Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Anonymization in the Internet Adrian Struzek Chair for Network Architectures and Services Department for Computer Science Technische Universitat¨ Munchen¨ April 10, 2015 Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 1 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Outline Introduction Relaying of messages Remailers and Proxies Tor Bitmessage Freenet P2P Networks Freenet Conclusion Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 2 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Introduction Goals: I Overview of different concepts for anonymization I Introduction to three different services I Understanding of the Pros and Cons of each service The three presented services are: I Tor - Relaying of Messages I Bitmessage - Covertraffic I Freenet - Peer-to-Peer networks Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 3 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Conceptions I Messages: When referring to messages, we mean all data that is sent to another node I Meta-data: ”Data about Data”, in our case mostly concerning descriptive meta-data; Describes contents and context of actual message-data, date of sending, location of sender/recipient etc. I Attacks: - Correlation: linking messages at different locations in network by time, size and other meta-data - Traffic analysis: searching traffic for key-words, generating user- and network-profiles - Compromised Nodes: Nodes under (partial-)control by an adversary. Leaking Information to unwelcome third parties Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 4 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Relaying of Messages Adversaries can infer a lot of information from IP- and UDP-headers Other protocol-headers may contain even more information, sometimes not even needed by the protocol Example: Non encrypted SMTP-Headers contain sender, recipient, subject, date of sending and other information Remailers and Proxies allow to change some of that information by relaying your data through their service Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 5 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Remailers and Proxies Remailers and Proxies alike, strip incoming messages of sender information and replace it with their own There are different kind of services, with different functionality and anonymity Some services have cascaded server chains, to hinder correlation attacks There are various weaknesses, but most important is the fact that service providers themselves may be compromised or malicious. It’s advisable to always use end-to-end encryption Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 6 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Overview What is Tor? Network Design Circuits Hidden Services Weaknesses Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 7 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor Tor is used to anonymize TCP-based applications, e.g. Browsers, Instant Messengers Is realized by an distributed overlay network consisting of relay nodes and clients data is wrapped in several layers of encryption, hence the name client specifies route the data takes through the network, a so called circuit Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 8 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Network Design Symmetric Encryption Key Encryption Layer Onion Routers Exit Node Entry Node Onion Proxy Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 9 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Network Design clients share a encryption key with each hop Data is wrapped in several encryption layers, each layer containing the address of a hop When receiving data, an OR decrypts it, hence revealing the address of the next hop ORs know only their predecessor and their successor on the path Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 10 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Circuits The path the data from a client takes through the network is called a circuit TCP streams from multiple applications are multiplexed through one circuit New circuits are established periodically, old ones with no open TCP-streams expire to establish a circuit, a client negotiates symmetric encryption keys with the hops, one at a time Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 11 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Hidden Services Tor can also be used to provide anonymous services, e.g. web sites Servers are configured to accept connections only from Tor, making it a requirement to access them Hidden services are accessed by an onion address, a pseudo-to-level-domain host suffix Since they are part of the Tor-network, connection can be considered end-to-end encrypted provide high degree of anonymity for service providers and consumers alike Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 12 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Tor - Weaknesses By Design, Tor gives no protection from monitoring at network borders If exit nodes are malicious, outgoing traffic could be monitored and searched for sensitive information, e.g. login credentials to websites Insecure TCP-based applications like BitTorrent can be exploited by adversaries to get the user’s IP-address. Uses of other applications can then be associated to the user Since exit-nodes are publicly known, they can be blocked by servers. Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 13 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Bitmessage Bitmessage is a peer-to-peer protocol for sending messages to other users Messages are encrypted using public-private-key encryption Users are addresses by Bitmessage addresses Public key is retrieved first, then the message is encrypted and sent Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 14 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Bitmessage - Forwarding of Messages 1 1 Alice 2 1 2 2 2 3 Bob Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 15 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Bitmessage Message are forwarded to all users Contain no information about sender or recipient Only the intended recipient can decrypt the message Additionally, users can subscribe to other users and receive their published messages in a newsletter-like manner Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 16 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Bitmessage When a node receives a message he cannot decrypt, the message is first mixed with all other messages of the node and then forwarded This way, when a message is sent it is hard to discern from forwarded messages Sent messages are stored on the forwarding nodes only for two days. If the recipient is not online during that time, the message is lost and has to be re-sent. Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 17 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ P2P Networks Decentralized and self-organizing Users connect directly to one another, no servers involved Data-redundancy facilitates a high degree of censorship resistance DDoS attacks on P2P Networks are Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 18 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet P2P-service with the goal to guarantee freedom of speech, with a high degree of anonymity Provides separate networks, not accessible without the service Each client provides storage space to the network Files are often split in parts and stored independently on different nodes Data is also stored redundantly on various nodes, depending on it’s popularity Permanent storage is not guaranteed. If a file is not requested often, it will be deleted if storage space is sparse Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 19 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet - GUIDs All files have globally unique identifiers (GUIDs), used for file-storage operations Two main types of GUIDs : Content-Hash-Keys (CHKs) and Signed-Subspace-Keys (SSKs) CHKs are used for primary data storage or retrieval and generated by hashing a files contents SSKs set up a personal space, that anyone can read but only the owner can write to. This can be used to authenticate a pseudonymous author while protecting his anonymity Technische Universitat¨ Munchen¨ – Chair for Network Architectures and Services 20 Chair for Network Architectures and Services Technische Universitat¨ Munchen¨ Freenet - CHKs CHK ADD FILE CHK @ file hash , decryption key , crypto settings CHK @ SVbD9~HM5nzf3AX4yFCBc- ,bA7qLNJR7IXRKn6uS5PAySjIM6azPFvK~18kSi6bbNQ