björgvin ragnarsson and pieter westein university of ... · 04-07-2013 slide 11 of 18 tcp stream...

18
04-07-2013 Slide 1 of 18 Björgvin Ragnarsson and Pieter Westein University of Amsterdam Research Project 2

Upload: others

Post on 18-Mar-2020

3 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

04-07-2013 Slide 1 of 18

Björgvin Ragnarsson and Pieter Westein University of Amsterdam

Research Project 2

Page 2: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 2 of 18 04-07-2013

Introduction Research Question

Git overview

Design overview Demo

Performance measurements Prototype evaluation

Conclusion and Future work

Questions

Page 3: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 3 of 18 04-07-2013

Source: https://www.torproject.org/about/overview.html.en

Page 4: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 4 of 18 04-07-2013

Tor relays are public, easy to block

Introduction of Bridges

Scanners actively trying to reach Bridges

Introduction of Pluggable Transports

Page 5: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 5 of 18 04-07-2013

Modules for obfsproxy framework

Can be used for other purposes than Tor ◦ as a SOCKS proxy

Existing transports ◦ Obfs2,Obfs3, Skype, ScrambleSuit, Dust,

StegoTorus, flashproxy

Page 6: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 6 of 18 04-07-2013

Is it possible to shape Tor traffic in such a way that it looks identical to the Git protocol?

How could a censor identify Tor bridges and users using such an obfuscated protocol?

Page 7: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 7 of 18 04-07-2013

Version control system

Push and pull mechanism

Four transports protocols ◦ SSH, Git, HTTP, HTTPS

Page 8: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 8 of 18 04-07-2013

Client Server

git-receive-pack

Have: List of references

Want: List of references

Sending Objects

FIN-ACK

ACK

Page 9: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 9 of 18 04-07-2013

Client Server

Have: List of references

Want: List of references

Sending Objects

FIN-ACK

ACK

git-upload-pack

Page 10: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 10 of 18 04-07-2013

Files compressed and stored in the Git database

SHA1 hash of the content used as reference

File Git Object Git Database

Page 11: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 11 of 18 04-07-2013

TCP stream is stored as files in Git

The Git program does the transfer ◦ Makes it harder to fingerprint

◦ Provides four transports in one:

(SSH/Git/HTTP/HTTPS)

Client initiates send/receive

Page 12: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 12 of 18 04-07-2013

Page 13: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

04-07-2013 Slide 13 of 18

Page 14: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 14 of 18 04-07-2013

Downloading a 10MB file using git over ssh ◦ 7 KB/s over ssh through Tor

◦ 166 KB/s over ssh without Tor

Page 15: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 15 of 18 04-07-2013

The frequency of pushes and pulls

Tor data is compressed (not hidden)

Git traces on disk

Page 16: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 16 of 18 04-07-2013

Tor usage can be obfuscated as Git traffic ◦ or any other VCS

Prototype is slow, compared to normal Tor

Polling and disk writes are weak points

Page 17: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

Slide 17 of 18 04-07-2013

Using publicly available Git servers for relaying

Layered obfuscation

Eliminate disk writes

Page 18: Björgvin Ragnarsson and Pieter Westein University of ... · 04-07-2013 Slide 11 of 18 TCP stream is stored as files in Git The Git program does the transfer Makes it harder to fingerprint

04-07-2013 Slide 18 of 18

Thank you for your attention

Track development at: https://trac.torproject.org/projects/tor/ticket/9192