MTAT.07.017 Applied Cryptography

The Onion Router (Tor)

University of Tartu

Spring 2019

1 / 17 Tor

“Tor is a software for enabling online anonymity and censorship resistance. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis.” https://en.wikipedia.org/wiki/Tor_(anonymity_network)

2 / 17 Tor

• No single node knows the entire path!

3 / 17 Onion Routing

• Data received by router A:

• Ea(b, Eb(c, Ec (dest, m))) • Data received by router B:

• Eb(c, Ec (dest, m)) • Data received by router C:

• Ec (dest, m)

4 / 17 Tor Nodes

5 / 17 Attacks: Correlation Attack

• End-to-end correlation • Malicious relays

6 / 17 GCHQ attacks on Tor

https://archive.org/details/spiegel_-_media-35538 • How many Tor nodes run by GCHQ/NSA? • Tor nodes: https://torstatus.blutmagie.de/ 7 / 17 Attacks: Malicious Exit Node

• Sniffing • WikiLeaks • Man-in-the-middle attacks • “Spoiled Onions: Exposing Malicious Tor Exit Relays”

8 / 17 Attacks: Malicious Exit Node

9 / 17 Attacks: Deanonymization • Browser fingerprinting • IP leakage through DNS requests • Malicious Java applets • Client-side exploits • Tor Browser Bundle

10 / 17 Tor Hidden Services

Reachable using .onion address (e.g., duskgytldkxiuqc6.onion)

11 / 17 Tor Hidden Services (setup)

# apt install tor

# cat /etc/tor/torrc | grep HiddenService HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:80

# /etc/init.d/tor restart

# cat /var/lib/tor/hidden_service/private_key -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQC1+cMw5yIBE6AqBVaQdQZwoLOedUqxT +xvJ8i+HPSYHqWJYHtSP816zvoVeIHLrVk8GBMJEXv346 ...

# cat /var/lib/tor/hidden_service/hostname c357h6fa4m5zmj4f.onion

• Cheapest way to setup a web server • No need to run the service over TLS

12 / 17 TorChat (Instant Messenger)

$ sudo apt install torchat $ torchat

13 / 17 TorChat Protocol

1. ping nwtuvtf4sidu6mlf 87656434567876 4. pong 4566885558874

Tor network

2. ping c357h6fa4m5zmj4f 4566885558874 nwtuvtf4sidu6mlf.onion 3. pong 87656434567876 c357h6fa4m5zmj4f.onion

• Two connections: • Outgoing connection to send data • Incomming connection to receive data • Handshake process authenticates incomming connections • Commands (command separator – newline character): • message – UTF-8 encoded message • status – available, away or xa • add me – request addition to buddy list • profile name – name in the buddy list 14 / 17 Task: TorChat – 5p Implement TorChat client compatible with official TorChat client: $ python torchat.py --myself c357h6fa4m5zmj4f --peer j2ko25d2vxxbvz6p [+] Connecting to peer j2ko25d2vxxbvz6p [+] Sending: ping c357h6fa4m5zmj4f 851513207851584792331050 [+] Listening... [+] Client 127.0.0.1:49774 [+] Received: ping j2ko25d2vxxbvz6p 42761992853613398731444213003309669106032392027432419123351845788177006994129 [+] Received: pong 851513207851584792331050 [+] Sending: pong 42761992853613398731444213003309669106032392027432419123351845788177006994129 [+] Received: client TorChat [+] Received: version 0.9.9.553 [+] Received: profile_name Bob [+] Received: status available [+] Sending: add_me [+] Sending: status available [+] Sending: profile_name Alice [+] Received: status available [+] Received: message Who are you, Alice? [?] Enter message: I am your friend. [+] Sending: message I am your friend. [+] Received: status available [+] Received: status available [+] Received: status available

15 / 17 Task: TorChat • Setup Tor hidden service for port 11009 (redirected to 127.0.0.1:8888) • Connect to peer’s .onion address on port 11009 and send ping command with random cookie • Cookie must be random decimal number with 128-bit entropy • Listen on 127.0.0.1:8888 for peer’s connect-back • Check if the cookie in peer’s pong command matches the cookie you sent • Send pong command with peer’s cookie over outgoing connection • Send add me, status and profile name commands • After every message received read user input and send response message • To test if your hidden service is available over Tor use “torify telnet youronionaddress.onion 11009”

16 / 17 Questions

• What is the security objective Tor tries to provide?

• Tor middle node sees only encrypted packets. How it is achieved?

• What could a malicious Tor exit node do?

• What could a malicious Tor middle node do?

• What could a malicious Tor entry guard node do?

• How to detect whether the user is using Tor network?

• Under what threat model Tor is secure?

• How are Tor Hidden Services identified?

• What prevents someone from impersonating Tor Hidden Service?

17 / 17