CS 144r: Networks Design Projects CS 244r: Advanced Networks Design Projects

  • Published on

  • View

  • Download

Embed Size (px)


CS 144r: Networks Design Projects CS 244r: Advanced Networks Design Projects HBS 4560: The Future of Business Networks. Anonymizing Infrastructure February 22, 2002 Professor Marco Iansiti, HBS Professor H. T. Kung, FAS Harvard University. Topics for Today. - PowerPoint PPT Presentation


  • CS 144r: Networks Design ProjectsCS 244r: Advanced Networks Design ProjectsHBS 4560: The Future of Business Networks Anonymizing InfrastructureFebruary 22, 2002 Professor Marco Iansiti, HBS Professor H. T. Kung, FASHarvard University

  • Topics for TodayOverview of an IP-layer anonymizing infrastructureProject on attacking the anonymizing infrastructure

  • Problem To SolveAn authentication server, by definition, needs to process requests from unknown users; thus, it can be subject to DOS attacksAuthenticationServerClientsThe Internet

  • A Solution Approach Based on an Anonymizing Infrastructure

    Provide an IP-layer anonymizing infrastructure that can hide IP addresses of authentication servers from clientsThis anonymizing infrastructure can be useful for current and future authentication servers and other servers

  • The Traditional Internet: Packet Reveals Server Address in the ClearServer140.247.60.30ClientPacketThe Internet140.247.60.30D

  • The Anonymizing Infrastructure: Use Forwarders to Hide Servers AddressesServerClientAddresses encrypted in Fs keysF1F2The infrastructure is an overlay network of forwarders, FsForwarders are stateless and use anycast addresses for improved availability

  • Use of Gateways To Allow Existing Clients and Servers Without ModificationServerClientF1F2GWcGWsGateways, GWc and GWs, allow existing clients and servers to use the anonymous forwarding infrastructure without modificationInitialization Server

  • Three Usage Steps for the Anonymizing Infrastructure Server Registration: Given a server, select a sequence of forwarders, compute the encrypted IP address for the server, and register the resultsThe sequence of forwarders can be selected manually or automatically Client Initialization: Given a server, obtain the encrypted address for the server, the address of the first decrypting forwarder, and other information required for forwardingPacket Forwarding: forward packets over the selected sequence of forwarders

  • Internet Drafts and Mailing ListInternet Drafts:Bradner, S., and Kung, H. T., "Requirements for an Anonymizing Packet Forwarder," , November 2001Kung, H. T. and Bradner, S., "A Framework for an Anonymizing Packet Forwarder," , November 2001.Mailing list:http://wireless.eecs.harvard.edu/anon

    Comments would be appreciated

  • Experimental System for an Anonymizing Infrastructure We have implemented the three usage steps for an anonymizing infrastructureA FreeBSD-based experimental system is working in our lab at Harvard In the following we use our experimental system to illustrate the three steps

  • Step 1: Server RegistrationServer alias:Server IP address:1st forwarder:Server port numbers:2nd forwarder:Kerberos Server in CS at Harvard140.247.60.10588

  • Step 2: Client InitializationServerClientF1F2Initialization ServerClient obtains information, such as servers address encrypted in Fs keys and F1s address, from an initialization server

  • Step 3: Packet ForwardingServerClientF1F2Initialization ServerClients packet is forwarded to F1. F1 decrypts the address and discovers the next hop is F2. Then packet is forwarded to F2, etc.The return path is from server to F2, F1 and client

  • Use of Client and Server Gateways in Our Experimental System

    ServerClientF1F2GWcGWsGateways, GWc and GWs, allow existing clients and servers to use the anonymous forwarding infrastructure without modificationInitialization Server

  • Experimental System PlatformUse divert socket on FreeBSD-4.4 machines (http://www.freebsd.org/) in implementing forwarders, GWc and GWsPPTP VPN: mpd (netgraph multi-link PPP daemon)Crypto softwarePublic key: RSA from OpenSSL (http://www.openssl.org/)Symmetric key: 128-bit AES (Rijndael) (http://www.nist.gov/aes/)

  • Two Threat ModelsMonitoring a forwarders input & output, or compromising a forwarderCapture client and forwarder or server addressUsing the anonymizing infrastructure to launch attacksMake tracking of attackers difficult

  • Countermeasures(See the Next Three Slides)Multi-hop forwarding to make it hard to discover the exit forwarder before the serverUncorrelated, per-packet encryption for each of the hops (except the hop between the client to the first forwarder where encryption is not needed) to defend against unauthorized monitoringProtocol camouflagingSpaghetti forwarding

  • Multi-hop ForwardingServerClientF1F2F3F4To locate F4, the exit forwarder, the entire path (F1, F2, F3, F4) will need to be discovered

  • Uncorrelated, Per-packet Encryption in Our Experimental System

    ServerClientF1F2GWcGWsN submissions of the same packet When there is unauthorized monitoring, this feature makes it difficult for attackers to use traffic analysis to discover the forwarding path N different encrypted packet payloads

  • Camouflaged TCP over UDPIPheaderTCPheaderTCPpayloadIPheaderUDPheaderTCPpayloadTCPheaderIPheaderTCPheaderTCPpayloadUDPheaderTCPheaderNormal TCPTCP over UDPCamouflaged TCP over UDP

  • Spaghetti ForwardingF1F4F3F2ServerClient

  • Additional CountermeasuresRate limiting forwardersDynamic re-selection of forwardersSecure connection between GWc and Initialization Server to ensure the former receives trustworthy information from the latter

  • Revisit the Project Definition: Attacking An Experimental Anonymizing Infrastructure Attackers objectiveFind the IP address that the anonymizing infrastructure tries to hideAssumptionsLinks in the infrastructure and those connected to it can be monitoredDemonstrationGiven an encrypted IP address of a server, find its true addressAttackers scoreAn attackers score decreases exponentially in the number of false forwarders explored

  • The TestbedInitialization SeverClientGWcGWsF2 F1ServerSSLVPN

    Ultimately an authentication server can not rely on authentication to protect itselfLike providing a PO Box number to receive mailsICMP_UNREACH_NEEDFRAG


View more >