Anonymity and Privacy in the Internet



Similar documents
Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Virtual Private Networks

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Security Policy Revision Date: 23 April 2009

VPN. Date: 4/15/2004 By: Heena Patel

Secure Sockets Layer

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Advanced Higher Computing. Computer Networks. Homework Sheets

Automatic Hotspot Logon

TLS and SRTP for Skype Connect. Technical Datasheet

Overview. SSL Cryptography Overview CHAPTER 1

Client Server Registration Protocol

Topics in Network Security

WEB SECURITY. Oriana Kondakciu Software Engineering 4C03 Project

SSL Inspection Step-by-Step Guide. June 6, 2016

Bit Chat: A Peer-to-Peer Instant Messenger

Question: 3 When using Application Intelligence, Server Time may be defined as.

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

SSL A discussion of the Secure Socket Layer

Cornerstones of Security

Anonymous Communication in Peer-to-Peer Networks for Providing more Privacy and Security

Enterprise Security Critical Standards Summary

Internet Privacy Options

Authentication in WLAN

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Final for ECE374 05/06/13 Solution!!

Chapter 8. Network Security

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

Bypassing PISA AGM Theme Seminar Presented by Ricky Lou Zecure Lab Limited

Tor Anonymity Network & Traffic Analysis. Presented by Peter Likarish

Chapter 7 Transport-Level Security

Performance Comparison of low-latency Anonymisation Services from a User Perspective

Introduction to Computer Security Benoit Donnet Academic Year

Nokia E90 Communicator Using WLAN

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

This Lecture. The Internet and Sockets. The Start If everyone just sends a small packet of data, they can all use the line at the same.

Wireless Encryption Protection

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

CS5008: Internet Computing

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

Chapter 10. Network Security

Transport Level Security

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

ReadyNAS Remote White Paper. NETGEAR May 2010

Steelcape Product Overview and Functional Description

Transport Layer Protocols

Tel: Toll-Free: Fax: Oct Website: CAIL Security Facility

Intranet, Extranet, Firewall

The following multiple-choice post-course assessment will evaluate your knowledge of the skills and concepts taught in Internet Business Associate.

Stateful Firewalls. Hank and Foo

Proxy Server, Network Address Translator, Firewall. Proxy Server

IP Security. Ola Flygt Växjö University, Sweden

Step-by-Step Configuration

Midterm Exam CMPSCI 453: Computer Networks Fall 2011 Prof. Jim Kurose

Lab - Observing DNS Resolution

21.4 Network Address Translation (NAT) NAT concept

Midterm. Name: Andrew user id:

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

BASIC ANALYSIS OF TCP/IP NETWORKS

Multimedia Communication in the Internet. SIP: Advanced Topics. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS

Securing IP Networks with Implementation of IPv6

CPS221 Lecture: Layered Network Architecture

First Midterm for ECE374 03/09/12 Solution!!

Agenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka

Why SSL is better than IPsec for Fully Transparent Mobile Network Access

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Answer FIVE Questions only. Each carries 20 marks.

The OSI model has seven layers. The principles that were applied to arrive at the seven layers can be briefly summarized as follows:

Solution of Exercise Sheet 5

Covert Channels. Some instances of use: Hotels that block specific ports Countries that block some access

Key Management (Distribution and Certification) (1)

Keep Yourself Safe from the Prying Eyes of Hackers and Snoopers!

Computer Networks. Secure Systems

Cisco Configuring Commonly Used IP ACLs

SWE 444 Internet and Web Application Development. Introduction to Web Technology. Dr. Ahmed Youssef. Internet

Outline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts

1 Introduction: Network Applications

Protocol Rollback and Network Security

Using etoken for SSL Web Authentication. SSL V3.0 Overview

A Tool for Evaluation and Optimization of Web Application Performance

Chapter 10 Troubleshooting

Three short case studies

Synology QuickConnect

TELE 301 Network Management. Lecture 17: File Transfer & Web Caching

CSCI 4250/6250 Fall 2015 Computer and Networks Security

Fig : Packet Filtering

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

TLS/SSL in distributed systems. Eugen Babinciuc

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

E-BUSINESS THREATS AND SOLUTIONS

Security vulnerabilities in the Internet and possible solutions

ETSF10 Part 3 Lect 2

EE 7376: Introduction to Computer Networks. Homework #3: Network Security, , Web, DNS, and Network Management. Maximum Points: 60

Tunnels and Redirectors

Transcription:

Anonymity and Privacy in the Internet Introduction Anonymity and Privacy in networks can be endangered through analysing the network traffic. This analysis can be seperated in two types: content and traffic analysis. Content analysis is more difficult for an attacker because sensible can be easiliy protected with encryption. Also automatic content analysis is not easy to implement because you need suitable programmes which can interprete the data; this is especially difficult for speech (VoIP) and other digitised data like pictures. So you need a lot of man power to do content monitoring all the time. But an attacker might be just as well interested who communicates with whom: This analysis can be done automatically and shows the association between people. For example before a company fusion there might be a significant increase of telephone calls and emails between the management of those companies; an attacker could be able to interpret this anomaly correctly and uses this information for buying the right stocks at the right time. So this essay deals only with communication protection regarding to traffic analysis concerning the Transmission Control Protocol over Internet Protocol (TCP/IP). It should be mentioned that you can have attacks on upper layers like application layer (Tracking cookies, Spyware & Worms) but this essay will not deal with protection against these threats. The IP protocol is based on IP-packets which have an source and destination adress. Normally, you want to get your data to the right destination and you want an answer back to your computer: This is why you should not fake the adresses, otherwise you will not be able to estabish a connection in TCP/IP. An attacker can use this requirement for analysing your packets regarding to the destination address. Strong attackers (e. g. secret services) are able to do this on multiple parts of your communication way, so you really need a complex mechanism to protect you against such attackers. This protection is provided by a software called JAP (Java Anon Proxy). JAP is an opensource project of the University of Dresden and is supported by Federal Ministry of Economics. JAP has to be installed as a local proxy on your computer and you have to reconfigure your browser so that it uses it. There is another related project called Tor which works similiar and provides a strong protection, too. The newest version of JAP now supports also this Tor-Protocol. 1/5

How does JAP work? Protocol: Jap works on the application layer and has to be supported by the application which network traffic should get anonymous. There are several interfaces which can be used: The JAP protocol itself only anonymizes the protocols HTTP, HTTPS and FTP. This is done by redirecting the traffic over the JAP software which works as a local proxy server on the users computer. From a technical point of view, it is no problem to support other protocols but the developer have decided to support only protocols which are needed for normal web surfing. Other applications like file sharing (e.g. emule) may cause too much traffic for the mixers. The Tor part of JAP also supports SOCKS to anonymize general application protocols. Picture 1: Structure of JAP [Source: http://anon.inf.tu-dresden.de] Packet encryption To keep your address secret for the reciever, it is necessary that you have at least one proxy server which forwards your traffic under his address. But this does not protects you against a sniffer which can read the packets on the way to first proxy: There he can read your source adress and on all other parts of your communication way, he can read the destination adress, too. So you need encryption to protect the adresses: JAP uses the public keys of each JAP Proxy for doing a multiple hybrid encryption to establish a secure tunnel. First, the whole initialisation packet is encrypted with AES by using a random session key which is then encrypted by the public key of the last uesd proxy in the mix kaskade. This encrypted session key and the IP address of the last proxy are added to the packet. This procedure has to be repeated for every proxy used in the communication. The order is reversed so that you have to start with the last proxy key and you have to finish with the key of the first proxy. It is like having lockable cases where you can put other looked cases inside. And every station can unlock only the outer case; it gets then a new locked case with a new destination station. When you pack your cases you also would have to start with the case for the last station. 2/5

Picture 2: A multiple encryption generates unique packet patterns. [Source: http://anon.inf.tu-dresden.de] After the initialisation packet has been sent, all further commication is only encrypted symmetrically; all mixes know now their symmetic keys regarding to a channel. This is important for performance reasons: a multiple hybrid encryption consums a lot of computional time (RSA) and bandwidth through a protocol overhead (additional symmetric keys for every mixer). So you see, that the byte pattern of the packets changes from Proxy to Proxy (also called Mixers) completly: An attack based only on byte pattern analysis of the packets will fail. An additional feature is that JAP can also anonymize DNS lookup queries in an similar way. n-1 attack So now we have a good protection against direct adress reading. But an attacker could do a more complex analysis by monitoring all the packets which are coming into and leaving such a proxy: For example, if you are the only user of the proxy, it is not hard to guess from whom the packets are which the proxy sends all the time. Also if you are sharing the proxy with a few other people, it is not guaranteed that your privacy is perfect. If all other users work together against you by comparing their sent packets with the sent packets of the last proxy, your goal to stay anonym fails. This risk can be reduced by using proxies with many other users so that it is improbably that they all ( n-1 ) work against you. For this reason, JAP shows how many users are on your used proxy server. Fifo attack An attacker could also consider the order of the packets which are coming into and leaving the proxy as long as it works like a Fifo (First in, first out). JAP prevents this attack by collecting packets of users a short time and then by sending them out in a random order. This mechnism is the reason why the JAP developer call their proxies mixer. 3/5

Picture 2: Fifo attack scenario: examination of the packet order coming into and leaving a proxy Replay attack An attacker could record a packet of monitored user who sends them to a mixer. The attacker also records all outgoing packets of this proxy. In the next cycle, he can start his replay attack: He sends the recorded packet into the mixer and records the output result again. If he compares both outputs, he will find an equal packet in both sets: This is the recorded packet of the monitored user which has lost one encryption. Picture 3: Replay attack scenario 4/5

Now the attacker has a way to neutralise one mixer: if he can read the outputs of all other mixers (and send packets to them), he could do the same attack on all proxies. Only in that case, your identity can be revealed. To prevent this attack, JAP mixers store the hash value of all forwarded packets for a short time. Additionaly, all packets get time stamps so that they get invalid if they get in the mixer too late. So before forwarding the packet, a JAP mixer controls the time stamp and his hash data sets of the last packets. If it notices a replay attack, it will just drop the packet. Counting attack An attacker could just count the packets which went into the first proxy seperated by users and which leave the last proxy seperated by destination servers. For example, if a user finished an upload, his data stream would stop. The attackers sees that the monitored user stops sending data and a few cycles later, the last proxy also stops communication with a certain server. JAP prevents that attack by introducing special packets which every users sends at random time and especially if their real communication stops abrupt. These special packets are recognized and dropped by the last proxy. The long way back to the user... As you see, we managed it to transport a packet from a user to a server anonymously. But how can the user get a anonym reply back? In fact, every mixer knows only their neighbours and what packets they have sent from one neighbour to the next. Additionaly, they remember the symmetric key used in the initialisation packet. So if a mixer gets an answer, he also uses the same symmetric key to encrypt the whole packet again and the he sends the packet back to its previous neighbour computer and so on. Then, the user has to decrypt the final packet with all the random keys he generated for the hybrid encryptions in the initialisation packet. Also during the back way, all attack aspects have been considered: so the mixer also collects packets before it forwards them and magic waste packets are also generated. Conclusion JAP provides protection against IP revealing attacks also against strong attackers The use of the software is really easy, so you don t have to be a computer expert to protect your privacy Only two practical attacks are known against JAP: an n-1 attack and in the case that all mixers are under the control of an attacker. A disadvantage is that your internet performance is lower: you loose a bit band width through the extra protocol and you increase your transmission delay significantly. JAP in the internet: http://anon.inf.tu-dresden.de/ http://tor.eff.org 5/5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information