Track: Tor

Part of:
12:45 PM, Wednesday 15 Jul 2020 EDT (1 hour 40 minutes)
Hallway Track : Meet me at the Beach!   02:25 PM to 02:55 PM (30 minutes)

Use the red “Join on YouTube” button above to join the livestream. If you cannot see this button, make sure you are logged in (see the upper-right corner of your screen).

Session Chair: Wouter Lueks

  • Privacy Preserving Detection of Path Bias Attacks in Tor

    Lauren Watson (University of Edinburgh), Anupam Mediratta (University of Edinburgh), Tariq Elahi (University of Edinburgh), and Rik Sarkar (University of Edinburgh)

    Pre-recorded presentation

    SummaryAnonymous communication networks like Tor are vulnerable to attackers that control entry and exit nodes. Such attackers can compromise the essential anonymity and privacy properties of the network. In this paper, we consider the path bias attack-- where the attacker induces a client to use compromised nodes and thus links the client to their destination. We describe an efficient scheme that detects such attacks in Tor by collecting routing telemetry data from nodes in the network. The data collection is differentially private and thus does not reveal behaviour of individual users even to nodes within the network.

    We show provable bounds for the sample complexity of the scheme and describe methods to make it resilient to introduction of false data by the attacker to subvert the detection process. Simulations based on real configurations of the Tor network show that the method works accurately in practice.

  • T0RTT: Non-Interactive Immediate Forward-Secure Single-Pass Circuit Construction

    Sebastian Lauer (Ruhr University Bochum), Kai Gellert (Paderborn University), Robert Merget (Ruhr University Bochum), Tobias Handirk (Paderborn University), and Jörg Schwenk (Ruhr University Bochum)

    Pre-recorded presentation

    SummaryMaintaining privacy on the Internet with the presence of powerful adversaries such as nation-state attackers is a challenging topic, and the Tor project is currently the most important tool to protect against this threat. The circuit construction protocol (CCP) negotiates cryptographic keys for Tor circuits, which overlay TCP/IP by routing Tor cells over n onion routers. The current circuit construction protocol provides strong security guarantees such as forward secrecy by exchanging O(n^2) messages. For several years it has been an open question if the same strong security guarantees could be achieved with less message overhead, which is desirable because of the inherent latency in overlay networks. Several publications described CCPs which require only O(n) message exchanges, but significantly reduce the security of the resulting Tor circuit. It was even conjectured that it is impossible to achieve both message complexity O(n) and forward secrecy immediately after circuit construction (so-called immediate forward secrecy). Inspired by the latest advancements in zero round-trip time key exchange (0-RTT), we present a new CCP protocol Tor 0-RTT (T0RTT). Using modern cryptographic primitives such as puncturable encryption allow to achieve immediate forward secrecy using only O(n) messages. We implemented these new primitives to give a first indication of possible problems and how to overcome them in order to build practical CCPs with O(n) messages and immediate forward secrecy in the future.

  • The Road Not Taken : Re-thinking The Feasibility of Voice Calling Over Tor

    Piyush Sharma (IIIT Delhi), Shashwat Chaudhary (IIIT Delhi), Nikhil Hassija (IIIT Delhi), Mukulika Maity (IIIT Delhi), and Sambuddho Chakravarty (IIIT Delhi)

    Pre-recorded presentation

    SummaryAnonymous VoIP calls over the Internet holds great significance for privacy-conscious users, whistle-blowers and political activists alike. Prior research deems popular anonymization systems like Tor unsuitable for providing the requisite performance guarantees that real-time applications like VoIP need. Moreover, conclusions from these studies led researchers to propose novel and tailored solutions. However, no such system is available for immediate use. It thus becomes an imperative that the exact performance of VoIP over Tor be quantified and analyzed, so that the potential performance bottlenecks can be amended. We thus conducted an extensive empirical study to shed light on VoIP performance over Tor. In >0.5 million calls spanning 12 months, across seven countries and covering about 6650 Tor relays, we observed that Tor supports good voice quality. Further analysis indicates that in general for most Tor relays, the contentions due to cross-traffic were low enough to support VoIP calls, that are anyways transmitted at low rates (<120 Kbps).

  • Scaling Up Anonymous Communication with Efficient Nanopayment Channels

    Florentin Rochet (Uclouvain Crypto Group), Thien-Nam Dinh (Sandia), Olivier Pereira (Uclouvain Crypto Group), and Dan Wallach (Rice University)

    Pre-recorded presentation

    SummaryTor, the most widely used and well-studied traffic anonymization network in the world, suffers from limitations in its network diversity and performance. We propose to mitigate both problems simultaneously through the introduction of a premium bandwidth mar-ket between clients and relays. To this end, we present moneTor: incentivizing nodes to join and support Tor by giving them anonymous payments from Tor users. Our approach uses efficient cryptographic nanopayments de-livered alongside regular Tor traffic. Our approach also gives a degree of centralized control, allowing Tor’s managers to shape the economy created by these payments. In this paper, we present a novel payment algorithm as well as a data-driven simulation and evaluation of its costs and benefits. The results show that moneTor is both feasible and flexible, offering upwards of 100% improvements in differentiated bandwidth for paying users with near optimal throughput and latency overheads.

Who's Attending 

  • 20 other(s)
Session detail
Allows attendees to send short textual feedback to the organizer for a session. This is only sent to the organizer and not the speakers.
To respect data privacy rules, this option only displays profiles of attendees who have chosen to share their profile information publicly.

Changes here will affect all session detail pages