Proving Security of Tor ’ s Hidden Service Identity Blinding Protocol
نویسنده
چکیده
Tor’s Hidden Services allow a server to offer a service anonymously through the Tor network. Hidden Services are associated with an identity key and need to publish descriptors that allow clients to locate introduction points to which the hidden service has already established anonymous circuits. As Biryukov et al. show [2], in the current Hidden Service design, a Tor Node that is in position to publish the descriptor for a hidden service can learn the identity key of the service and launch further attacks that could allow it to de-anonymize the service. This report analyzes the security of a new design proposed by Robert Ransom [3] and specified in full as Tor Proposal 224 to eliminate these attacks.
منابع مشابه
BLIND: A Complete Identity Protection Framework for End-Points (Transcript of Discussion)
In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and e...
متن کاملBLIND: A Complete Identity Protection Framework for End-points
In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and e...
متن کاملWhen A Small Leak Sinks A Great Ship: Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis
With the rapid increase of threats on the Internet, people are continuously seeking privacy and anonymity. Services such as Bitcoin and Tor were introduced to provide anonymity for online transactions and Web browsing. Due to its pseudonymity model, Bitcoin lacks retroactive operational security, which means historical pieces of information could be used to identify a certain user. We investiga...
متن کاملA Neural Network Based Intrusion Detection and User Identification System for Tor Networks: Performance Evaluation for Different Number of Hidden Units using Friedman Test
Due to the amount of anonymity afforded to users of the Tor infrastructure, Tor has become a useful tool for malicious users. With Tor, the users are able to compromise the non-repudiation principle of computer security. Also, the potentially hackers may launch attacks such as DDoS or identity theft behind Tor. For this reason, there are needed new systems and models to detect the intrusion in ...
متن کاملChallenges in Protecting Tor Hidden Services from Botnet Abuse
In August 2013, the Tor network experienced a sudden, drastic reduction in performance due to the Mevade/Sefnit botnet. This botnet ran its command and control server as a Tor hidden service, so that all infected nodes contacted the command and control through Tor. In this paper, we consider several protocol changes to protect Tor against future incidents of this nature, describing the research...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013