MTAT.07.017 Applied Cryptography The Onion Router (Tor) University of Tartu Spring 2019 1 / 17 Tor \Tor is a software for enabling online anonymity and censorship resistance. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis." https://en.wikipedia.org/wiki/Tor_(anonymity_network) 2 / 17 Tor • No single node knows the entire path! 3 / 17 Onion Routing • Data received by router A: • Ea(b; Eb(c; Ec (dest; m))) • Data received by router B: • Eb(c; Ec (dest; m)) • Data received by router C: • Ec (dest; m) 4 / 17 Tor Nodes 5 / 17 Attacks: Correlation Attack • End-to-end correlation • Malicious relays 6 / 17 GCHQ attacks on Tor https://archive.org/details/spiegel_-_media-35538 • How many Tor nodes run by GCHQ/NSA? • Tor nodes: https://torstatus.blutmagie.de/ 7 / 17 Attacks: Malicious Exit Node • Sniffing • WikiLeaks • Man-in-the-middle attacks • \Spoiled Onions: Exposing Malicious Tor Exit Relays" 8 / 17 Attacks: Malicious Exit Node 9 / 17 Attacks: Deanonymization • Browser fingerprinting • IP leakage through DNS requests • Malicious Java applets • Client-side exploits • Tor Browser Bundle 10 / 17 Tor Hidden Services Reachable using .onion address (e.g., duskgytldkxiuqc6.onion) 11 / 17 Tor Hidden Services (setup) # apt install tor # cat /etc/tor/torrc | grep HiddenService HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:80 # /etc/init.d/tor restart # cat /var/lib/tor/hidden_service/private_key -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQC1+cMw5yIBE6AqBVaQdQZwoLOedUqxT +xvJ8i+HPSYHqWJYHtSP816zvoVeIHLrVk8GBMJEXv346 ... # cat /var/lib/tor/hidden_service/hostname c357h6fa4m5zmj4f.onion • Cheapest way to setup a web server • No need to run the service over TLS 12 / 17 TorChat (Instant Messenger) $ sudo apt install torchat $ torchat 13 / 17 TorChat Protocol 1. ping nwtuvtf4sidu6mlf 87656434567876 4. pong 4566885558874 Tor network 2. ping c357h6fa4m5zmj4f 4566885558874 nwtuvtf4sidu6mlf.onion 3. pong 87656434567876 c357h6fa4m5zmj4f.onion • Two connections: • Outgoing connection to send data • Incomming connection to receive data • Handshake process authenticates incomming connections • Commands (command separator { newline character): • message { UTF-8 encoded message • status { available, away or xa • add me { request addition to buddy list • profile name { name in the buddy list 14 / 17 Task: TorChat { 5p Implement TorChat client compatible with official TorChat client: $ python torchat.py --myself c357h6fa4m5zmj4f --peer j2ko25d2vxxbvz6p [+] Connecting to peer j2ko25d2vxxbvz6p [+] Sending: ping c357h6fa4m5zmj4f 851513207851584792331050 [+] Listening... [+] Client 127.0.0.1:49774 [+] Received: ping j2ko25d2vxxbvz6p 42761992853613398731444213003309669106032392027432419123351845788177006994129 [+] Received: pong 851513207851584792331050 [+] Sending: pong 42761992853613398731444213003309669106032392027432419123351845788177006994129 [+] Received: client TorChat [+] Received: version 0.9.9.553 [+] Received: profile_name Bob [+] Received: status available [+] Sending: add_me [+] Sending: status available [+] Sending: profile_name Alice [+] Received: status available [+] Received: message Who are you, Alice? [?] Enter message: I am your friend. [+] Sending: message I am your friend. [+] Received: status available [+] Received: status available [+] Received: status available 15 / 17 Task: TorChat • Setup Tor hidden service for port 11009 (redirected to 127.0.0.1:8888) • Connect to peer's .onion address on port 11009 and send ping command with random cookie • Cookie must be random decimal number with 128-bit entropy • Listen on 127.0.0.1:8888 for peer's connect-back • Check if the cookie in peer's pong command matches the cookie you sent • Send pong command with peer's cookie over outgoing connection • Send add me, status and profile name commands • After every message received read user input and send response message • To test if your hidden service is available over Tor use \torify telnet youronionaddress.onion 11009" 16 / 17 Questions • What is the security objective Tor tries to provide? • Tor middle node sees only encrypted packets. How it is achieved? • What could a malicious Tor exit node do? • What could a malicious Tor middle node do? • What could a malicious Tor entry guard node do? • How to detect whether the user is using Tor network? • Under what threat model Tor is secure? • How are Tor Hidden Services identified? • What prevents someone from impersonating Tor Hidden Service? 17 / 17.