour containing Tor relaysI assign flags to relays1
I RunningI position: {Guard, Exit, BadExit}I etc.
I client path: entry guard, relay and exit node of differentfamilies
1https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt11 / 19
![Page 23: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/23.jpg)
How the hell find a path?
Directory Authorities:
I hardcoded
I maintain a list of running relays
I publish a consensus once per hour containing Tor relays
I assign flags to relaysI client path: entry guard, relay and exit node of different
familiesI kept while TCP stream is up: avoid profilingI reuse path for new TCP streams for 10 minutesI build another one in case of circuit failure
11 / 19
![Page 24: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/24.jpg)
How the hell find a path?
Directory Authorities:
I hardcoded
I maintain a list of running relays
I publish a consensus once per hour containing Tor relays
I assign flags to relaysI client path: entry guard, relay and exit node of different
familiesI Guard flag given by DAsI election based on different properties: bandwidth, uptime,
total time etc.I no longer a middle relay
11 / 19
![Page 25: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/25.jpg)
Tor bridges and pluggable transports
I can be used in case of relays or DAs censorship
I basically encapsulate Tor protocol between client and first hop
I FTE(-IPv6), SSH, meek etc.
I publically distributed bridges
I secret bridges
I very easy to set up
12 / 19
![Page 26: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/26.jpg)
DNS leaks
I applications try to resolve hostnames
I client IP and requested service leakage
I SOCKS4, SOCKS5 use IP adresses
I SOCKS4a uses hostnames
Solutions:
I resolve manually using tor-resolve
I “use remote DNS”
I use a wrapper
I use a Transparent Proxy
I use an Isolating Proxy
13 / 19
![Page 27: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/27.jpg)
DNS leaks
I applications try to resolve hostnames
I client IP and requested service leakage
I SOCKS4, SOCKS5 use IP adresses
I SOCKS4a uses hostnames
Solutions:
I resolve manually using tor-resolve
I “use remote DNS”
I use a wrapper
I use a Transparent Proxy
I use an Isolating Proxy
13 / 19
![Page 28: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/28.jpg)
DNS leaks
I applications try to resolve hostnames
I client IP and requested service leakage
I SOCKS4, SOCKS5 use IP adresses
I SOCKS4a uses hostnames
Solutions:
I resolve manually using tor-resolve
I “use remote DNS”
I use a wrapper
I use a Transparent Proxy
I use an Isolating Proxy
13 / 19
![Page 29: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/29.jpg)
Hidden services
I services accessibles via a .onion URL
I Let’s Encrypt is trying to provide VALID certsfor .onions
I Facebook now have a hidden service
I .onion hostname = hash of hidden service public key
14 / 19
![Page 30: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/30.jpg)
Rendezvous points
15 / 19
![Page 31: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/31.jpg)
Rendezvous points
15 / 19
![Page 32: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/32.jpg)
Rendezvous points
15 / 19
![Page 33: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/33.jpg)
Rendezvous points
15 / 19
![Page 34: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/34.jpg)
Rendezvous points
15 / 19
![Page 35: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/35.jpg)
Rendezvous points
15 / 19
![Page 36: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/36.jpg)
Tools
I torify
I Tor Browser Bundle
I Tor Messenger
I Ricochet
I Orbot
16 / 19
![Page 37: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/37.jpg)
Security concerns
I Tor does not protect against traffic analysis
I correlations may be found
I “Using BGP to Compromise Tor” paper
17 / 19
![Page 38: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/38.jpg)
’kthx
![Page 39: Jos e-Paul Dominguez { timide - Securimag · Client message Proxy Server Client 3 3 3 3 Proxy 3 3 3 3 Server 7 3 3 3 6/19. Anonymous? You don’t say. At least improve you privacy](https://reader030.vdocuments.us/reader030/viewer/2022040303/5e8b8ac2b43df718db05cb89/html5/thumbnails/39.jpg)
References
I Tor 2004 paper: https://svn.torproject.org/svn/
projects/design-paper/tor-design.pdf
I Tor’s protocol specifications:https://gitweb.torproject.org/torspec.git/tree/
19 / 19