Analysis of Onion Routing Security and Adversary-based Metrics

In this comprehensive analysis, the security aspects of Onion Routing are scrutinized along with adversary-based metrics. Various security vulnerabilities such as compromised relays and potential attacks on the first and last routers are examined. Existing metrics like entropy coefficients and probability distributions are explored to understand the threats posed by adversarial entities. Additionally, adversary-based metrics shed light on the resources and strategies employed by potential attackers. The study delves into the temporal nature of protocols and user behavior, highlighting the evolving nature of security challenges in anonymous communication networks.

• Onion Routing
• Security Analysis
• Adversary Metrics
• Privacy
• Internet Security

rus_n Follow

Uploaded on Sep 06, 2024 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar

2. Onion Routing 1 2 u d 3 5 User u running client Internet destination d 4 Onion routing relays Encrypted onion-routing hop Unencrypted onion-routing hop

3. Basic Onion Routing Security u 1 2 d v e 3 5 4 w f 1. 2. 3. 4.

4. Basic Onion Routing Security u 1 2 d v e 3 5 4 w f 1. First router compromised 2. 3. 4.

5. Basic Onion Routing Security u 1 2 d v e 3 5 4 w f 1. First router compromised 2. Last router compromised 3. 4.

6. Basic Onion Routing Security u 1 2 d v e 3 5 4 w f 1. First router compromised 2. Last router compromised 3. First and last compromised 4.

7. Basic Onion Routing Security u 1 2 d v e 3 5 4 w f 1. First router compromised 2. Last router compromised 3. First and last compromised 4. Neither first nor last compromised

8. Existing Metrics 1. Entropy / Gini coefficient of path distribution 2. Source entropy of given connection 3. Probability of selecting adversarial routers in a circuit 4. Probability of crossing an Autonomous System to entry and from exit

9. Analysis Ideas 1. Adversary-based 2. Defined over time 3. Probability distributions

10. Adversary-based Metrics Resources Bandwidth Compromised relays Money Autonomous Systems Locations (IXPs, NAPs, cable landing points) Governments Game structure Actions Resource reallocation Blocking/modifying traffic Move order Strategy / Goal Targeting users Dragnet

11. Defined over time Protocols have dependencies over time Guards User behavior has time dependencies Patterns in long-term behavior Short-term patterns (browsing, application sessions) Adversaries have time dependencies Control network resources over time

12. Onion Routing 1 2 u d 3 5 User u running client Internet destination d 4 Onion routing relays Encrypted onion-routing hop Unencrypted onion-routing hop

13. Onion Routing 1 2 u d 3 5 User u running client Internet destination d 4 Onion routing relays Encrypted onion-routing hop Unencrypted onion-routing hop

14. Onion Routing 1 2 u d 3 5 User u running client Internet destination d 4 Onion routing relays Encrypted onion-routing hop Unencrypted onion-routing hop

15. Probability distributions Bad things happen with non-negligible probability Average/worst-case analysis loses useful information Experiments give samples, but generally lack statistical validity

16. Example Onion Routing Metrics A runs m relays PDF of number of compromised paths in a week A controls a ASs PDF of number of correct guesses about cxn source A compromises k relays PDF of number of destinations observed A contributes b bandwidth PDF of time until client chooses compromised path

17. Evaluation on Tor April November 2011 Observed BW avg: 4947442 KBps Observed Guard BW avg 2697602 KBps Observed Exit BW avg: 1333764 KBps Adversary controls: 2/2 top guard/exit relays: (3.5/7% of guard/exit) 4/4 top guard/exit relays: (6.7/13% of guard/exit) 8/8 top guard/exit relays: (10/20% of guard/exit) 3000 clients

18. Adversary has 4/4 top guards/exits Adversary has 2/2 top guards/exits Adversary has 8/8 top guards/exits

19. Adversary has 4/4 top guards/exits Adversary has 2/2 top guards/exits Adversary has 8/8 top guards/exits

20. ISP adversary w/ 8 top exits ISP adversary w/ 4 top exits Adversary has 16 top exits

21. Challenges Making good adversary models What resources are limiting? What strategies are the greatest threats? Statistically-valid probability distributions Sample space over time is huge Protocols may depend on network dynamics Virtual Coordinate Systems Congestion-aware routing