Sie sind auf Seite 1von 62

FBI Tor Overview

Andrew Lewman andrew@torproject.org

January 17, 2012

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

1 / 28

What are we talking about?

Crash course on anonymous communications Quick overview of Tor Quick overview of Tor Hidden Services Future directions

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

2 / 28

The Tor Project, Inc.


501(c)(3) non-prot organization dedicated to the research and development of technologies for online anonymity and privacy

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

3 / 28

What is anonymity?

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

4 / 28

Anonymity isnt cryptography


Cryptography protects the contents in transit You still know who is talking to whom, how often, and how much data is sent.

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

5 / 28

Anonymity isnt steganography

Attacker can tell Alice is talking to someone, how often, and how much data is sent.

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

6 / 28

Anonymity isnt just wishful thinking...

You cant prove it was me!

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

7 / 28

Anonymity isnt just wishful thinking...

You cant prove it was me! Promise you wont look

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

7 / 28

Anonymity isnt just wishful thinking...

You cant prove it was me! Promise you wont look Promise you wont remember

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

7 / 28

Anonymity isnt just wishful thinking...

You cant prove it was me! Promise you wont look Promise you wont remember Promise you wont tell

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

7 / 28

Anonymity isnt just wishful thinking...

You cant prove it was me! Promise you wont look Promise you wont remember Promise you wont tell I didnt write my name on it!

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

7 / 28

Anonymity isnt just wishful thinking...

You cant prove it was me! Promise you wont look Promise you wont remember Promise you wont tell I didnt write my name on it! Isnt the Internet already anonymous?

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

7 / 28

..since weak isnt anonymity.

You cant prove it was me! Proof is a very strong word. Statistical analysis allows suspicion to become certainty.

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

8 / 28

..since weak isnt anonymity.

You cant prove it was me! Proof is a very strong word. Statistical analysis allows suspicion to become certainty. Promise you wont look/remember/tell Will other parties have the abilities and incentives to keep these promises?

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

8 / 28

..since weak isnt anonymity.

You cant prove it was me! Proof is a very strong word. Statistical analysis allows suspicion to become certainty. Promise you wont look/remember/tell Will other parties have the abilities and incentives to keep these promises? I didnt write my name on it! Not what were talking about.

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

8 / 28

..since weak isnt anonymity.

You cant prove it was me! Proof is a very strong word. Statistical analysis allows suspicion to become certainty. Promise you wont look/remember/tell Will other parties have the abilities and incentives to keep these promises? I didnt write my name on it! Not what were talking about. Isnt the Internet already anonymous? Nope!

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

8 / 28

Anonymous communication

People have to hide in a crowd of other people (anonymity loves company) The goal of the system is to make all users look as similar as possible, to give a bigger crowd Hide who is communicating with whom Layered encryption and random delays hide correlation between input trac and output trac

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

9 / 28

Low versus High-latency anonymous communication systems

Tor is not the rst system; ZKS, mixmaster, single-hop proxies, Crowds, Java Anon Proxy. Low-latency systems are vulnerable to end-to-end correlation attacks. High-latency systems are more resistant to end-to-end correlation attacks, but by denition, less interactive.

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

10 / 28

Low-latency systems are generally more attractive to todays user

Interactive apps: web, instant messaging, VOIP, ssh, X11, cifs/nfs, video streaming (millions of users) Multi-hour delays: email, nntp, blog posting? (tens of thousands of users?)

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

11 / 28

Low-latency systems are generally more attractive to todays user

Interactive apps: web, instant messaging, VOIP, ssh, X11, cifs/nfs, video streaming (millions of users) Multi-hour delays: email, nntp, blog posting? (tens of thousands of users?)

And if anonymity loves company...

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

11 / 28

What is Tor?

online anonymity software and network

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

12 / 28

What is Tor?

online anonymity software and network open source, freely available (3-clause BSD license)

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

12 / 28

What is Tor?

online anonymity software and network open source, freely available (3-clause BSD license) active research environment: Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University, University College London, Univ of Minnesota, National Science Foundation, Naval Research Labs, Cambridge UK, Bamberg Germany, MIT...

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

12 / 28

What is Tor?

online anonymity software and network open source, freely available (3-clause BSD license) active research environment: Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University, University College London, Univ of Minnesota, National Science Foundation, Naval Research Labs, Cambridge UK, Bamberg Germany, MIT... increasingly diverse toolset: Tor, Tor Browser Bundle, Tails LiveCD, Tor Weather, Tor auto-responder, Secure Updater, Orbot, Torora, Tor Check, Arm, Nymble, Tor Control, and so on.

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

12 / 28

Other Systems

VPN - Virtual Private Network, 1 to 1 connection, can redirect all trac, generally encrypted

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

13 / 28

Other Systems

VPN - Virtual Private Network, 1 to 1 connection, can redirect all trac, generally encrypted Proxy - 1 to 1 connection, per application trac redirection, sometimes encrypted

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

13 / 28

Other Systems

VPN - Virtual Private Network, 1 to 1 connection, can redirect all trac, generally encrypted Proxy - 1 to 1 connection, per application trac redirection, sometimes encrypted I2P - Garlic routing, closed network, anonymity and reputation

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

13 / 28

Other Systems

VPN - Virtual Private Network, 1 to 1 connection, can redirect all trac, generally encrypted Proxy - 1 to 1 connection, per application trac redirection, sometimes encrypted I2P - Garlic routing, closed network, anonymity and reputation Freenet - closed network, anonymity, distributed le storage and sharing

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

13 / 28

Other Systems

VPN - Virtual Private Network, 1 to 1 connection, can redirect all trac, generally encrypted Proxy - 1 to 1 connection, per application trac redirection, sometimes encrypted I2P - Garlic routing, closed network, anonymity and reputation Freenet - closed network, anonymity, distributed le storage and sharing GNUnet - closed network, anonymity, distributed le storage and sharing

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

13 / 28

How is Tor dierent from other systems?

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

14 / 28

How is Tor dierent from other systems?

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

14 / 28

How is Tor dierent from other systems?

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

14 / 28

Who uses Tor?

Normal people Law Enforcement Human Rights Activists Business Execs Militaries Abuse Victims

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

15 / 28

Who uses Tor?


Normal users linking sensitive information to their current identities, online advertising networks, search engines, censorship circumvention

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

16 / 28

Who uses Tor?

Law enforcement accidental disclosure to targets, family and friend concerns, separating work from home life

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

16 / 28

Who uses Tor?

Rights Activists Personal safety, family safety, narrowly-dened publicity, censorship circumvention

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

16 / 28

Who uses Tor?

Business Execs separating work from home life, competitor research, censorship circumvention

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

16 / 28

Who uses Tor?

Abuse Victims and Survivors complete separation of past abuse and current life, nding help and safety, need to help others anonymously

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

16 / 28

Who uses Tor?

Militaries intelligence gathering, separating work from home life, other activities
Andrew Lewman andrew@torproject.org () FBI Tor Overview January 17, 2012 16 / 28

You missed a use case

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

17 / 28

estimated 400k to 800k daily users

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

18 / 28

Tor hides communication patterns by relaying data through volunteer servers

Tor user
Tor Node Tor Node Tor Node

Tor Node Tor Node

Tor Node Tor Node Tor Node

Tor Network
Web server

Diagram: Robert Watson

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

19 / 28

Tor hides communication patterns by relaying data through volunteer servers


Entry node Middle node Exit node

Tor user
Tor Node Tor Node Tor Node

Tor Node Tor Node

Tor Node Tor Node Tor Node

Tor Network
Web server

Diagram: Robert Watson

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

19 / 28

Tor hides communication patterns by relaying data through volunteer servers


Entry node Middle node Exit node

Tor user
Tor Node Tor Node Tor Node

Tor Node Tor Node

Tor Node Tor Node Tor Node

Tor Network
Encrypted tunnel Unencrypted TCP

Web server

Diagram: Robert Watson

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

19 / 28

Tor hides communication patterns by relaying data through volunteer servers

Diagram: Robert Watson

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

19 / 28

Vidalia Network Map

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

20 / 28

Metrics

Measuring metrics anonymously NSF grant to nd out Archive of hourly consensus, ExoneraTor, VisiTor Metrics portal: https://metrics.torproject.org/

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

21 / 28

Tor hidden services allow privacy enhanced hosting of services

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

22 / 28

dot onion you say?

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

23 / 28

Hidden Services, in graphics

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

24 / 28

Hidden Services, in graphics

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

24 / 28

Hidden Services, in graphics

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

24 / 28

Hidden Services, in graphics

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

24 / 28

Hidden Services, in graphics

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

24 / 28

Hidden Services, in graphics

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

24 / 28

Operating Systems leak info like a sieve

Applications, network stacks, plugins, oh my....

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

25 / 28

Operating Systems leak info like a sieve

Applications, network stacks, plugins, oh my.... some call this sharing

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

25 / 28

Operating Systems leak info like a sieve

Applications, network stacks, plugins, oh my.... some call this sharing Did you know Microsoft Word and OpenOce Writer are browsers?

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

25 / 28

Operating Systems leak info like a sieve

Applications, network stacks, plugins, oh my.... some call this sharing Did you know Microsoft Word and OpenOce Writer are browsers? www.decloak.net is a ne test

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

25 / 28

Mobile Operating Systems

Entirely new set of challenges for something designed to know where you are at all times. Orbot: Tor on Android. https://guardianproject.info/apps/ Tor on iphone, maemo/meego, symbian, etc Tor on Windows Mobile, http://www.gsmk.de as an example. Guardian Project, https://guardianproject.info/

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

26 / 28

Next steps

Visit https://www.torproject.org/ for more information, links, and ideas.

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

27 / 28

Credits & Thanks

who uses tor? http://www.flickr.com/photos/mattw/2336507468/siz, Matt Westervelt, CC-BY-SA. danger!, http://flickr.com/photos/hmvh/58185411/sizes/o/, hmvh, CC-BY-SA. 500k, http: //www.flickr.com/photos/lukaskracic/334850378/sizes/l/, Luka Skracic, used with permission.

Andrew Lewman andrew@torproject.org ()

FBI Tor Overview

January 17, 2012

28 / 28

Das könnte Ihnen auch gefallen