Chair for Network Architectures and Services Technische Universitat¨ Munchen¨

Anonymization in the Internet

Adrian Struzek

Chair for Network Architectures and Services Department for Computer Science Technische Universitat¨ Munchen¨

April 10, 2015

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 1 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Outline

Introduction

Relaying of messages Remailers and Proxies Tor

Bitmessage

Freenet P2P Networks Freenet

Conclusion

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 2 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Introduction

Goals:

I Overview of different concepts for anonymization

I Introduction to three different services

I Understanding of the Pros and Cons of each service

The three presented services are:

I Tor - Relaying of Messages

I Bitmessage - Covertraffic

I Freenet - Peer-to-Peer networks

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 3 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Conceptions

I Messages: When referring to messages, we mean all data that is sent to another node

I Meta-data: ”Data about Data”, in our case mostly concerning descriptive meta-data; Describes contents and context of actual message-data, date of sending, location of sender/recipient etc.

I Attacks: - Correlation: linking messages at different locations in network by time, size and other meta-data - Traffic analysis: searching traffic for key-words, generating user- and network-profiles - Compromised Nodes: Nodes under (partial-)control by an adversary. Leaking Information to unwelcome third parties

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 4 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Relaying of Messages

Adversaries can infer a lot of information from IP- and UDP-headers Other protocol-headers may contain even more information, sometimes not even needed by the protocol Example: Non encrypted SMTP-Headers contain sender, recipient, subject, date of sending and other information Remailers and Proxies allow to change some of that information by relaying your data through their service

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 5 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Remailers and Proxies

Remailers and Proxies alike, strip incoming messages of sender information and replace it with their own There are different kind of services, with different functionality and anonymity Some services have cascaded server chains, to hinder correlation attacks There are various weaknesses, but most important is the fact that service providers themselves may be compromised or malicious. It’s advisable to always use end-to-end encryption

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 6 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Overview

What is Tor? Network Design Circuits Hidden Services Weaknesses

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 7 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor

Tor is used to anonymize TCP-based applications, e.g. Browsers, Instant Messengers Is realized by an distributed overlay network consisting of relay nodes and clients data is wrapped in several layers of encryption, hence the name client specifies route the data takes through the network, a so called circuit

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 8 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Network Design

Symmetric Encryption Key

Encryption Layer

Onion Routers Exit Node Entry Node

Onion Proxy Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 9 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Network Design

clients share a encryption key with each hop Data is wrapped in several encryption layers, each layer containing the address of a hop When receiving data, an OR decrypts it, hence revealing the address of the next hop ORs know only their predecessor and their successor on the path

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 10 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Circuits

The path the data from a client takes through the network is called a circuit TCP streams from multiple applications are multiplexed through one circuit New circuits are established periodically, old ones with no open TCP-streams expire to establish a circuit, a client negotiates symmetric encryption keys with the hops, one at a time

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 11 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Hidden Services

Tor can also be used to provide anonymous services, e.g. web sites Servers are configured to accept connections only from Tor, making it a requirement to access them Hidden services are accessed by an onion address, a pseudo-to-level-domain host suffix Since they are part of the Tor-network, connection can be considered end-to-end encrypted provide high degree of anonymity for service providers and consumers alike

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 12 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Weaknesses

By Design, Tor gives no protection from monitoring at network borders If exit nodes are malicious, outgoing traffic could be monitored and searched for sensitive information, e.g. login credentials to websites Insecure TCP-based applications like BitTorrent can be exploited by adversaries to get the user’s IP-address. Uses of other applications can then be associated to the user Since exit-nodes are publicly known, they can be blocked by servers.

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 13 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Bitmessage

Bitmessage is a peer-to-peer protocol for sending messages to other users Messages are encrypted using public-private-key encryption Users are addresses by Bitmessage addresses Public key is retrieved first, then the message is encrypted and sent

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 14 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Bitmessage - Forwarding of Messages

1 1

Alice

2 1 2

2 2 3

Bob Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 15 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Bitmessage

Message are forwarded to all users Contain no information about sender or recipient Only the intended recipient can decrypt the message Additionally, users can subscribe to other users and receive their published messages in a newsletter-like manner

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 16 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Bitmessage

When a node receives a message he cannot decrypt, the message is first mixed with all other messages of the node and then forwarded This way, when a message is sent it is hard to discern from forwarded messages Sent messages are stored on the forwarding nodes only for two days. If the recipient is not online during that time, the message is lost and has to be re-sent.

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 17 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ P2P Networks

Decentralized and self-organizing Users connect directly to one another, no servers involved Data-redundancy facilitates a high degree of censorship resistance DDoS attacks on P2P Networks are

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 18 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet

P2P-service with the goal to guarantee freedom of speech, with a high degree of anonymity Provides separate networks, not accessible without the service Each client provides storage space to the network Files are often split in parts and stored independently on different nodes Data is also stored redundantly on various nodes, depending on it’s popularity Permanent storage is not guaranteed. If a file is not requested often, it will be deleted if storage space is sparse

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 19 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet - GUIDs

All files have globally unique identifiers (GUIDs), used for file-storage operations Two main types of GUIDs : Content-Hash-Keys (CHKs) and Signed-Subspace-Keys (SSKs) CHKs are used for primary data storage or retrieval and generated by hashing a files contents SSKs set up a personal space, that anyone can read but only the owner can write to. This can be used to authenticate a pseudonymous author while protecting his anonymity

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 20 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet - CHKs

CHK ADD

FILE

CHK @ file hash , decryption key , crypto settings CHK @ SVbD9~HM5nzf3AX4yFCBc- ,bA7qLNJR7IXRKn6uS5PAySjIM6azPFvK~18kSi6bbNQ , AAEA--8 A4dhNUF5DPJZLL5NX5Brs

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 21 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet - SSKs

SIGNED SUBSPACE

CHK

EDIT FILE CHK

CHK FILE

CHK ADD FILE READ

FILE

CHK REMOVE CHK FILE FILE

SSK @ public key hash , decryption key , crypto settings / user selected name-version SSK @ GB3wuHmt[..]o-eHK35w , c63EzO7u[..]3YDduXDs , AQABAAE / mysite-4

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 22 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet

Freenet can be used as a dark net, meaning the client will only connect to trusted peers, which have been added as friends manually Using Freenet in dark net mode combined with hard drive encryption, provides the highest degree of anonymity and security of all presented services Of course, availability of services and information is reduced that way In open-net mode, clients potentially connect to all other users in the network and reveal their IP-address to some peers when connecting to them

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 23 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet - Weaknesses

Harvesting : An adversary can launch some nodes in the network and start collecting Ip-addresses of peers. Authorities can potentially block at least some content this way Advanced traffic analysis : Requests to the network are not mixed in any way. An Observer with global monitoring capabilities can perform traffic analysis due to this.

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 24 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Conclusion - Tor

Tor :

I + Good choice for common user concerned about privacy

I + Can browse and use normal web services like public websites

I + Can use TCP-based applications through it

I + Anonymous publishing with Hidden services

I - Sensitive information like passwords should only be transmitted with end-to-end encryption

I - insecure applications that share the clients IP-address should not be used through it

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 25 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Conclusion - Bitmessage

Bitmessage :

I + Good choice for private messaging

I + can be used as substitute to email with known peers and friends

I + can be combined with Tor

I + Newsletter functionality

I - Weaknesses and potential threats are mostly unknown

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 26 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Conclusion - Freenet

Freenet :

I + Darknet functionality : Highest anonymity possible

I + Authenticated yet anonymous publishing

I + High censorship resilience

I - no protection from global observer

I - prone to harvesting of IP-addresses

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 27 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨

Thank you for your attention!

Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 28