onion routing security analysis
DESCRIPTION
Onion Routing Security Analysis. Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar. Onion Routing. 1. 2. u. d. 3. 5. User u running client. Internet destination d. 4. Onion routing relays. Encrypted onion-routing hop. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/1.jpg)
Onion Routing Security Analysis
Aaron JohnsonU.S. Naval Research LaboratoryDC-Area Anonymity, Privacy, and Security Seminar
![Page 2: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/2.jpg)
Onion Routing
u1 2
3
45
dUser u running client Internet destination d
Onion routing relays
Encrypted onion-routing hop
Unencrypted onion-routing hop
![Page 3: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/3.jpg)
Basic Onion Routing Securityu 1 2
3
45
d
1.
2.
3.
4.
v
w
e
f
![Page 4: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/4.jpg)
Basic Onion Routing Securityu 1 2
3
45
d
1. First router compromised
2.
3.
4.
v
w
e
f
![Page 5: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/5.jpg)
Basic Onion Routing Securityu 1 2
3
45
d
1. First router compromised
2. Last router compromised
3.
4.
v
w
e
f
![Page 6: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/6.jpg)
Basic Onion Routing Securityu 1 2
3
45
d
1. First router compromised
2. Last router compromised
3. First and last compromised
4.
v
w
e
f
![Page 7: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/7.jpg)
Basic Onion Routing Securityu 1 2
3
45
d
1. First router compromised
2. Last router compromised
3. First and last compromised
4. Neither first nor last compromised
v
w
e
f
![Page 8: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/8.jpg)
Existing Metrics
1. Entropy / Gini coefficient of path distribution
2. Source entropy of given connection3. Probability of selecting adversarial
routers in a circuit4. Probability of crossing an Autonomous
System to entry and from exit
![Page 9: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/9.jpg)
Analysis Ideas
1. Adversary-based2. Defined over time3. Probability distributions
![Page 10: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/10.jpg)
Adversary-based MetricsResources• Bandwidth• Compromised relays• Money• Autonomous Systems• Locations (IXPs, NAPs,
cable landing points)• Governments
Game structure• Actions
– Resource reallocation– Blocking/modifying
traffic• Move order
Strategy / Goal• Targeting users• Dragnet
![Page 11: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/11.jpg)
Defined over time
• Protocols have dependencies over time– Guards
• User behavior has time dependencies– Patterns in long-term behavior– Short-term patterns (browsing, application
sessions)• Adversaries have time dependencies
– Control network resources over time
![Page 12: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/12.jpg)
Onion Routing
u1 2
3
45
dUser u running client Internet destination d
Onion routing relays
Encrypted onion-routing hop
Unencrypted onion-routing hop
![Page 13: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/13.jpg)
Onion Routing
u1 2
3
45
dUser u running client Internet destination d
Onion routing relays
Encrypted onion-routing hop
Unencrypted onion-routing hop
![Page 14: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/14.jpg)
Onion Routing
u1 2
3
45
dUser u running client Internet destination d
Onion routing relays
Encrypted onion-routing hop
Unencrypted onion-routing hop
![Page 15: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/15.jpg)
Probability distributions• Bad things happen with non-negligible
probability• Average/worst-case analysis loses useful
information• Experiments give samples, but generally
lack statistical validity
![Page 16: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/16.jpg)
Example Onion Routing Metrics• A runs m relays• PDF of number of
compromised paths in a week
• A contributes b bandwidth
• PDF of time until client chooses compromised path
• A compromises k relays
• PDF of number of destinations observed
• A controls a ASs• PDF of number of
correct guesses about cxn source
![Page 17: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/17.jpg)
Evaluation on Tor
• April – November 2011• Observed BW avg: 4947442 KBps• Observed Guard BW avg 2697602 KBps• Observed Exit BW avg: 1333764 KBps• Adversary controls:
– 2/2 top guard/exit relays: (3.5/7% of guard/exit)– 4/4 top guard/exit relays: (6.7/13% of guard/exit)– 8/8 top guard/exit relays: (10/20% of guard/exit)
• 3000 clients
![Page 18: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/18.jpg)
Adversary has 2/2 top guards/exits Adversary has 4/4 top guards/exits
Adversary has 8/8 top guards/exits
![Page 19: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/19.jpg)
Adversary has 2/2 top guards/exits Adversary has 4/4 top guards/exits
Adversary has 8/8 top guards/exits
![Page 20: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/20.jpg)
ISP adversary w/ 4 top exits ISP adversary w/ 8 top exits
Adversary has 16 top exits
![Page 21: Onion Routing Security Analysis](https://reader035.vdocuments.net/reader035/viewer/2022062305/5681656d550346895dd7fe32/html5/thumbnails/21.jpg)
Challenges
• Making good adversary models– What resources are limiting?– What strategies are the greatest threats?
• Statistically-valid probability distributions– Sample space over time is huge– Protocols may depend on network dynamics
• Virtual Coordinate Systems• Congestion-aware routing