1 \documentclass[handout
]{beamer
}
3 \usepackage[utf8
]{inputenc}
7 \lstloadlanguages{lisp
}
9 \usetikzlibrary{svg.path,positioning,intersections
}
10 \usepgflibrary{shapes.geometric
}
11 \usepgflibrary{shapes.misc
}
12 \usepgflibrary{shapes.symbols
}
14 \usepgflibrary{shapes
}
15 \usetikzlibrary{shapes,decorations,shadows
}
16 \usetikzlibrary{decorations.pathmorphing
}
17 \usetikzlibrary{decorations.shapes
}
18 \usetikzlibrary{fadings
}
19 \usetikzlibrary{patterns
}
21 \tikzstyle{netdb
}=
[anchor=center,
color=black,rectangle,draw,minimum
22 size=
.6em,minimum height=
.2em
]
23 \tikzstyle{client
}=
[fill=i4gray,rectangle,draw
]
24 \tikzstyle{chain
}=
[rectangle,draw,minimum size=
1em,minimum height=
.5em
]
25 \tikzstyle{arrow
}=
[->,thick,draw,shorten <=
2pt,shorten >=
2pt,
]
26 \tikzstyle{tunnel
}=
[fill=gray,shape=ellipse,minimum size=
4em,minimum height=
1.1em
]
28 \newcommand{\iip}[1]{\textcolor{i4red
}{#1}}
30 \author[Christoph Egger
]{{\bf Christoph Egger
}, Johannes Schlumberger, Christopher
31 Kruegel, Giovanni Vigna
}
32 \title{Practical Attacks Against The I2P Network
}
33 \institute{Friedrich-Alexander University Erlangen-Nuremberg\\
34 University of California, Santa Barbara
}
35 \date{October
25,
2013}
42 \includegraphics[width=
0.2\paperwidth]{ucsbseal
}
44 \includegraphics[width=
0.25\paperwidth]{streifenlogo
}
51 \begin{block
}{What is I2P?
}
54 \item Network Database
55 \item \textcolor{gray
}{Floodfill Participation
}
59 \begin{block
}{Attacks
}
61 \item \textcolor{gray
}{Floodfill Takeover Attack
}
63 \item \textcolor{gray
}{Eclipse Attack
}
64 \item Deanonymization Attack
67 \begin{block
}{Evaluation
}
69 \item \textcolor{gray
}{Floodfill Takeover Attack
}
71 \item \textcolor{gray
}{Eclipse Attack
}
72 \item Deanonymization Attack
75 \begin{block
}{Conclusions
}
78 \item I2P Improvements
79 \item \textcolor{gray
}{Related Work
}
86 \frametitle{Introduction I2P
}
87 \begin{itemize
}\addtolength{\itemsep}{1\baselineskip}
88 \item Solution for anonymous Communication
89 \item Separated from the ``Internet'' --
\emph{Darknet
}
90 \item Fully distributed Design
91 \item Based on Onion Routing
92 \item Between
18,
000 and
28,
000 active users
101 \item Handle Connections
102 \item Provide Name Services
106 \begin{block
}{Applications
}
108 \item Server, Client or P2P Software
109 \item Sockets interface with TCP-like or UDP-like Semantics
115 \begin{tikzpicture
}[scale=
1.2]
116 \tikzstyle{every node
}=
[font=
\small]
117 \node[minimum width=
9em,minimum height=
9em,draw=gray
](clientpc) at (
25mm,
9mm)
{};
118 \node[above=
0mm of clientpc.south
] {User's Computer
};
119 \node[cloud,drop shadow,fill=white,draw,minimum
120 width=
4.5em,minimum height=
2.5em
](ip) at (
22mm,
30mm)
{I2P
};
121 \node[client
](client) at (
22mm,
18mm)
{I2P Router
};
122 \node[rectangle,draw,below=
0mm of client.south east
](app1)
{Application
};
123 \node[rectangle,draw,below=
0mm of app1.south
](app2)
{Application
};
124 \node[rectangle,draw,below=
0mm of app2.south
](app3)
{Application
};
126 \path[arrow
] (app1.west) -| (
[xshift=
3.5mm
]client.south west);
127 \path[arrow
] (app2.west) -| (
[xshift=
2.5mm
]client.south west);
128 \path[arrow
] (app3.west) -| (
[xshift=
1.5mm
]client.south west);
129 \path[arrow
] (
[xshift=
.5mm
]client.north) -- (
[xshift=
.5mm
]ip.south);
130 \path[arrow
] (
[xshift=-
.5mm
]ip.south) -- (
[xshift=-
.5mm
]client.north);
140 \item using onion-routing for anonymity
142 \item paired for bi-directional communication
144 \begin{block
}{Client Tunnels
}
146 \item Used for Data Interactions
147 \item Several pro Application
151 \begin{block
}{Exploratory Tunnels
}
153 \item Used for Database interaction
154 \item 2 to
3 per Node
160 \frametitle{Network Database
}
162 \item<
1-> Kademlia-like DHT based on
\texttt{XOR
}-distance run on
164 \item<
2->
\iip{databaseRecord
}\\
165 Information named using a hash over their cryptographic Keys
166 \item<
3->
\iip{storageLocation
}\\
167 Hash over name and today's date
168 \item<
4->
\iip{routerInfo
}\\
169 Peer information: IP address, Port, Protocol, Keys
170 \item<
5->
\iip{leaseSet
}\\
171 Service Information: Entry tunnels, Keys
173 % \begin{multicols}{2}
174 % \begin{block}{\iip{routerInfo}}
176 % \item Peer information: IP address, Port, Protocol, Keys
179 % \begin{block}{\iip{leaseSet}}
181 % \item Service Information: Entry tunnels, Keys
186 % % \begin{tikzpicture}
187 % % \node[draw,rectangle split, rectangle split parts=2] (lease) at (-3em,0) {\iip{leaseSet}\nodepart{second}\tiny{Keys}};
188 % % \node[draw,rectangle split, rectangle split parts=2] (router) at (3em,0) {\iip{routerInfo}\nodepart{second}\tiny{Keys}};
189 % % \node[draw,ellipse] (hashfn1) at (0,-3em) {\tiny{SHA256}};
190 % % \node[draw,rectangle] (hash1) at (0,-5.5em) {\iip{resourceIdentifier}};
191 % % \node[draw,rectangle,right=-0.1mm of hash1.east] (day) {Date};
193 % % \node[draw,ellipse] (hashfn1) at (0,-8em) {\tiny{SHA256}};
194 % % \node[draw,rectangle] (resID) at (0,-10.5em) {\iip{storageLocation}};
195 % % \end{tikzpicture}
201 \frametitle{Sample Interaction
}
204 \begin{tikzpicture
}[scale=
1.2]
205 \tikzstyle{every node
}=
[font=
\small]
207 \foreach \sector in
{%
208 0,
1,
2,
3,
4,
5,
6,
7,
8,
9}%
210 \node[netdb,cylinder, shape border
211 rotate=
90,fill=orange!
50!white
](node
\sector) at (
{36 * (-
\sector +
212 .6)
} :
10.5mm)
{\sector};
214 \node at (
0,
0)
{netDB
};
216 \node[minimum width=
9.5em,minimum
217 height=
5em,draw=black,thick,fill=yellow!
60!white,rounded corners
](clientpc) at (
27.5mm,
9mm)
{};
218 \node[client
](client) at (
30.5mm,
12mm)
{Server Router
};
219 \node[rectangle,draw,below=
0mm of client.south west
] {Application
};
220 \node[above=
0mm of clientpc.south
] {Server's System
};
222 \node[minimum width=
9.5em,minimum
223 height=
5em,draw=black,thick,fill=yellow!
60!white,rounded corners
](clientpc) at (-
38mm,
9mm)
{};
224 \node[client
](server) at (-
42mm,
12mm)
{Client Router
};
225 \node[rectangle,draw,below=
0mm of server.south east
] {Application
};
226 \node[above=
0mm of clientpc.south
] {Client's System
};
227 % client client tunnel
228 \node[chain,minimum size=
7em,minimum
229 height=
3em,draw=none,fill=green!
30!white,rounded corners
](tunnel) at (
16mm,
22.5mm)
{};
230 \node[above=
0mm of tunnel.north
] {Server's data tunnel pair
};
231 % \node[tunnel,minimum width=9.5em] at (16mm, 19mm) {};
232 % \node[tunnel,minimum width=9.5em] at (16mm, 22mm) {};
234 \node[chain,top
color=white,bottom
color=green
] (cco1) at (
23mm,
21mm)
{};
235 \path[arrow
] (
[xshift=
4mm
]client.north) |- (cco1.east);
236 \node[chain,top
color=white,bottom
color=green
] (cco2) at (
16mm,
21mm)
{};
237 \path[arrow
] (cco1.west) -- (cco2.east);
238 \node[chain,top
color=white,bottom
color=green
] (cco3) at (
9mm,
21mm)
{};
239 \path[arrow
] (cco2.west) -- (cco3.east);
240 \node[chain,top
color=white,bottom
color=green
] (cci1) at (
23mm,
24mm)
{};
241 \path[arrow
] (cci1.east) -| (
[xshift=
5mm
]client.north);
242 \node[chain,top
color=white,bottom
color=green
] (cci2) at (
16mm,
24mm)
{};
243 \path[arrow
] (cci2.east) -- (cci1.west);
244 \node[chain,top
color=white,bottom
color=green
] (cci3) at (
9mm,
24mm)
{};
245 \path[arrow
] (cci3.east) -- (cci2.west);
246 % server client tunnel
247 \node[chain,minimum size=
7em,minimum
248 height=
3em,draw=none,fill=green!
30!white,rounded corners
](tunnel) at (-
30mm,
22.5mm)
{};
249 \node[above=
0mm of tunnel.north
] {Client's data tunnel pair
};
250 % \node[tunnel,minimum width=9.5em] at (-34mm, 19mm) {};
251 % \node[tunnel,minimum width=9.5em] at (-34mm, 22mm) {};
253 \node[chain,top
color=white,bottom
color=green
] (csi1) at (-
37mm,
21mm)
{};
254 \path[arrow,<-
] (
[xshift=-
4mm
]server.north) |- (csi1.west);
255 \node[chain,top
color=white,bottom
color=green
] (csi2) at (-
30mm,
21mm)
{};
256 \path[arrow,<-
] (csi1.east) -- (csi2.west);
257 \node[chain,top
color=white,bottom
color=green
] (csi3) at (-
23mm,
21mm)
{};
258 \path[arrow,<-
] (csi2.east) -- (csi3.west);
259 \node[chain,top
color=white,bottom
color=green
] (cso1) at (-
37mm,
24mm)
{};
260 \path[arrow,<-
] (cso1.west) -| (
[xshift=-
5mm
]server.north);
261 \node[chain,top
color=white,bottom
color=green
] (cso2) at (-
30mm,
24mm)
{};
262 \path[arrow,<-
] (cso2.west) -- (cso1.east);
263 \node[chain,top
color=white,bottom
color=green
] (cso3) at (-
23mm,
24mm)
{};
264 \path[arrow,<-
] (cso3.west) -- (cso2.east);
265 % client exploratory tunnel
266 \node[chain,minimum size=
6em,minimum
267 height=
3em,draw=none,fill=blue!
30!white,rounded corners
](tunnel) at (-
32.5mm,-
6.5mm)
{};
268 \node[below=
0mm of tunnel.south,align=center
] {Client's exploratory\
\tunnel pair
};
269 % \node[tunnel,minimum width=7.5em] at (-36.5mm, 0mm) {};
270 % \node[tunnel,minimum width=7.5em] at (-36.5mm, -3mm) {};
272 \node[chain,top
color=white,bottom
color=blue
] (eo1) at (-
36mm, -
5mm)
{};
273 \path[arrow
] (
[xshift=-
4mm
]server.south) |- (eo1.west);
274 \node[chain,top
color=white,bottom
color=blue
] (ei1) at (-
36mm, -
8mm)
{};
275 \path[arrow,<-
] (
[xshift=-
5mm
]server.south) |- (ei1.west);
276 \node[chain,top
color=white,bottom
color=blue
] (eo2) at (-
29mm, -
5mm)
{};
277 \path[arrow
] (eo1.east) -- (eo2.west);
278 \node[chain,top
color=white,bottom
color=blue
] (ei2) at (-
29mm, -
8mm)
{};
279 \path[arrow,<-
] (ei1.east) -- (ei2.west);
281 \draw[arrow,bend right=
20,dashdotted
] (eo2.east) to node
[above=
.8em,align=center
] {service\
\lookup} (node4.west);
282 \draw[arrow,bend right=
10,<-,dashdotted
] (ei2.east) to node
{} (
[yshift=-
1mm
]node4.west);
284 \draw[arrow,bend left=
15,dashdotted
] (cco3.west) to node
{} (csi3.east);
285 \draw[arrow,bend right=
15,dashdotted
] (cci3.west) to node
{} (cso3.east);
286 \node at (-
9mm,
22.5mm)
{Data connection
};
288 % \foreach \sector in {%
289 % 0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
291 % \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 10mm) {\sector};
293 % \node at (0, 0) {netDB};
295 % \node[client](client) at (28mm, 12mm) {Server Router};
296 % \node[rectangle,draw,below=0mm of client.south west] {Application};
297 % \node[minimum width=7em,minimum height=4em,draw=gray](clientpc) at (25mm,9mm) {};
298 % \node[above=0mm of clientpc.south] {Server's System};
300 % \node[client](server) at (-42mm, 12mm) {Client Router};
301 % \node[rectangle,draw,below=0mm of server.south east] {Application};
302 % \node[minimum width=7em,minimum height=4em,draw=gray](clientpc) at (-38mm,9mm) {};
303 % \node[above=0mm of clientpc.south] {Client's System};
304 % % client client tunnel
305 % \node[chain,minimum size=6.5em,minimum height=2em,draw=gray](tunnel) at (16mm,20.5mm) {};
306 % \node[above=0mm of tunnel.north] {Server's data tunnel pair};
307 % % \node[tunnel,minimum width=9.5em] at (16mm, 19mm) {};
308 % % \node[tunnel,minimum width=9.5em] at (16mm, 22mm) {};
310 % \node[chain] (cco1) at (23mm, 19mm) {};
311 % \path[arrow] ([xshift=4mm]client.north) |- (cco1.east);
312 % \node[chain] (cco2) at (16mm, 19mm) {};
313 % \path[arrow] (cco1.west) -- (cco2.east);
314 % \node[chain] (cco3) at (9mm, 19mm) {};
315 % \path[arrow] (cco2.west) -- (cco3.east);
316 % \node[chain] (cci1) at (23mm, 22mm) {};
317 % \path[arrow] (cci1.east) -| ([xshift=5mm]client.north);
318 % \node[chain] (cci2) at (16mm, 22mm) {};
319 % \path[arrow] (cci2.east) -- (cci1.west);
320 % \node[chain] (cci3) at (9mm, 22mm) {};
321 % \path[arrow] (cci3.east) -- (cci2.west);
322 % % server client tunnel
323 % \node[chain,minimum size=6.5em,minimum height=2em,draw=gray](tunnel) at (-30mm,20.5mm) {};
324 % \node[above=0mm of tunnel.north] {Client's data tunnel pair};
325 % % \node[tunnel,minimum width=9.5em] at (-34mm, 19mm) {};
326 % % \node[tunnel,minimum width=9.5em] at (-34mm, 22mm) {};
328 % \node[chain] (csi1) at (-37mm, 19mm) {};
329 % \path[arrow,<-] ([xshift=-4mm]server.north) |- (csi1.west);
330 % \node[chain] (csi2) at (-30mm, 19mm) {};
331 % \path[arrow,<-] (csi1.east) -- (csi2.west);
332 % \node[chain] (csi3) at (-23mm, 19mm) {};
333 % \path[arrow,<-] (csi2.east) -- (csi3.west);
334 % \node[chain] (cso1) at (-37mm, 22mm) {};
335 % \path[arrow,<-] (cso1.west) -| ([xshift=-5mm]server.north);
336 % \node[chain] (cso2) at (-30mm, 22mm) {};
337 % \path[arrow,<-] (cso2.west) -- (cso1.east);
338 % \node[chain] (cso3) at (-23mm, 22mm) {};
339 % \path[arrow,<-] (cso3.west) -- (cso2.east);
340 % % client exploratory tunnel
341 % \node[chain,minimum size=4.5em,minimum height=2em,draw=gray](tunnel) at (-32.5mm,-3.5mm) {};
342 % \node[below=0mm of tunnel.south,align=center] {Client's exploratory\\tunnel pair};
343 % % \node[tunnel,minimum width=7.5em] at (-36.5mm, 0mm) {};
344 % % \node[tunnel,minimum width=7.5em] at (-36.5mm, -3mm) {};
346 % \node[chain] (eo1) at (-36mm, -2mm) {};
347 % \path[arrow] ([xshift=-4mm]server.south) |- (eo1.west);
348 % \node[chain] (ei1) at (-36mm, -5mm) {};
349 % \path[arrow,<-] ([xshift=-5mm]server.south) |- (ei1.west);
350 % \node[chain] (eo2) at (-29mm, -2mm) {};
351 % \path[arrow] (eo1.east) -- (eo2.west);
352 % \node[chain] (ei2) at (-29mm, -5mm) {};
353 % \path[arrow,<-] (ei1.east) -- (ei2.west);
355 % \draw[arrow,bend right=20,dashdotted] (eo2.east) to node[above=.8em,align=center] {service\\lookup} (node4.west);
356 % \draw[arrow,bend right=10,<-,dashdotted] (ei2.east) to node {} ([yshift=-1mm]node4.west);
358 % \draw[arrow,bend left=15,dashdotted] (cco3.west) to node {} (csi3.east);
359 % \draw[arrow,bend right=15,dashdotted] (cci3.west) to node {} (cso3.east);
360 % \node at (-9mm,20.5mm) {Data connection};
366 \frametitle{Thread Model
}
367 \begin{itemize
}\addtolength{\itemsep}{1\baselineskip}
368 \item Implicitly specified in terms of attacks considered
369 \item Only allows local adversaries: No global view about traffic
370 passing through the network
371 \item Only allows limited number of malicious nodes -- around
20\,\%
372 of
\iip{netDB
} super-nodes and
20\,\% of total nodes
373 \item Secure cryptographic primitives
379 \frametitle{Sybil Attack
}
380 \begin{block
}{Definition
}
381 In a Sybil Attack, the adversary utilizes multiple identities to
382 break assumptions about the system
385 Gaining control over parts of the keyspace in the
\iip{netDB
} with
388 \begin{block
}{Challenge
}
389 Active identities require considerable resources to be useful
391 \begin{block
}{Solution
}
392 Compute a large pool of identities and only activate the relevant ones
397 \frametitle{Deanonymizing Users
}
399 Given an user Alice and a resource R, we want to confirm or refute
400 Alice using R with high probability.
402 \begin{block
}{Vulnerability
}
404 \item<
2-> Nodes store their
\iip{routerInfo
} directly in the
\iip{netDB
}
405 \item<
3-> Nodes verify the storage
20 seconds later using one of their
406 \iip{exploratory Tunnels
}
407 \item<
4-> Nodes use the same
\iip{exploratory Tunnel
} again for
414 \frametitle{Deanonymizing Users
}
417 \begin{tikzpicture
}[scale=
1.4]
419 \foreach \sector in
{%
420 0,
1,
2,
3,
4,
5,
6,
7,
8,
9}%
422 \node[netdb,cylinder, shape border rotate=
90,fill=orange!
50!white
](node
\sector) at (
{36 * (-
\sector +
.5)
} :
12mm)
{\sector};
424 \node at (
0,
0)
{netDB
};
426 \node[client
](client) at (-
45mm,
12mm)
{Client
};
428 \draw[arrow,bend left=
5,dashdotted
] (client.north east) to node
[above
] {store
} (node7.north west);
429 \draw[arrow,<-,bend left=
5,dashdotted
] (client.east) to node
{} (node7.west);
431 \draw[arrow,draw,bend right=
15] (node7.south east) to node
{} (node8.south west);
432 \draw[arrow,draw,bend right=
15] (node7.south east) to node
[below
] {replication
} (node9.west);
433 \draw[arrow,draw,bend left=
15] (node7.south east) to node
{} (node6.north east);
435 \node[chain,minimum size=
7em,minimum
436 height=
3.5em,draw=none,fill=blue!
30!white,rounded corners
](tunnel) at (-
35mm,-
2.5mm)
{};
437 \node[below=
2mm of tunnel.south
] {exploratory tunnel pair
};
438 % \node[tunnel] at (-35mm, 0mm) {};
439 \node[chain,top
color=white,bottom
color=blue
] (ol) at (-
40mm,
0mm)
{};
440 \node[chain,top
color=white,bottom
color=blue
] (oe) at (-
30mm,
0mm)
{};
441 % \node[tunnel] at (-35mm, -5mm) {};
442 \node[chain,top
color=white,bottom
color=blue
] (il) at (-
40mm, -
5mm)
{};
443 \node[chain,top
color=white,bottom
color=blue
] (ie) at (-
30mm, -
5mm)
{};
444 \path[arrow
] (
[xshift=-
1mm
]client.south) |- (ol.west);
445 \path[arrow,<-
] (
[xshift=-
3mm
]client.south) |- (il.west);
446 \path[arrow
] (ol.east) -- (oe.west);
447 \path[arrow,<-
] (il.east) -- (ie.west);
449 \draw[arrow,bend left=
5,dashdotted
] (oe.north east) to node
[above
] {verify
} (
[yshift=
1mm
]node6.west);
450 \draw[arrow,bend left=
15,<-,dashdotted
] (ie.north east) to node
{} (node6.west);
452 \draw[arrow,bend right=
15,dashdotted
] (oe.south east) to node
[above
] {lookup
} (node4.west);
453 \draw[arrow,bend right=
5,<-,dashdotted
] (ie.south east) to node
{} (
[yshift=-
1mm
]node4.west);
455 % \begin{tikzpicture}[scale=1.4,font=\tiny]
457 % \foreach \sector in {%
458 % 0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
460 % \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 12mm) {\sector};
462 % \node at (0, 0) {netDB};
464 % \node[client](client) at (-45mm, 12mm) {Client};
466 % \draw[arrow,bend left=5,dashdotted] (client.north east) to node[above] {store} (node7.north west);
467 % \draw[arrow,<-,bend left=5,dashdotted] (client.east) to node {} (node7.west);
469 % \draw[arrow,draw,bend right=15] (node7.south east) to node {} (node8.south west);
470 % \draw[arrow,draw,bend right=15] (node7.south east) to node[below] {replication} (node9.west);
471 % \draw[arrow,draw,bend left=15] (node7.south east) to node {} (node6.north east);
473 % \node[chain,minimum size=6em,minimum height=3.5em,draw=gray](tunnel) at (-35mm,-2.5mm) {};
474 % \node[below=2mm of tunnel.south] {exploratory tunnel pair};
475 % % \node[tunnel] at (-35mm, 0mm) {};
476 % \node[chain] (ol) at (-40mm, 0mm) {};
477 % \node[chain] (oe) at (-30mm, 0mm) {};
478 % % \node[tunnel] at (-35mm, -5mm) {};
479 % \node[chain] (il) at (-40mm, -5mm) {};
480 % \node[chain] (ie) at (-30mm, -5mm) {};
481 % \path[arrow] ([xshift=-1mm]client.south) |- (ol.west);
482 % \path[arrow,<-] ([xshift=-2mm]client.south) |- (il.west);
483 % \path[arrow] (ol.east) -- (oe.west);
484 % \path[arrow,<-] (il.east) -- (ie.west);
486 % \draw[arrow,bend left=5,dashdotted] (oe.north east) to node[above] {verify} ([yshift=1mm]node6.west);
487 % \draw[arrow,bend left=15,<-,dashdotted] (ie.north east) to node {} (node6.west);
489 % \draw[arrow,bend right=15,dashdotted] (oe.south east) to node[above] {lookup} (node4.west);
490 % \draw[arrow,bend right=5,<-,dashdotted] (ie.south east) to node {} ([yshift=-1mm]node4.west);
497 \frametitle{Sybil Attack
}
498 \begin{block
}{Generating identities
}
500 \item Building a Database of
50,
000 identities takes around
30
501 minutes on
12-core Xeon server
502 \item 156 nodes on average between two adjacent database nodes
503 \item All identities available to all malicious nodes
506 \begin{block
}{Using identities
}
508 \item Malicious nodes can calculate the correct identities and
509 change identity at any time
510 \item Nodes coordinate to avoid duplicate identities
516 \frametitle{Deanonyizing Attack
}
519 \item 20 attacking nodes in Santa Barbara
521 \item 10 nodes capturing resource lookups
522 \item 10 nodes performing timing attack on
\iip{routerInfo
} storage
524 \item 6 monitoring nodes:
3 in Erlangen,
3 in Santa Barbara
527 \begin{block
}{Results
}
529 \item 60\,\% of potentially observable links detected
530 \item 52\,\% of attributed hits correct
531 \item Working equally well for geographically remote Hosts
537 \frametitle{Deanonymizing Users
}
540 \begin{tikzpicture
}[scale=
1.4]
542 \foreach \sector in
{%
543 0,
1,
2,
3,
4,
5,
6,
7,
8,
9}%
545 \node[netdb,cylinder, shape border rotate=
90,fill=orange!
50!white
](node
\sector) at (
{36 * (-
\sector +
.5)
} :
12mm)
{\sector};
547 \node at (
0,
0)
{netDB
};
549 \node[client
](client) at (-
45mm,
12mm)
{Client
};
551 \draw[arrow,bend left=
5,dashdotted
] (client.north east) to node
[above
] {store
} (node7.north west);
552 \draw[arrow,<-,bend left=
5,dashdotted
] (client.east) to node
{} (node7.west);
554 \draw[arrow,draw,bend right=
15] (node7.south east) to node
{} (node8.south west);
555 \draw[arrow,draw,bend right=
15] (node7.south east) to node
[below
] {replication
} (node9.west);
556 \draw[arrow,draw,bend left=
15] (node7.south east) to node
{} (node6.north east);
558 \node[chain,minimum size=
7em,minimum
559 height=
3.5em,draw=none,fill=blue!
30!white,rounded corners
](tunnel) at (-
35mm,-
2.5mm)
{};
560 \node[below=
2mm of tunnel.south
] {exploratory tunnel pair
};
561 % \node[tunnel] at (-35mm, 0mm) {};
562 \node[chain,top
color=white,bottom
color=blue
] (ol) at (-
40mm,
0mm)
{};
563 \node[chain,top
color=white,bottom
color=blue
] (oe) at (-
30mm,
0mm)
{};
564 % \node[tunnel] at (-35mm, -5mm) {};
565 \node[chain,top
color=white,bottom
color=blue
] (il) at (-
40mm, -
5mm)
{};
566 \node[chain,top
color=white,bottom
color=blue
] (ie) at (-
30mm, -
5mm)
{};
567 \path[arrow
] (
[xshift=-
1mm
]client.south) |- (ol.west);
568 \path[arrow,<-
] (
[xshift=-
3mm
]client.south) |- (il.west);
569 \path[arrow
] (ol.east) -- (oe.west);
570 \path[arrow,<-
] (il.east) -- (ie.west);
572 \draw[arrow,bend left=
5,dashdotted
] (oe.north east) to node
[above
] {verify
} (
[yshift=
1mm
]node6.west);
573 \draw[arrow,bend left=
15,<-,dashdotted
] (ie.north east) to node
{} (node6.west);
575 \draw[arrow,bend right=
15,dashdotted
] (oe.south east) to node
[above
] {lookup
} (node4.west);
576 \draw[arrow,bend right=
5,<-,dashdotted
] (ie.south east) to node
{} (
[yshift=-
1mm
]node4.west);
578 % \begin{tikzpicture}[scale=1.4,font=\tiny]
580 % \foreach \sector in {%
581 % 0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
583 % \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 12mm) {\sector};
585 % \node at (0, 0) {netDB};
587 % \node[client](client) at (-45mm, 12mm) {Client};
589 % \draw[arrow,bend left=5,dashdotted] (client.north east) to node[above] {store} (node7.north west);
590 % \draw[arrow,<-,bend left=5,dashdotted] (client.east) to node {} (node7.west);
592 % \draw[arrow,draw,bend right=15] (node7.south east) to node {} (node8.south west);
593 % \draw[arrow,draw,bend right=15] (node7.south east) to node[below] {replication} (node9.west);
594 % \draw[arrow,draw,bend left=15] (node7.south east) to node {} (node6.north east);
596 % \node[chain,minimum size=6em,minimum height=3.5em,draw=gray](tunnel) at (-35mm,-2.5mm) {};
597 % \node[below=2mm of tunnel.south] {exploratory tunnel pair};
598 % % \node[tunnel] at (-35mm, 0mm) {};
599 % \node[chain] (ol) at (-40mm, 0mm) {};
600 % \node[chain] (oe) at (-30mm, 0mm) {};
601 % % \node[tunnel] at (-35mm, -5mm) {};
602 % \node[chain] (il) at (-40mm, -5mm) {};
603 % \node[chain] (ie) at (-30mm, -5mm) {};
604 % \path[arrow] ([xshift=-1mm]client.south) |- (ol.west);
605 % \path[arrow,<-] ([xshift=-2mm]client.south) |- (il.west);
606 % \path[arrow] (ol.east) -- (oe.west);
607 % \path[arrow,<-] (il.east) -- (ie.west);
609 % \draw[arrow,bend left=5,dashdotted] (oe.north east) to node[above] {verify} ([yshift=1mm]node6.west);
610 % \draw[arrow,bend left=15,<-,dashdotted] (ie.north east) to node {} (node6.west);
612 % \draw[arrow,bend right=15,dashdotted] (oe.south east) to node[above] {lookup} (node4.west);
613 % \draw[arrow,bend right=5,<-,dashdotted] (ie.south east) to node {} ([yshift=-1mm]node4.west);
619 \frametitle{Results for multiple Hits
}
621 % $N=144$, Number of time slices\\
622 % $q=0.001$, 7\,\% of total nodes accessing the resource once a day\\
623 % $x=0.52\cdot p + 0.48\cdot q$ \\
624 % $P(k~hits) = {N \choose k} x^k \cdot (1-x)^{N-k}$}
627 \includegraphics[width=
.9\textwidth]{graph
}
631 \section{Conclusions
}
634 \frametitle{Limitations
}
635 \begin{itemize
}\addtolength{\itemsep}{1\baselineskip}
636 \item Only works reliable for longer/repeated resource access
637 \item Less reliable for popular resources
638 \item Needs extra resources per tracked user and per resource
643 \frametitle{I2P Improvements
}
644 \begin{itemize
}\addtolength{\itemsep}{1\baselineskip}
645 \item Limiting
\iip{netDB
} nodes per IPv4 network
646 \item Ignoring new
\iip{netDB
} nodes
647 \item Removing storage verification
648 \item Randomizing the time delta
649 \item Expiring tunnels after storage verification
654 \frametitle{Bibliography
}
656 \nocite{Timpanaro:
2011}
657 \nocite{Herrmann:
2011}
658 \nocite{Douceur:
2002}
659 \nocite{Dingledine:
2004}
661 \bibliographystyle{plain
}
662 \tiny{\bibliography{../i2p
}}