CS 161: Computer Security

Lecture 13

October 20, 2015

What’s wrong with plain old TLS?

TLS gives you confidentiality, integrity, and authentication.

But a network eavesdropper can tell what server you are talking to.

And the server knows who is talking to it.

Tor (www.torproject.org) is an anonymity network.

Don’t call it “TOR” unless you want to look like a noob.

Tor sends user traffic through a series of encrypted hops before it reaches its destination.

Each hop only knows its predecessor and successor; no hop knows the entire path.

This prevents your ISP from knowing your browsing, and prevents web sites from knowing it’s you.

htw1.png
How Tor works

htw2.png
How Tor works

htw3.png
How Tor works

Limitations and dangers

The exit node can potentially see or modify your traffic to the web site (even if they don’t know it belongs to you). Prefer using end-to-end encrypted protocols such as TLS.

An attacker who can view the whole network can deanonymize you just by watching traffic flows.

Even just by watching entry and exit traffic, an attacker can guess at correlations using traffic timing and volume.

Many other anonymity dangers exist at the application layer. Tor Browser is designed to defend against them. (Don’t try to use a different browser with Tor.)

Hidden services

THS-1.png
Hidden services

Hidden services

THS-2.png
Hidden services

Hidden services

THS-3.png
Hidden services

Hidden services

THS-4.png
Hidden services

Hidden services

THS-5.png
Hidden services

Hidden services

THS-6.png
Hidden services

Hidden services

The client and server build their own circuits to a relay in the middle.

Another use of hidden services

OnionShare lets you serve a file through a temporary hidden service.

You can share files without setting up a server or sharing your IP address!

Internet censorship

Tor hides the endpoint of your communication: It does not hide the fact that you are using Tor.

In fact, it is very easy to block Tor connections (the list of relays is public).

userstats-relay-country-2014-01-01-off-2014-12-31-ir.png

Bridges

Tor provides secret bridge relays. Bridges are not listed publically like relays are.

You can only learn a few bridges at a time by visiting bridges.torproject.org or by sending email to bridges@torproject.org.

The use of bridges prevents IP blocking, but it does not prevent blocking Tor by its protocol.

Pluggable transports

Pluggable transports disguise Tor traffic to make it difficult to block.

Pluggable transports are also used by some other projects.

Summary of pluggable transports

obfs2, obfs3, obfs4, ScrambleSuit
“Look-like-nothing” transports, uniformly random bytes.
Vanilla Tor obfs3
plain-pixels.png obfs3-pixels.png

Summary of pluggable transports

FTE (format-transforming encryption)
Makes traffic look like HTTP, SSH, or other protocols. 
GET //oa9xnE79SSJT73XIDv5gDx6m9kCx.6SJzCweNTMMPPFjL/rgCK1XqYv6hSQJkzpMkpu1cTBiauAaz4Fl49NK78o2nUD/VcGRS2MM7Bfl6X4v./xGw5orrtPQfIXUbWCW.CkTS3j8sD5wQfbsURlceheKV5/bVHs3axmSbKbzvyg0dMh/xQiK2mMAR0aifZ93F0l9ql9qRSDa/8b6oZITWMZFKHwIJEFSJnrpUFj/0c9dX HTTP/1.1\r\n
\r\n
\xe7\xd1\xc1!\xf0\x1eX\x9ez\r\x06\xb4\x14\xa7/\xa1\x0b\xb7\x7f\xc0\xd2y\xe1
\xa7\x8b\x97VZ\x10\xab\xe84w\xa1\x9e\r\xf6\xf3\xf8@\xe0\x00\xab2\x07\xb8@
\x08\xeb3\xd9Li\x12\x1cU\x1dj\xf3\x97tT\x17\xf2\x90Z\xf4 \xd4\xf4\x01\xa7
...

HTTP/1.1 200 OK\r\n
Content-Type: H\r\n
\r\n
|\x96\xbd?\x16%\xd7\x8d7Kf\xfe\x0c\x86~\xfe\xc1\xc7\xf7\xb4Tj%\x9a\xd4A\t|P
\x1d\x11I\xd5\xf3\x8e\xd3\xf748\xeev\x8c\xbd\xa8\xdd\xb1\xc2A\xc9\x8d|\x06M
}\xe5\xba5\x1e\x97!\x89\xe4\xb7\t\xe3\x02\x1f{]Ku\x8b\x9c\x8d\xf4\xd2\x10A%
...

Summary of pluggable transports

meek
Tunnels through CDNs to get address-blocking resistance.
meek-diagram.png

Summary of pluggable transports

See A Child’s Garden of Pluggable Transports for more technical details.