Slide 1

Memory-based DoS and Deanonymization Attacks on Tor DCAPS Seminar October 11 th, 2013 Rob Jansen U.S. Naval Research Laboratory rob.g.jansen@nrl.navy.mil *Joint with Aaron Johnson, Florian Tschorsch, Bjrn Scheuermann

Slide 2

The Tor Anonymity Network torproject.org

Slide 3

How Tor Works

Slide 4

Slide 5

Slide 6

Slide 7

Tor protocol aware

Slide 8

Tor Flow Control exit entry

Slide 9

Tor Flow Control One TCP Connection Between Each Relay, Multiple Circuits exit entry

Slide 10

Tor Flow Control One TCP Connection Between Each Relay, Multiple Circuits Multiple Application Streams exit entry

Slide 11

Tor Flow Control No end-to-end TCP! exit entry

Slide 12

Tor Flow Control Tor protocol aware exit entry

Slide 13

Tor Flow Control Packaging End Delivery End exit entry

Slide 14

Tor Flow Control Packaging End Delivery End exit entry

Slide 15

Tor Flow Control 1000 Cell Limit SENDME Signal Every 100 Cells exit entry

Slide 16

Outline The Sniper Attack Low-cost memory consumption attack that disables arbitrary Tor relays Deanonymizing Hidden Services Using DoS attacks for deanonymization Countermeasures

Slide 17

The Sniper Attack Start Download Request exit entry

Slide 18

The Sniper Attack Reply DATA exit entry

Slide 19

The Sniper Attack Package and Relay DATA DATA exit entry

Slide 20

The Sniper Attack DATA Stop Reading from Connection DATA R exitentry

Slide 21

The Sniper Attack DATA R exit entry Flow Window Closed

Slide 22

The Sniper Attack DATA Periodically Send SENDME SENDME R DATA exit entry

Slide 23

The Sniper Attack DATA Periodically Send SENDME SENDME R DATA exit entry Flow Window Opened

Slide 24

The Sniper Attack DATA R exit entry DATA Out of Memory, Killed by OS

Slide 25

The Sniper Attack DATA R exit entry DATA Use Tor to Hide

Slide 26

Memory Consumed over Time

Slide 27

Mean RAM Consumed, 50 Relays

Slide 28

Mean BW Consumed, 50 Relays

Slide 29

Speed of Sniper Attack DirectAnonymous Relay GroupsSelect %1 GiB8 GiB1 GiB8 GiB Top Guard1.7 Top 5 Guards6.5 Top 20 Guards19 Top Exit3.2 Top 5 Exits13 Top 20 Exits35 Path Selection Probability Network Capacity

Slide 30

Speed of Sniper Attack DirectAnonymous Relay GroupsSelect %1 GiB8 GiB1 GiB8 GiB Top Guard1.70:010:180:020:14 Top 5 Guards6.50:081:030:121:37 Top 20 Guards190:455:581:078:56 Top Exit3.20:010:080:010:12 Top 5 Exits130:050:370:070:57 Top 20 Exits350:293:500:445:52 Time (hours:minutes) to Consume RAM

Slide 31

Speed of Sniper Attack DirectAnonymous Relay GroupsSelect %1 GiB8 GiB1 GiB8 GiB Top Guard1.70:010:180:020:14 Top 5 Guards6.50:081:030:121:37 Top 20 Guards190:455:581:078:56 Top Exit3.20:010:080:010:12 Top 5 Exits130:050:370:070:57 Top 20 Exits350:293:500:445:52 Time (hours:minutes) to Consume RAM

Slide 32

Speed of Sniper Attack DirectAnonymous Relay GroupsSelect %1 GiB8 GiB1 GiB8 GiB Top Guard1.70:010:180:020:14 Top 5 Guards6.50:081:030:121:37 Top 20 Guards190:455:581:078:56 Top Exit3.20:010:080:010:12 Top 5 Exits130:050:370:070:57 Top 20 Exits350:293:500:445:52 Time (hours:minutes) to Consume RAM

Slide 33

Outline The Sniper Attack Low-cost memory consumption attack that disables arbitrary Tor relays Deanonymizing Hidden Services Using DoS attacks for deanonymization Countermeasures

Slide 34

Hidden Services HS User wants to hide service

Slide 35

Hidden Services entry IP HS chooses and publishes introduction point IP HS

Slide 36

Hidden Services entry IP HS Learns about HS on web

Slide 37

entry Hidden Services entry IP HS Builds Circuit to Chosen Rendezvous Point RP RP

Slide 38

entry Hidden Services entry IP HS Notifies HS of RP through IP RP entry RP

Slide 39

entry Hidden Services entry IP HS RP

Slide 40

entry Hidden Services entry IP HS Build New Circuit to RP RP entry RP

Slide 41

entry Hidden Services entry IP HS Communicate! RP entry RP

Slide 42

entry Deanonymizing Hidden Services HS RP

Slide 43

entry Deanonymizing Hidden Services HS RP Also runs a guard relay

Slide 44

entry Deanonymizing Hidden Services entry HS RP Build New Circuit to RP

Slide 45

entry Deanonymizing Hidden Services entry HS RP S&P 2006, S&P 2013

Slide 46

entry Deanonymizing Hidden Services entry HS RP S&P 2013 PADDIN G Send 50 Padding Cells

Slide 47

entry Deanonymizing Hidden Services entry HS RP Identify HS entry if cell count = 52 S&P 2013

Slide 48

entry Deanonymizing Hidden Services entry HS RP Sniper Attack, or any other DoS

Slide 49

entry Deanonymizing Hidden Services HS RP Choose new Entry Guard

Slide 50

entry Deanonymizing Hidden Services HS RP

Slide 51

entry Deanonymizing Hidden Services HS RP S&P 2006, S&P 2013

Slide 52

entry Deanonymizing Hidden Services HS RP Send 50 Padding Cells S&P 2013 PADDIN G

Slide 53

entry Deanonymizing Hidden Services HS RP Identify HS if cell count = 53 S&P 2013

Slide 54

Outline The Sniper Attack Low-cost memory consumption attack that disables arbitrary Tor relays Deanonymizing Hidden Services Using DoS attacks for deanonymization Countermeasures

Slide 55

Countermeasures Sniper Attack Defenses Authenticated SENDMEs Queue Length Limit Adaptive Circuit Killer Deanonymization Defenses Entry-guard Rate-limiting Middle Guards

Slide 56

Questions? cs.umn.edu/~jansen rob.g.jansen@nrl.navy.mil think like an adversary

Slide 57

Speed of Deanonymization Guard BW (MiB/s) Guard Probability (%) Average # Rounds Average # Sniped Average Time (h) 1 GiB Average Time (h) 8 GiB 8.410.486613346279 16.650.97397923149 31.651.924481384 66.043.81326644 96.615.4919531 1 GiB/s Relay Can Deanonymize HS in about a day

Slide 58

Circuit Killer Defense

Slide 59

The Sniper Attack exit entry exitentry Single Adversary

Slide 60

The Sniper Attack exit entry exitentry Anonymous Tunnel

Slide 61

The Sniper Attack exit entry exitentry

Slide 62

The Sniper Attack exit entry exitentry DATA

Slide 63

The Sniper Attack exit entry exitentry DATA R

Slide 64

The Sniper Attack exit entry exitentry DATA R Flow Window Closed

Slide 65

The Sniper Attack exit entry exitentry DATA R R

Slide 66

The Sniper Attack exit entry exitentry DATA R R

Slide 67

The Sniper Attack exit entry exitentry DATA R R Killed by OS DATA