Par Payment for Anonymous Routing

8/14/2019 Par Payment for Anonymous Routing

http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 1/35

PAR: PAYMENT FORANONYMOUS ROUTING

PRESENTED BY:

MUHAMMAD HASAN



CONTENTSWhat is Anonymous Routing?

Established By

When do we want Anonymity?

Who needs Anonymity?

Who is talking to whom?

Onion Routing Network InfrastructureApplications

Onion Routing PROXY INTERFACE



CONTENTS:Using Onion RoutingReply Onions

System ConsiderationSystem RequirementPayment AnalysisOur ContributionA Hybrid payment scheme



CONTENTS

Implementation

Performance

Capabilities

Weakness

Conclusion



What is Anonymous

Routing?Anonymous routing protects user communication from identification by third-party observers.

If we have a well defined set of elements, then anonymity is the property of an element of not being identifiable within this set.

• The degree of anonymity goes high when the number of people

is increasing .



What is anonymity incommunication?Different types:

Sender anonymity An observer cannot tell who sent the message.

Recipient anonymity An observer cannot tell who is the intended receiver

of the message.

Unlinkability of Sender and Receiver An observer cannot tell who is in communication

with whom.



Anonymity Network & TORTor (The Onion Router) is a free software implementation of

second-generation onion routing – a system enabling its users to

Communicate anonymously on the Internet

Messages are repeatedly encrypted and then sent through

several network nodes called onion routers.

Each onion router removes a layer of encryption to

uncover routing instructions, and sends themessage to the next router where this is repeated.

This prevents these intermediary nodes from

knowing the origin, destination, and contents of the

message.



The Father of Anonymous

communicationDavid CHAUM

Onion routing is a technique for pseudonymous (or anonymous)

communication over a computer network,

Developed by David Goldschlag, Michael Reed, and Paul Syverson

TOR Established By:



When do we wantAnonymity?

Privacy protection

Confession serviceElections & Voting

Treatment of medical data

Freedom of speech

Financial matters



Who needs Anonymity? Socially Sensitive Communicants:

Diseases or crime victim chat rooms Law enforcement:

Anonymous tips or crime reporting Surveillance and Honey pots (Sting Operation)

Corporations Hiding Collaboration of sensitive business units or Partners Hide procurement suppliers and patterns

Political Dissidents Censorship resistance publishersWhistleblowers You

Who are sending email?What website you are browsing?Where do you work, where are you from?What do you buy? What kind of physician do you visit…?



Who is talking to whom?

In a Public Network:Packet headers identify recipients

Packet routes can be tracked

Encryption does not hide routing information.



Onion Routing: NetworkInfrastructure

Anonymous connections are

Routed through Chaum Mixes

Multiplexed between Mixes



Onion Routing: Proxy

InterfaceProxies interface between Applications

and the Network Infrastructure.

The Basic Configuration:

Sensitive sites control Onion Routing Proxies (which also function

as intermediate Onion Routers).



TOR ApplicationsMany applications can use Proxies:

Web browsing

Remote login

e-mail

File transfer



Using Onion RoutingFour Steps:

Define the routeConstruct the anonymous connection

Move data through the connection

Destroy the anonymous connection



Defining the RouteThe Initiators Proxy, W, makes an

Onion:



Constructing theAnonymous Connection

The Onion moves between Onion Routers.



Moving Data Forward

The Initiators Onion Routing Proxy repeatedly encrypts the data

Each Onion Router removes one layer of cryption

The Responders Onion Routing Proxy forwards the plaintext to

the Responder.



Moving Data Backward

This is just the reverse of sending data forward.

Each Onion Router adds one layer of cryption

The Initiators Onion Routing Proxy removes the layers

of cryption and forwards the plaintext to the Initiator.



Destroying the Anonymous

ConnectionDestroy Messages

• are forwarded along the connection

• cleaning up tables along the way



Reply Onions

An Initiators Onion Routing

Proxy can create a Reply

Onion that defines a routeback to him.



Simple blockdiagram of

TOR



System Consideration:We will examine current anonymizing networks andpayment schemes. The current payment schemes, whenapplied to onion routing schemes, fail to Maintain

anonymizing network properties, while our hybrid schemesucceeds.



Payment Analysis: Identity-bound Payment Schemes

Identity-bound payments constitute signed endorsements from the

payer to the payee. Accountability and robustness are the two mainfeatures of this class. The micropayment scheme is an example of an Identity-bound payment.

This analysis indicates that having identity-bound coins reveals toomuch information, enabling an adversary with access to paymentinformation to break the system’s anonymity using simple

inference techniques.



Payment Analysis.Anonymous Payment Schemes

In this scheme, the payment does not carryany identification information of its initial

owner. Chaum’s Digital cash and the laterversions of Tunstall et al. and Camenisch etal. are perfect examples of such anonymouspayment schemes.



Our Contribution: HybridApproach

Both of the two classes of payment schemes have advantagesand disadvantages. Our approach creates a hybrid payment

scheme by combining the two payments methods into asingle one. In particular, nodes outside the anonymizing network

withdraw an initial number of anonymous coins (A-mcoins)from the Bank and use them to pay the first node in the Tor-path (TL) they have chosen. TL then uses micropayments3to pay TL−1, who also uses micropayments to pay its

neighbor. Each time, theamount of money paid decreases according to each node’sprice.



A Hybrid PaymentScheme



A Hybrid PaymentSchemeSender-Receiver Unlinkability Usable Efficiency

Accountability. Payment Coins S-coins(Signed microcoins): S-coins are generated

and used for payments between Tor participants. A-coins (Anonymous coins):A-coins use the idea of

e-cash ([6]). They are generated by the Bank upon

users’ requests. Users outside Tor buy apredetermined number of A-coins from the Bank andpay with them for using the anonymizing network.



Onion Routing: CapabilitiesThe idea of onion routing (OR) is to protect the privacy of

the sender and recipient of a message, while also providingprotection for message content as it traverses a network.Onion routing accomplishes this according to the principle of Chaum's mix cascades

The advantage of onion routing (and mix cascades ingeneral) is that it is not necessary to trust each cooperatingrouter; if one or more routers are compromised,anonymous communication can still be achieved.

Onion routing does not provide perfect sender or receiveranonymity against all possible eavesdroppers—that is, it ispossible for a local eavesdropper to observe that anindividual has sent or received a message

http://www.answers.com/topic/mix-network

http://www.answers.com/topic/eavesdropping

http://www.answers.com/topic/eavesdropping

http://www.answers.com/topic/mix-network



Onion routing - Pros andConsAdvantages

-Simplicity-Offers protection for

sender, receiver and

-message content

-Can offer low latency

Disadvantages

-Does not defendagainst globalobserver

-Vulnerable to timinganalysis



Implementation

Working Onion Routing prototype.

Proxies for:

Web browsing (HTTP)

Remote login (RLOGIN)

e-mail (SMTP)

File transfer (FTP)and anonymizing Web and mail proxies.



Performance

5 Onion Routers running on a single

UltraSparc 2270.

Connection setup: 0.5 secondcryptographic overhead.

(This cost can be amortized by using

sockets for longer connections.)



Weaknesses 1)it does not provide much to defend against timing analysis.

If an attacker observes a relatively under-loaded onion router,he or she can link incoming/outgoing messages by observinghow close together in time they are received and re-sent

2)Onion routing networks are also vulnerable to intersectionattacks and predecessor attacks.

3) In a predecessor attack , an attacker who controls an onionrouter keeps track of a session as it occurs over multiple pathreformations (paths are periodically torn down and rebuilt).

4) Onion routing exit nodes give the operator complete accessto the content being transmitted (via sniffing) and thereforethe onion network should not be used to transmit sensitive

information. A Swedish researcher, Dan Egerstad, was able tocollect over one hundred foreign embassy email accountpasswords using a sniffing attack.

http://en.wikipedia.org/w/index.php?title=Dan_Egerstad&action=edit&redlink=1

http://arstechnica.com/news.ars/post/20070830-security-researcher-stumbles-across-embassy-e-mail-log-ins.html

http://arstechnica.com/news.ars/post/20070830-security-researcher-stumbles-across-embassy-e-mail-log-ins.html

http://en.wikipedia.org/w/index.php?title=Dan_Egerstad&action=edit&redlink=1



Conclusion• To be effective, Onion Routing must

be widely used.• Onion Routing supports a wide variety of

unmodified services using proxies.• Anonymity is placed at the application

layer.



THANK YOU!

Documents

Par Payment for Anonymous Routing