anonymity & virtualization - university of...
TRANSCRIPT
![Page 1: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/1.jpg)
![Page 3: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/3.jpg)
todayAnnouncements: HW3 due tonight; HW4 posted tomorrow
Anonymous browsing, TOR
Virtualization,
Random number generators and reset vulnerabilities
![Page 4: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/4.jpg)
Preventingintercept
• End-to-endencryption(TLS,SSH)
• Whatdoesthisprotect?Whatdoesitleak?
• Whatcangowrong?
Othermajorbackbone
AT&Tnetwork
Interceptiongear
IP:1.2.3.4
IP:5.6.7.8
think-pair-share
![Page 5: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/5.jpg)
Hidingconnectivityisharder
• IPaddressesarerequiredtoroutecommunication,yetnotencryptedbynormalend-to-endencryption– 1.2.3.4talkedto5.6.7.8overHTTPs
• Howcanwehideconnectivityinformation?
![Page 6: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/6.jpg)
SimpleAnonymizationServices
• Single-hopproxyservices
• JonDonym,anonymousremailers(MixMaster,MixMinion),manyothers
Anonymizer.com
![Page 7: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/7.jpg)
Tor(TheOnionRouter)
Othermajorbackbone
AT&Tnetwork
Interceptiongear
IP:1.2.3.4
IP:5.6.7.8
Othermajorbackbone
TorRelayTorRelay TorRelay
7.8.9.1 8.9.1.19.1.1.2
Client->7.8.9.1->8.9.1.1->9.1.1.2->DestinationCalledacircuit
![Page 8: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/8.jpg)
Client:1.2.3.4
Onionrouting:thebasicidea
Torimplementsmorecomplexversionofthisbasicidea
7.8.9.1
Encryptedto7.8.9.1Src:
1.2.3.4Dest:7.8.9.1
8.9.1.1
Encryptedto8.9.1.1Src:
7.8.9.1Dest:8.9.1.1
Encryptedto9.1.1.2Src:
8.9.1.1Dest:9.1.1.2
9.1.1.2 webserver:5.6.7.8
HTTPpacketSrc:
9.1.1.2Dest:5.6.7.8
![Page 9: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/9.jpg)
Whatdoesadversarysee?
Othermajorbackbone
AT&Tnetwork
Interceptiongear
IP:1.2.3.4
IP:5.6.7.8
Othermajorbackbone
TorNodeTorNode TorNode
7.8.9.1 8.9.1.19.1.1.2
HTTPpacketSrc:
9.1.1.2Dest:5.6.7.8
Torobfuscateswhotalkedtowhom,needend-to-endencryption(e.g.,HTTPS)toprotectpayload
![Page 10: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/10.jpg)
• Dec2016:EldoKim,Harvardsophomore,sentbombthreatsusingGuerillaMail(anonymousemailservice)
• UsedToRtoconnecttoGuerillaMail(fromhisdormroom)
• Caughtwithin2days
• Howdidhegetcaught?
• GuerillaMailindicateduserconnectedviaToRnode
• FBIcomparedtimestamponemailtoHarvardnetworklogs,
• HewastheonlyoneusingToRatthattime(onthelocalnetwork),confessedwhenconfronted
![Page 11: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/11.jpg)
[Asof:April13,2016]
![Page 12: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/12.jpg)
virtualization
![Page 13: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/13.jpg)
Virtualization
Hardware
OS
Process1 Process2
Novirtualization
Type-1:HypervisorrunsdirectlyonhardwareType-2:HypervisorrunsonhostOS
Hardware
Hypervisor
OS1
P1 P2
OS2
P1 P2
DriversDrivers
Type-1Virtualization(Xen,VMwareESX)
P2
P1 P2
Type-2Virtualization(VMwareWorkstation,VirtualBox)
OS2
P1
HostOS
Hardware
Hypervisor
![Page 14: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/14.jpg)
VMUseCases
• Developmentandtesting(especiallywhenweneeddifferentOSs)
• Serverconsolidation
• Runmultipleserversonsamehardware:webserver,fileserver,emailservers,…
• Cloudcomputing:Infrastructure-as-a-Service
• Sandboxing/containment
![Page 15: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/15.jpg)
SecurityModel
Hardware
Hypervisor
OS1
P1 P2
OS2
P1 P2
DriversDrivers
Type-1Virtualization(VMwareWorkstation,VirtualBox)
• What'sthedesiredsecuritymodel?
• IsolationbetweenOS1/OS2(andprocesses)
• Noaccesstofilesystem,memorypages
• No"escape"fromprocess/OStohypervisor
• Whatcangowrong?
![Page 16: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/16.jpg)
IsolationProblems
Hardware
Hypervisor
OS1
P1 P2
OS2
P1 P2
DriversDrivers
Type-1Virtualization(VMwareWorkstation,VirtualBox)
• Informationleakage
• side-channelattacksusingsharedresources(instruction/memorycaches)
• Degradationofservice
• Violateperformanceisolation,OS1degradesOS2togetmoreCPUtimeornetworkbandwidth
• Otherproblems?
![Page 17: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/17.jpg)
VirtualMachineManagement
• Snapshots– Volumesnapshot/checkpoint• persistentstorageofVM• mustbootfromstoragewhenresumingsnapshot
– Fullsnapshot• persistentstorageandephemeralstorage(memory,registerstates,caches,etc.)
• start/resumeinbetween(essentially)arbitraryinstructions
• VMimageisafilethatstoresasnapshot
![Page 18: anonymity & virtualization - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/tor.pdf · anonymity & virtualization adam everspaugh ace@cs.wisc.edu computer](https://reader033.vdocuments.net/reader033/viewer/2022042304/5ecf7bbed4c4f839dc3f893b/html5/thumbnails/18.jpg)
recapAnonymous browsing, TOR
Virtualization types, use cases
Virtualization containment problems
Linux RNG and reset vulnerabilities