8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 1/35
PAR: PAYMENT FORANONYMOUS ROUTING
PRESENTED BY:
MUHAMMAD HASAN
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 2/35
CONTENTSWhat is Anonymous Routing?
Established By
When do we want Anonymity?
Who needs Anonymity?
Who is talking to whom?
Onion Routing Network InfrastructureApplications
Onion Routing PROXY INTERFACE
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 3/35
CONTENTS:Using Onion RoutingReply Onions
System ConsiderationSystem RequirementPayment AnalysisOur ContributionA Hybrid payment scheme
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 4/35
CONTENTS
Implementation
Performance
Capabilities
Weakness
Conclusion
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 5/35
What is Anonymous
Routing?Anonymous routing protects user communication from identification by third-party observers.
If we have a well defined set of elements, then anonymity is the property of an element of not being identifiable within this set.
• The degree of anonymity goes high when the number of people
is increasing .
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 6/35
What is anonymity incommunication?Different types:
Sender anonymity An observer cannot tell who sent the message.
Recipient anonymity An observer cannot tell who is the intended receiver
of the message.
Unlinkability of Sender and Receiver An observer cannot tell who is in communication
with whom.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 7/35
Anonymity Network & TORTor (The Onion Router) is a free software implementation of
second-generation onion routing – a system enabling its users to
Communicate anonymously on the Internet
Messages are repeatedly encrypted and then sent through
several network nodes called onion routers.
Each onion router removes a layer of encryption to
uncover routing instructions, and sends themessage to the next router where this is repeated.
This prevents these intermediary nodes from
knowing the origin, destination, and contents of the
message.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 8/35
The Father of Anonymous
communicationDavid CHAUM
Onion routing is a technique for pseudonymous (or anonymous)
communication over a computer network,
Developed by David Goldschlag, Michael Reed, and Paul Syverson
TOR Established By:
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 9/35
When do we wantAnonymity?
Privacy protection
Confession serviceElections & Voting
Treatment of medical data
Freedom of speech
Financial matters
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 10/35
Who needs Anonymity? Socially Sensitive Communicants:
Diseases or crime victim chat rooms Law enforcement:
Anonymous tips or crime reporting Surveillance and Honey pots (Sting Operation)
Corporations Hiding Collaboration of sensitive business units or Partners Hide procurement suppliers and patterns
Political Dissidents Censorship resistance publishersWhistleblowers You
Who are sending email?What website you are browsing?Where do you work, where are you from?What do you buy? What kind of physician do you visit…?
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 11/35
Who is talking to whom?
In a Public Network:Packet headers identify recipients
Packet routes can be tracked
Encryption does not hide routing information.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 12/35
Onion Routing: NetworkInfrastructure
Anonymous connections are
Routed through Chaum Mixes
Multiplexed between Mixes
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 13/35
Onion Routing: Proxy
InterfaceProxies interface between Applications
and the Network Infrastructure.
The Basic Configuration:
Sensitive sites control Onion Routing Proxies (which also function
as intermediate Onion Routers).
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 14/35
TOR ApplicationsMany applications can use Proxies:
Web browsing
Remote login
File transfer
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 15/35
Using Onion RoutingFour Steps:
Define the routeConstruct the anonymous connection
Move data through the connection
Destroy the anonymous connection
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 16/35
Defining the RouteThe Initiators Proxy, W, makes an
Onion:
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 17/35
Constructing theAnonymous Connection
The Onion moves between Onion Routers.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 18/35
Moving Data Forward
The Initiators Onion Routing Proxy repeatedly encrypts the data
Each Onion Router removes one layer of cryption
The Responders Onion Routing Proxy forwards the plaintext to
the Responder.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 19/35
Moving Data Backward
This is just the reverse of sending data forward.
Each Onion Router adds one layer of cryption
The Initiators Onion Routing Proxy removes the layers
of cryption and forwards the plaintext to the Initiator.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 20/35
Destroying the Anonymous
ConnectionDestroy Messages
• are forwarded along the connection
• cleaning up tables along the way
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 21/35
Reply Onions
An Initiators Onion Routing
Proxy can create a Reply
Onion that defines a routeback to him.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 22/35
Simple blockdiagram of
TOR
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 23/35
System Consideration:We will examine current anonymizing networks andpayment schemes. The current payment schemes, whenapplied to onion routing schemes, fail to Maintain
anonymizing network properties, while our hybrid schemesucceeds.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 24/35
Payment Analysis: Identity-bound Payment Schemes
Identity-bound payments constitute signed endorsements from the
payer to the payee. Accountability and robustness are the two mainfeatures of this class. The micropayment scheme is an example of an Identity-bound payment.
This analysis indicates that having identity-bound coins reveals toomuch information, enabling an adversary with access to paymentinformation to break the system’s anonymity using simple
inference techniques.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 25/35
Payment Analysis.Anonymous Payment Schemes
In this scheme, the payment does not carryany identification information of its initial
owner. Chaum’s Digital cash and the laterversions of Tunstall et al. and Camenisch etal. are perfect examples of such anonymouspayment schemes.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 26/35
Our Contribution: HybridApproach
Both of the two classes of payment schemes have advantagesand disadvantages. Our approach creates a hybrid payment
scheme by combining the two payments methods into asingle one. In particular, nodes outside the anonymizing network
withdraw an initial number of anonymous coins (A-mcoins)from the Bank and use them to pay the first node in the Tor-path (TL) they have chosen. TL then uses micropayments3to pay TL−1, who also uses micropayments to pay its
neighbor. Each time, theamount of money paid decreases according to each node’sprice.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 27/35
A Hybrid PaymentScheme
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 28/35
A Hybrid PaymentSchemeSender-Receiver Unlinkability Usable Efficiency
Accountability. Payment Coins S-coins(Signed microcoins): S-coins are generated
and used for payments between Tor participants. A-coins (Anonymous coins):A-coins use the idea of
e-cash ([6]). They are generated by the Bank upon
users’ requests. Users outside Tor buy apredetermined number of A-coins from the Bank andpay with them for using the anonymizing network.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 29/35
Onion Routing: CapabilitiesThe idea of onion routing (OR) is to protect the privacy of
the sender and recipient of a message, while also providingprotection for message content as it traverses a network.Onion routing accomplishes this according to the principle of Chaum's mix cascades
The advantage of onion routing (and mix cascades ingeneral) is that it is not necessary to trust each cooperatingrouter; if one or more routers are compromised,anonymous communication can still be achieved.
Onion routing does not provide perfect sender or receiveranonymity against all possible eavesdroppers—that is, it ispossible for a local eavesdropper to observe that anindividual has sent or received a message
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 30/35
Onion routing - Pros andConsAdvantages
-Simplicity-Offers protection for
sender, receiver and
-message content
-Can offer low latency
Disadvantages
-Does not defendagainst globalobserver
-Vulnerable to timinganalysis
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 31/35
Implementation
Working Onion Routing prototype.
Proxies for:
Web browsing (HTTP)
Remote login (RLOGIN)
e-mail (SMTP)
File transfer (FTP)and anonymizing Web and mail proxies.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 32/35
Performance
5 Onion Routers running on a single
UltraSparc 2270.
Connection setup: 0.5 secondcryptographic overhead.
(This cost can be amortized by using
sockets for longer connections.)
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 33/35
Weaknesses 1)it does not provide much to defend against timing analysis.
If an attacker observes a relatively under-loaded onion router,he or she can link incoming/outgoing messages by observinghow close together in time they are received and re-sent
2)Onion routing networks are also vulnerable to intersectionattacks and predecessor attacks.
3) In a predecessor attack , an attacker who controls an onionrouter keeps track of a session as it occurs over multiple pathreformations (paths are periodically torn down and rebuilt).
4) Onion routing exit nodes give the operator complete accessto the content being transmitted (via sniffing) and thereforethe onion network should not be used to transmit sensitive
information. A Swedish researcher, Dan Egerstad, was able tocollect over one hundred foreign embassy email accountpasswords using a sniffing attack.
8/14/2019 Par Payment for Anonymous Routing
http://slidepdf.com/reader/full/par-payment-for-anonymous-routing 34/35
Conclusion• To be effective, Onion Routing must
be widely used.• Onion Routing supports a wide variety of
unmodified services using proxies.• Anonymity is placed at the application
layer.