MTAT.07.017 Applied Cryptography Tor University of Tartu Spring 2015 1 / 16 Tor “Tor is a software for enabling online anonymity and censorship resistance. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than six thousand relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis.” https://en.wikipedia.org/wiki/Tor_(anonymity_network) 2 / 16 Tor • Privacy against who? • No single node knows the entire path! 3 / 16 Onion Routing • Data received by router A: • Ea (b, Eb (c, Ec (dest, m))) • Data received by router B: • Eb (c, Ec (dest, m)) • Data received by router C: • Ec (dest, m) 4 / 16 Tor Nodes 5 / 16 Attacks: Correlation Attack • End-to-end correlation • Malicious relays 6 / 16 Attacks: Malicious Exit Node • Sniffing • WikiLeaks Man-in-the-middle attacks • • Spoiled Onions 7 / 16 Attacks: Malicious Exit Node 8 / 16 Attacks: Deanonymization • Browser fingerprinting • IP leakage through DNS requests • Malicious Java applets • Client-side exploits • Tor Browser Bundle 9 / 16 Tor Bridges • Tor detection/blocking • • • Bridges - relays not published in the main directory Distribution of bridge relays • • • http://torstatus.blutmagie.de/ HTTPS distribution point [email protected] Obfuscated bridges 10 / 16 Tor Hidden Services Reachable using .onion address (e.g., duskgytldkxiuqc6.onion) 11 / 16 Tor Hidden Services (setup) # apt-get install tor # cat /etc/tor/torrc | grep HiddenService HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:80 # /etc/init.d/tor restart # cat /var/lib/tor/hidden_service/private_key -----BEGIN RSA PRIVATE KEY----MIICXAIBAAKBgQC1+cMw5yIBE6AqBVaQdQZwoLOedUqxT +xvJ8i+HPSYHqWJYHtSP816zvoVeIHLrVk8GBMJEXv346 ... # cat /var/lib/tor/hidden_service/hostname c357h6fa4m5zmj4f.onion 12 / 16 TorChat (Instant Messenger) $ sudo apt-get install torchat $ torchat 13 / 16 TorChat Protocol 1. ping nwtuvtf4sidu6mlf 87656434567876 4. pong 4566885558874 Tor network nwtuvtf4sidu6mlf.onion 2. ping c357h6fa4m5zmj4f 4566885558874 3. pong 87656434567876 c357h6fa4m5zmj4f.onion • Two connections: • Outgoing connection to send data • Incomming connection to receive data • Handshake process authenticates incomming connections • Commands (command separator – newline character): • message – UTF-8 encoded message. • status – available, away or xa • add me – request addition to buddy list • profile name – name in the buddy list 14 / 16 Task Implement TorChat client compatible with official TorChat client: $ python torchat.py --myself c357h6fa4m5zmj4f --peer j2ko25d2vxxbvz6p [+] Connecting to peer j2ko25d2vxxbvz6p [+] Sending: ping c357h6fa4m5zmj4f 851513207851584792331050 [+] Listening... [+] Client 127.0.0.1:49774 [+] Received: ping j2ko25d2vxxbvz6p 4276199285361339873144421300330966910603239 [+] Received: pong 851513207851584792331050 [+] Sending: pong 4276199285361339873144421300330966910603239202743241912335184 [+] Received: client TorChat [+] Received: version 0.9.9.553 [+] Received: profile_name Bob [+] Received: status available [+] Sending: add_me [+] Sending: status available [+] Sending: profile_name Alice [+] Received: status available [+] Received: message Who are you, Alice? [?] Enter message: I am your friend. [+] Sending: message I am your friend. [+] Received: status available [+] Received: status available [+] Received: status available 15 / 16 Task • Setup Tor hidden service for port 11009 (redirected to 127.0.0.1:8888) • Connect to peer’s .onion address on port 11009 and send ping command with random cookie • Listen on 127.0.0.1:8888 for peer’s connect-back • Check if the cookie in peer’s pong command match the cookie you sent • Send pong command with peer’s cookie over outgoing connection • Send add me, status and profile name commands • After every message received read and send response message 16 / 16
© Copyright 2024