• Abstract and Figures
• Public Full-text

Privacy Through Anonymous Connection and Browsing

A Survy Report for PhD Oral Exam

ABDELHAMID ELGZIL

University of Colorado at Colorado Springs [email protected]

Abstract— The intention of this paper is to discuss privacy and anonymity as one of the major security concerns in today’s internet communication. The work is to provide information about two example technologies that paly major role in enhancing and tightening the users (individuals or organizations) privacy and anonymity rights. These technologies are The TOR project and Virtual Private Network (VPN). Furthermore, we discuss some of the encryption methods that are used in the two example technologies mentioned above.

Keywords—Anonymity, Encryption, Privacy, TOR, VPN, SSL, SSH, AES

I. INTRODUCTION

Now days, with the rapid advancement of information technology, the privacy and anonymity are becoming a big concern for individuals and organizations. Both government and private companies are able to monitor and track almost everyone activities online. “With more and more of our lives moving online, these intrusions have devastating implications for our right to privacy. But more than just privacy is threatened when everything we say, everywhere we go, and everyone we associate with are fair game” [15]. It is concerned how the collected information could be used by both government and corporation in a way that will lead to more control and behavioral prediction.

That being said, this work examines two technologies that help internet users achieve a great deal of privacy protection through anonymous browsing and connection. These technologies are:

1 A. The Onion Router (TOR) project for anonymous browsing According to TOR project website “The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection”. Users (communicating parties), using TOR, can keep their identity anonymous against tracking and censorship technology.

B. VPN connection A virtual private network (VPN) is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures.

II. THE PROBLEM

With the ever evolving information technology, people and organizations are getting more and more concerned about improving their privacy and security on the Internet. Which lead software developers to build new communication tools with built-in privacy features. These applications should help organizations and individuals to share information over public networks without compromising their privacy. Nowdays, internet users are inclined towards using TOR to protect theirs privacy while browsing the internet, to get connected to news sites, using instant messaging services, or avoid geo-blacking. Using Tor's hidden services, users can publish web sites and other services without exposing the location of the site. Users with special need also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.[21]

TOR, a $2 million per year nonprofit consisting of 30 developers spread out over 12 countries, is making a concerted increase effort to put powerful, free, and simple privacy tools into the hands of everyone. It's also, for instance, developing an anonymous instant messenger to go along with its browser software.[22] Tor is also the solution, when it comes to protecting against traffic analysis, a common form of Internet surveillance. Traffic analysis can be used to find who is talking to whom over a public network. Using the source and destination information of someone Internet traffic can lead to track the user behavior and interests, even if the connection is encrypted. [22]

2 While TOR offers browsing anonymous, VPN is an additional optione to gain an tightened anonymity protection and hiding using of TOR as a communication tool and enable its use in geoblocked regions. TOR does not guarantee a complete anonymity, because it focus only on protecting the transfer of data. In addition, the user might need to use specific sotware to prevent the visted sites from revealing his identity information. This why its recommended to ad an additonal layer of protection which can be achieved by using anonymous VPN connection such as Airvpn.

The Airvpn offers a VPN service that enables the users to send and receive data through a dedicated nodes (VPN servers) as if the transferred data were part of the VPN. This is accomplished by using encrypted point-to-point Open VPN connection. In addition, every transferred package gets authenticated by both user (client) and the VPN network nodes (servers). That way no one in between, not even the user’s internet service provder (ISP), can see the transferred data.

III. THE ISSUE OF PRICAVY AND ANANYMITY

With the rapid and ever evolving advancement of information technology, individuals and businesses are getting more productive. Getting things done are becoming more and more convenient and relatively easy. Unfortunately, with all that comes a hefty price in term of privacy and security.

With that in mind, Privacy and anonymity are two different thoughts. They are both progressively essential as we get increasingly monitored and pursued, legally or not, and it’s important to comprehend why they are an integral part of our civil rights – why they are not just valuable to the individual, but absolutely critical to a free society [14].

“Privacy is the ability to keep some things to yourself, regardless of their impact to society. To take a trivial example, I lock the door when I go to the men’s room – not because I’m doing something criminal or plotting to overthrow the government in the men’s room, but simply because I want to keep the activity there to myself.”[14]

There are some circumstances in which the threats against privacy and anonymity happen due to the absen ce of proper technology. Sometimes these threats can occur unintentionally. An example of this are bugs in s

3 oftware that are not exposed and somehow expose information about the identity or data of the users and inte rnet services that do not use proper encryption when offering interaction with users.

Certain techniques utilized by the ISP s can lead to situations in which the user’s data and identity gets c ompromised even if the ISPs’ intentions are focused on bandwidth optimization. Finally, non-educated users can be a threat to themselves by leaking their identity and data voluntarily but unaware of the repercussions. [1]

According to American Civil Liberty Union (ACLU), both governments and corporations are collecting people’s online activities and information. While the governments utilize the collected information to tighten up surveillance and monitoring of people, corporations are making a lot of money by selling the collected information to whoever pays more including to governments. ACLU characterizes this as invasion of privacy that is threatening people’s civil liberty “With more and more of our lives moving online, these intrusions have devastating implications for our right to privacy. But more than just privacy is threatened when everything we say, everywhere we go, and everyone we associate with is fair game. We have seen that surveillance - whether by governments or corporations - chills free speech and free association, undermines a free media, and threatens the free exercise of religion.” [15]

In addition, people and organizations are concerned of their anonymity online. “Many people don't want the things they say online to be connected with their offline identities. They may be concerned about political or economic retribution, harassment, or even threats to their lives. Whistleblowers report news that companies and governments would prefer to suppress; human rights workers struggle against repressive governments; parents try to create a safe way for children to explore; victims of domestic violence attempt to rebuild their lives where abusers cannot follow.”[9]

That being said, many consider anonymity to be the corner stone of the internet culture, for the fact that it is necessary to sharing and free speech “Anonymity is extremely effective in promoting freedom of expression”. [10]

The mainstream of the techniques used to guarantee privacy is related to a combination of encryption and anonymity techniques. The vast majority of anonymity techniques rely on protecting the real identity

4 through a combination of methods that are difficult to trace the origin and destination of the communication channel. Despite the difficulty that encryption mechanisms can include, most of the modern and popular application protocols provide the possibility to establish the connection through secure channels; either through the use of the Transport Secure Layer (TLS), or through the configuration of proxies or socket secure (SOCKS) mechanisms.

There are certain methods to measure the grade of privacy and anonymity. The degree of privacy is mostly linked to the type of encryption utilized and computational capacity avail- able. Different encryption algorithms are currently available, offering certain guarantees for the users. Numerous protocols in the application layer rely on these algorithms as the core of privacy enforcement. [1] Specific examples of this is the use of public-key cryptography [7] and the use of algorithms such as RSA[17] and DSA[18].

In addition, and due to recent media revelations, some applications are moving to new cryptography schemes based on the use of elliptic curve cryptography such as Elliptic Curve Diffie-Hellman (ECDH), Integrated Encryption Scheme (IES) or Elliptic Curve Digital Signature Algorithm (ECDSA).

The main argument behind the use of new cryptography schemes is the suspected evidences concerning the pseudo-random number generators utilized for them, and the possibility of broken cryptography [19]. Further more, the possibility to encapsulate the connections through a SOCKS interface allows the use of routing techniques through anonymous networks that are difficult to trace.

IV. TOR: THE ONION ROUTER NETWORK

According to [2] Tor [11] is an anonymizing overlay network consisting of thousands of volunteer relays that provide forwarding services used by hundreds of thousands of clients. To protect their identity, clients encrypt their messages multiple times before source-routing them through a circuit of multiple relays. Each relay decrypts one layer of each message before forwarding it to the next-hop relay or destination server specified by the client. Without traffic analysis, the client and server are unlinkable: no single node on the communication path can link the messages sent by the client to those received by the server

5 At present, Tor provides an anonymity layer for TCP by carefully constructing a three-hop path (by default), or circuit, through the network of Tor routers using a layered encryption strategy similar to onion routing [12]. Tor clients are responsible for path selection at the overlay layer, and form virtual circuits through the overlay network by selecting three relays from a public list for each: an entry; a middle; and an exit. Once a circuit is established, the client creates streams through the circuit by instructing the exit to connect to the desired external Internet destinations. Each pair of relays communicate over a single onion

Figure 1: Tor Browser routing connection that is built using the Transmission Control Protocol (TCP). The application layer protocols rely on this underlying TCP connection to guarantee reliability and in-order delivery of application data, called cells, between each relay. As a result of using hop-by-hop TCP at the network layer, Tor does not allow relays to drop or re-order cells at the application layer. Streams are multiplexed over circuits, which themselves are multiplexed over connections.[3]

6 It is important to note that only the entrance router can directly observe the originator of a particular request through the Tor network. Also, only the exit node can directly examine the decrypted payload and learn the final destination server. It is infeasible for a single Tor router to infer the identities of both the initiating client and the destination server. To achieve its low-latency objective, Tor does not explicitly re- order or delay packets within the network.[13]

Individual users use Tor to protect themselves or their family members from tracking in Internet, or to get connected to news sites, instant messaging services, or the like when their local Internet providers blocked them. Using Tor's hidden services, users can publish web sites and other services without exposing the location of the site. Users with special need also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.

One of the important target groups using tor is Journalists which need to communicate more safely with whistleblowers and dissidents. Non-governmental organizations (NGOs) also use Tor to allow their workers to connect to their home website while they're in a foreign country. This allow them to have anonymus connection without to notifying everybody nearby that they're working with that organization.

Figure 2: The Tor network’s system architecture

7 Groups such as Indymedia recommend Tor for safeguarding their members' online privacy and security. Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company's patent lawyers?

A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.[22]

Tor is also the solution, when it comes to protect against traffic analysis, a common form of Internet surveillance. Traffic analysis can be used to find who is talking to whom over a public network. Using the source and destination information of someone Internet traffic can lead to track the user behavior and interests, even if the connection is encrypted.

A. How TOR works: Tor allows reducing the risks of both simple and sophisticated traffic analysis by distributing user transactions over several servers on the Internet, so no single point can link user to his destination.

8 Figure 3: How Tor Works - Step 1

“The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you — and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several relays that cover your tracks so no observer at any single point can tell where the data came from or where it's going.”[22]

User's software or client incrementally forms a circuit of encrypted connections through relays on the network, to create a private network pathway with Tor. The circuit is extended one hop at a time, and each relay along the way recognizes only which relay gave it data and which relay it is giving data to. No specific relay ever knows the whole path that a data packet has taken. The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can't trace these connections as they pass through.[22]

To avoid statistical profiling attacks, the default Tor client restricts its choice of entry nodes to a persistent list of three randomly chosen nodes named “entry guards”. For the middle node, the Tor client sorts Tor relays based on their access link bandwidth and randomly selects a relay, with the probability of selection being higher for relays with higher bandwidth. For the selection of the exit node, clients are constrained by the fact that a large fraction of relays choose to not serve as exit nodes. This is because destination servers see the exit node as the computer that communicates with them; if any malicious activity is detected by the destination, it will assume that the exit relay is responsible. Therefore, when selecting an exit node, a client chooses at random (again with bias for higher bandwidth relays) among those relays

9 willing to serve as an exit node for the particular destination that the client is attempting to contact and the particular service with which this communication is associated.[4]

Figure 4: How Tor Works - Step 2

After a Tor circuit has been established, several kinds of data can be exchanged and many different sorts of software applications can be used over the Tor network. In the circuit, each relay sees no more than one hop, which makes it difficult for an eavesdropper, or a compromised relay using traffic analysis to link the connection's source and destination. Tor only works for TCP streams and can be used by any application with SOCKS support.[5] For efficiency, the Tor software uses the same circuit for connections that happen within the same ten minutes or so. Later requests are given a new circuit, to keep people from linking your earlier actions to the new ones.

Figure 5: How Tor Works - Step 3

10 V. AIRVPN

VPN stands for Virtual Private Network. The service extends the private network across the Internet. It enables your client computers to send and receive data across the Internet through dedicated nodes (VPN servers) as in Figure 5.

This way the data will be integrated as part of the private network, achieved through a point-to-point OpenVPN (in routing mode) connection. The connection is encrypted and each packet is authenticated the client and the servers, so that nobody (including ISP) between client computer and the VPN server can see the transmitted data, its origin, its destinations , nor can inject forged packets into transmitted data. The picked encryption cipher meets higher-than-military security requirements. [5] In addition, when the client establishes a point-to-point encrypted connection (often referred to as the tunnel), the data get transmitted through the Internet without any reference to the client’s real IP address. Anybody on the Internet will therefore see the packets as coming from the VPN servers’ exit-IP addresses, not from the real IP address. This way the service guarantees protection against privacy intruders and other malicious entities, such as sniffers in public Wi-Fi hot-spots.[5]

Figure 6: AirVpn Servers

11 The clients need not to configure applications to use the tunnel, because the servers perform a set of route and default gateway pushes that the client accepts. OpenVPN encapsulates your packets inside an UDP or TCP stream, therefore all same or higher layer protocols are supported, making a VPN a profoundly different and highly superior solution to any http or socks proxy.[5] One last thing to note is that the servers are spread around the globe in sixteen countries.

Figure 7: AirVpn Servers Locations around the world

VI. CHALLENGES AND CONTROVERSY

Criminals could take advantage of improved anonymization technology to hide their identities, said analyst Rob Enderle, principal analyst with the Enderle Group, a market research firm. Also, anonymizers aren’t foolproof. For example, if the first and last routers in a system are malicious or compromised, the first router would know the client’s identity and the last router would know the server’s identity, explained Indiana University assistant professor Apu Kapadia. If the same person owns both proxies or if their separate owners communicate, this could break anonymity, he said.[20]

Most open source projects publish enough information about their workings, including node addresses, to let governments or other organizations block traffic from at least some of those nodes, noted Lance Cottrell,

12 the founder and chief scientist of anonymization vendor Anonymizer.

According to Seth Schoen, staff technologist for the Electronic Frontier Foundation, a privacy and Internet-user-rights organization, there is a risk that some single-proxy anonymizer services may log users’ IP addresses. If governments order them to turn over information or hackers break into their servers, users could lose their anonymity.

However, he noted, providing greater security would hurt performance because additional proxies and encryption increase overhead. In fact, performance overhead sometimes causes anonymization to slow users’ Internet access.[20]

Expanding the number of nodes in anonymization systems could be difficult because users serving as nodes will experience a lot of traffic flowing through their computers.

Some ISPs block nodes to control spam. If, in the process, they block those used by anonymizers, James Marshall, an independent consultant and software developer who created CGIProxy, a free Web proxy, said, this would hurt anonymization.

Browser complexity and the need to maintain browsing functionality could help proficient hackers sidestep anonymization, noted Rolf Wendolsky, director of anonymization vendor JonDos. Hackers could accomplish this in some cases, he explained, by exploiting browser plug-ins, JavaScript, cookies, caches, or HTML parsing engines. Analyst Enderle stated, “Anonymizers are wrong- headed.” The technology conceals identities, he said, which makes it attractive to criminals.

The technology’s two biggest marketplace challenges are cultural and legal, according to Cottrell. “The legal challenge is that some countries are outlawing or could decide to prohibit the use of privacy tools and require all Internet providers to keep detailed access records. The cultural issue is the trend toward [openness on the Internet].”

However, proponents say that privacy and the desire to communicate online without fear of identification or government retribution are among the good reasons to use anonymization and that this will drive the technology’s continued development and adoption. Anonymizer, for example, has reported a 20 percent annual growth in its business over the past few years.

13 Marshall predicted that anonymization will have a bright future, with more organizations developing systems as people become aware of its importance. He said, “The demand is there.”[20]

VII. RELATED WORK

A. Advance Encryption System (AES)

B. AirVPN uses a 256 Advance Encryption System (AES) to achieve high level of transferred packages security.

“The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. Encryption converts data to an unintelligible form called ciphertext; decrypting the ciphertext converts the data back into its original form, called plaintext. The AES algorithm is capable of using cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits. ” [23]

C. Secure Socket layer (SSL) Is a cryptographic protocol design to protect the transmission of sensitive information with high level of encryption to guarantee privacy. [6]

D. Secure Shell (SSH) Sometimes known as a secure socket shell, SSH is a Unix based command interface and protocol for securely accessing remote computers, “It is widely used by network administrators to control Web and other kinds of servers remotely. SSH is actually a suite of three utilities - slogin, ssh, and scp - that are secure versions of the earlier UNIX utilities, rlogin, rsh, and rcp. SSH commands are encrypted and secure in several ways”. [16]

VIII. CONCLUSION

It obvious that privacy and security are interconnected, it is almost impossible to achieve one without the other. It is also important that people and organizations need to have some level of anonymity.

Yes, anonymity can be abused by some people, but that should not be an excuse to dismiss the need for it. Both privacy and anonymity are important in today’s information technology driven world. In addition, w

14 ith more or organizations developing systems as users start to be aware of privacy and anonymity impacts, thi s will have positive economic outcomes.

IX. PROPOSED WORK

In my PhD dissertation, I proposed to work on the following four research tasks to enhance performance of TOR networks. a) Create TOR Emulator by leveraging Software-defined networking (SDN) Create TOR as anonymous network using software defined networking (SDN). Although it’s still not that widely used, however, it seems like it will be in the future. It could be a valuable toolkit for understanding Tor’s security and performance. It could allow researchers to perform significant experiments that realistically reproduce many of the main features of the TOR network, including Tor client traffic and Tor router relays, on a dedicated emulator that requires minimal hardware and inexpensive [8].--

b) Smart packet marking techniques to efficientlt? correctly? trace the packet path within TOR network Tracing of Tor streams carried by test instrumented exit nodes to reveal the IP address of Tor users. ].-- c) How to utilize SDN controller in cloud to detect the using of VM as a TOR relay, by analyzing the chracteristics of TOR relay in virtuallizied envirment. ].-- d) Using TOR bridges or TOR proxy to hide the intention to connect to TOR (prevent others to detect your using of TOR) ].--

References

[1] Yanes, Adrian. Privacy and Anonymity. arXiv preprint arXiv:1407.0423 (2014)

[2] Jansen, R., Bauer, K. S., Hopper, N., & Dingledine, R. Methodically Modeling the Tor Network. In CSET (2012).

15 [3] Jansen, R., Tschorsch, F., Johnson, A., & Scheuermann, B. (2014). The sniper attack: Anonymously deanonymizing and disabling the Tor network. OFFICE OF NAVAL RESEARCH ARLINGTON VA (2014).

[4] Akhoondi, M., Yu, C., & Madhyastha, H. V. LASTor: A low-latency AS-aware Tor client. In Security and Privacy (SP), 2012 IEEE Symposium on (pp. 476-490). IEEE (2012).

[5] Air VPN, “What is a vpn”. [Online]. Available: https://airvpn.org/faq/what_is/

[6] Netcraft. (213), “SSL: intercepted today, decrypted tomorrow”. [Online]. Available: http://news.netcraft.com/archives/2013/06/25/ssl-intercepted-today-decrypted-tomorrow.html

[7] J.Callas,L.Donnerhacke,H.Finney,D.Shaw,andR.Thayer.OpenPGP Message Format. RFC 4880

(Proposed Standard), November 2007. Updated by RFC 5581.

[8] Kevin B., Micah S., Damon M., and Dirk G. ExperimenTor: A Testbed for Safe and Realistic Tor Experimentation. 4th USENIX Workshop on Cyber Security Experimentation and Test (2011).

[9] Electronic Frontier Foundation, “Ananymity”. [Online]. Available: https://www.eff.org/issues/anonymity

[10] Karina Rigby. (1995), “Anonymity on the Internet Must be Protected”. [Online]. Available: http://groups.csail.mit.edu/mac/classes/6.805/student-papers/fall95-papers/rigby-anonymity.html

[11] Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium. (August 2004)

[12] Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Proceedings of Information Hiding: First International Workshop, Springer-Verlag, LNCS 1174 (May 1996)

[13] McCoy, Damon, et al. "Shining light in dark places: Understanding the Tor network." Privacy Enhancing Technologies. Springer Berlin Heidelberg, 2008.

[14] Rick Falkvinge. (2013), “How Does Privacy Differ From Anonymity, And Why Are Both Important?”. [Online]. Available: https://www.privateinternetaccess.com/blog/2013/10/how-does-privacy-differ- from-anonymity-and-why-are-both-important/

[15] American Civil Liberities Union, “Internet Privacy” [Online]. Available: https://www.aclu.org/technology-and-liberty/internet-privacy

[16] M. Rouse. (2005), “Secure Sell (SSH)”. [Online]. Available: http://searchsecurity.techtarget.com/definition/Secure-Shell

16 [17] J. Jonsson and B. Kaliski. Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1. RFC 3447 (Informa- tional), February 2003.

[18] National Institute of Standards and Technology. FIPS PUB 180-1: Secure Hash Standard. April 1995. Supersedes FIPS PUB 180 1993 May 11.

[19] D. Shumow and N. Ferguson. On the possibility of a back door in the NIST SP800-90 dual Ec prng. 2007.

[20] Neal Leavitt. (2009), “Anonymization Technology Takes a High Profile”. [Online]. Available: http://www.leavcom.com/pdf/Anonymization.pdf

[21] P. H. O’Niel. (2014), “Tor is building an anonymous instant messanger” [Online]. Available: http://www.dailydot.com/technology/tor-instant-messaging-bundle/

[22] TOR Project. (2014), [Online]. Available: https://www.torproject.org/about/overview.html.en

[23] National Institute of Standards and Technology (NIST). (2001), "Announcing the ADVANCED ENCRYPTION STANDARD (AES)". Federal Information Processing Standards Publication 197. [Online]. Available: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

17

Load more

  17

Copy Link