Anonymity and Privacy in the Internet

Transcription

1 Anonymity and Privacy in the Internet Introduction Anonymity and Privacy in networks can be endangered through analysing the network traffic. This analysis can be seperated in two types: content and traffic analysis. Content analysis is more difficult for an attacker because sensible can be easiliy protected with encryption. Also automatic content analysis is not easy to implement because you need suitable programmes which can interprete the data; this is especially difficult for speech (VoIP) and other digitised data like pictures. So you need a lot of man power to do content monitoring all the time. But an attacker might be just as well interested who communicates with whom: This analysis can be done automatically and shows the association between people. For example before a company fusion there might be a significant increase of telephone calls and s between the management of those companies; an attacker could be able to interpret this anomaly correctly and uses this information for buying the right stocks at the right time. So this essay deals only with communication protection regarding to traffic analysis concerning the Transmission Control Protocol over Internet Protocol (TCP/IP). It should be mentioned that you can have attacks on upper layers like application layer (Tracking cookies, Spyware & Worms) but this essay will not deal with protection against these threats. The IP protocol is based on IP-packets which have an source and destination adress. Normally, you want to get your data to the right destination and you want an answer back to your computer: This is why you should not fake the adresses, otherwise you will not be able to estabish a connection in TCP/IP. An attacker can use this requirement for analysing your packets regarding to the destination address. Strong attackers (e. g. secret services) are able to do this on multiple parts of your communication way, so you really need a complex mechanism to protect you against such attackers. This protection is provided by a software called JAP (Java Anon Proxy). JAP is an opensource project of the University of Dresden and is supported by Federal Ministry of Economics. JAP has to be installed as a local proxy on your computer and you have to reconfigure your browser so that it uses it. There is another related project called Tor which works similiar and provides a strong protection, too. The newest version of JAP now supports also this Tor-Protocol. 1/5

2 How does JAP work? Protocol: Jap works on the application layer and has to be supported by the application which network traffic should get anonymous. There are several interfaces which can be used: The JAP protocol itself only anonymizes the protocols HTTP, HTTPS and FTP. This is done by redirecting the traffic over the JAP software which works as a local proxy server on the users computer. From a technical point of view, it is no problem to support other protocols but the developer have decided to support only protocols which are needed for normal web surfing. Other applications like file sharing (e.g. emule) may cause too much traffic for the mixers. The Tor part of JAP also supports SOCKS to anonymize general application protocols. Picture 1: Structure of JAP [Source: Packet encryption To keep your address secret for the reciever, it is necessary that you have at least one proxy server which forwards your traffic under his address. But this does not protects you against a sniffer which can read the packets on the way to first proxy: There he can read your source adress and on all other parts of your communication way, he can read the destination adress, too. So you need encryption to protect the adresses: JAP uses the public keys of each JAP Proxy for doing a multiple hybrid encryption to establish a secure tunnel. First, the whole initialisation packet is encrypted with AES by using a random session key which is then encrypted by the public key of the last uesd proxy in the mix kaskade. This encrypted session key and the IP address of the last proxy are added to the packet. This procedure has to be repeated for every proxy used in the communication. The order is reversed so that you have to start with the last proxy key and you have to finish with the key of the first proxy. It is like having lockable cases where you can put other looked cases inside. And every station can unlock only the outer case; it gets then a new locked case with a new destination station. When you pack your cases you also would have to start with the case for the last station. 2/5

3 Picture 2: A multiple encryption generates unique packet patterns. [Source: After the initialisation packet has been sent, all further commication is only encrypted symmetrically; all mixes know now their symmetic keys regarding to a channel. This is important for performance reasons: a multiple hybrid encryption consums a lot of computional time (RSA) and bandwidth through a protocol overhead (additional symmetric keys for every mixer). So you see, that the byte pattern of the packets changes from Proxy to Proxy (also called Mixers) completly: An attack based only on byte pattern analysis of the packets will fail. An additional feature is that JAP can also anonymize DNS lookup queries in an similar way. n-1 attack So now we have a good protection against direct adress reading. But an attacker could do a more complex analysis by monitoring all the packets which are coming into and leaving such a proxy: For example, if you are the only user of the proxy, it is not hard to guess from whom the packets are which the proxy sends all the time. Also if you are sharing the proxy with a few other people, it is not guaranteed that your privacy is perfect. If all other users work together against you by comparing their sent packets with the sent packets of the last proxy, your goal to stay anonym fails. This risk can be reduced by using proxies with many other users so that it is improbably that they all ( n-1 ) work against you. For this reason, JAP shows how many users are on your used proxy server. Fifo attack An attacker could also consider the order of the packets which are coming into and leaving the proxy as long as it works like a Fifo (First in, first out). JAP prevents this attack by collecting packets of users a short time and then by sending them out in a random order. This mechnism is the reason why the JAP developer call their proxies mixer. 3/5

4 Picture 2: Fifo attack scenario: examination of the packet order coming into and leaving a proxy Replay attack An attacker could record a packet of monitored user who sends them to a mixer. The attacker also records all outgoing packets of this proxy. In the next cycle, he can start his replay attack: He sends the recorded packet into the mixer and records the output result again. If he compares both outputs, he will find an equal packet in both sets: This is the recorded packet of the monitored user which has lost one encryption. Picture 3: Replay attack scenario 4/5

5 Now the attacker has a way to neutralise one mixer: if he can read the outputs of all other mixers (and send packets to them), he could do the same attack on all proxies. Only in that case, your identity can be revealed. To prevent this attack, JAP mixers store the hash value of all forwarded packets for a short time. Additionaly, all packets get time stamps so that they get invalid if they get in the mixer too late. So before forwarding the packet, a JAP mixer controls the time stamp and his hash data sets of the last packets. If it notices a replay attack, it will just drop the packet. Counting attack An attacker could just count the packets which went into the first proxy seperated by users and which leave the last proxy seperated by destination servers. For example, if a user finished an upload, his data stream would stop. The attackers sees that the monitored user stops sending data and a few cycles later, the last proxy also stops communication with a certain server. JAP prevents that attack by introducing special packets which every users sends at random time and especially if their real communication stops abrupt. These special packets are recognized and dropped by the last proxy. The long way back to the user... As you see, we managed it to transport a packet from a user to a server anonymously. But how can the user get a anonym reply back? In fact, every mixer knows only their neighbours and what packets they have sent from one neighbour to the next. Additionaly, they remember the symmetric key used in the initialisation packet. So if a mixer gets an answer, he also uses the same symmetric key to encrypt the whole packet again and the he sends the packet back to its previous neighbour computer and so on. Then, the user has to decrypt the final packet with all the random keys he generated for the hybrid encryptions in the initialisation packet. Also during the back way, all attack aspects have been considered: so the mixer also collects packets before it forwards them and magic waste packets are also generated. Conclusion JAP provides protection against IP revealing attacks also against strong attackers The use of the software is really easy, so you don t have to be a computer expert to protect your privacy Only two practical attacks are known against JAP: an n-1 attack and in the case that all mixers are under the control of an attacker. A disadvantage is that your internet performance is lower: you loose a bit band width through the extra protocol and you increase your transmission delay significantly. JAP in the internet: 5/5