100 likes | 129 Views
anonymizing proxy. clear. SSL. Anonymity (Privacy). Suppose you are surfing the Web. You don’t want Web site to know your IP address And you don’t want your ISP to sniff your traffic. Possible solution: use anonymizing proxy. Proxify.com. Just go to a website and enter URL.
E N D
anonymizing proxy clear SSL Anonymity (Privacy) • Suppose you are surfing the Web. • You don’t want Web site to know your IP address • And you don’t want your ISP to sniff your traffic. • Possible solution: use anonymizing proxy Introduction
Proxify.com • Just go to a website and enter URL. • No software to install. • Script on page causes browser to create SSL session between browser and proxify. • Anonymous browsing is free • To post, must pay fee • Problem: Proxify.com still knows which IP addresses are visiting which sites. Introduction
Tor: Chaining proxies • Features: • Proxy servers are chained, making it more difficult to trace which IPs visited which servers • Anyone can contribute a proxy server (P2P) • Open-source, cannot have any backdoors • Uses SOCKS for proxy protocol: can be used with all application layer protocols. • Brief History: • Originally supported by the Navy, later also by Electronic Frontier Foundation. • In 2002 the code was given to Roger Dingledine and Nick Mathewson, two Boston-based programmers Introduction
How it works • Basic Principles: • List of servers is obtained from directory server • Data is sent through 3 randomly chosen servers • Encryption is applied in a layered manner, each of the servers peels off a layer (like in an onion). • The path changes every minute. Introduction
Layered encryption: Overview Suppose Alice wants to communicate with Bob (Web server), via two servers. • Establishing keys and circuit: • Alice has certificates for both servers. • Alice first does a D-H exchange with Server 1, establishing a session key KA1. • She then does a D-H exchange with Server 2, via Server 1, establishing a session key KA2. • “Circuit” is now established between Alice and Server 2. • Sending message m to Bob • Alice encrypts twice: KA1(KA2(m)), sends to Server 1. • Server 1 decrypts, obtains KA2(m), sends to Server 2 • Server 2 decrypts, sends m to Bob. Introduction
Diffie-Hellman exchange between Alice and first server • RSA, hashing and handshaking is used to prevent man-in-middle attack and provide perfect “forward secrecy” • So Alice knows she’s talking with server and not with Trudy • So if someone obtains K1-in the future, will not get gxy x c = K1+(gx) gy, H( gxy ) y First server in chain with keys K1+ and K1- They now both have KA1 = gxy Alice Introduction
What can woman-in-middle do? • Can Trudy pretend to Alice that she is first server? • If Trudy records all messages and in future obtains K1-,will she be able to decrypt? Introduction
Tor protocol: Two onion-ring proxies One layer of encryption has been removed Note the double braces, encryption has been applied twice Introduction
What do the servers know? Server 1 knows: • AliceIP wants to communicate with some dest IP; but doesn’t learn the dest IP. • Server 1 never gets Alice’s certificate, so only knows of AliceIP and not Alice. • Doesn’t see m. Server 2 knows: • Some IP address wants to communicate with Bob, but doesn’t see the IP address. • Sees m. • Since Bob doesn’t use encryption, last server necessarily sees m Introduction
Anonymity: Summary • Proxy server + encryption can provide a degree of anonymity • But what if you can’t trust the proxy server? • Chaining proxy servers provide more protection. • As long as the server don’t collude Introduction