beamer.tex

   1 \documentclass[handout]{beamer}
   2 \usetheme{i4}
   3 \usepackage[utf8]{inputenc}
   4 \usepackage{tikz}
   5 \usepackage{multicol}
   6 \usepackage{listings}
   7 \lstloadlanguages{lisp}
   8
   9 \usetikzlibrary{svg.path,positioning,intersections}
  10 \usepgflibrary{shapes.geometric}
  11 \usepgflibrary{shapes.misc}
  12 \usepgflibrary{shapes.symbols}
  13
  14 \usepgflibrary{shapes}
  15 \usetikzlibrary{shapes,decorations,shadows}
  16 \usetikzlibrary{decorations.pathmorphing}
  17 \usetikzlibrary{decorations.shapes}
  18 \usetikzlibrary{fadings}
  19 \usetikzlibrary{patterns}
  20 \usetikzlibrary{calc}
  21 \tikzstyle{netdb}=[anchor=center,color=black,rectangle,draw,minimum
  22  size=.6em,minimum height=.2em]
  23 \tikzstyle{client}=[fill=i4gray,rectangle,draw]
  24 \tikzstyle{chain}=[rectangle,draw,minimum size=1em,minimum height=.5em]
  25 \tikzstyle{arrow}=[->,thick,draw,shorten <=2pt,shorten >=2pt,]
  26 \tikzstyle{tunnel}=[fill=gray,shape=ellipse,minimum size=4em,minimum height=1.1em]
  27
  28 \newcommand{\iip}[1]{\textcolor{i4red}{#1}}
  29
  30 \author[Christoph Egger]{{\bf Christoph Egger}, Johannes Schlumberger, Christopher
  31   Kruegel, Giovanni Vigna}
  32 \title{Practical Attacks Against The I2P Network}
  33 \institute{Friedrich-Alexander University Erlangen-Nuremberg\\
  34 University of California, Santa Barbara}
  35 \date{October 25, 2013}
  36 \begin{document}
  37
  38 \begin{frame}[plain]
  39   \vspace{1.5em}
  40   \titlepage
  41   \begin{center}
  42   \includegraphics[width=0.2\paperwidth]{ucsbseal}
  43   \hspace{1.5em}
  44   \includegraphics[width=0.25\paperwidth]{streifenlogo}
  45   \end{center}
  46 \end{frame}
  47
  48 \begin{frame}
  49   \frametitle{Outline}
  50   \begin{multicols}{2}
  51     \begin{block}{What is I2P?}
  52       \begin{itemize}
  53       \item Tunnels
  54       \item Network Database
  55       \item \textcolor{gray}{Floodfill Participation}
  56       \item Thread model
  57       \end{itemize}
  58     \end{block}
  59     \begin{block}{Attacks}
  60       \begin{itemize}
  61       \item \textcolor{gray}{Floodfill Takeover Attack}
  62       \item Sybil Attack
  63       \item \textcolor{gray}{Eclipse Attack}
  64       \item Deanonymization Attack
  65       \end{itemize}
  66     \end{block}
  67     \begin{block}{Evaluation}
  68       \begin{itemize}
  69       \item \textcolor{gray}{Floodfill Takeover Attack}
  70       \item Sybil Attack
  71       \item \textcolor{gray}{Eclipse Attack}
  72       \item Deanonymization Attack
  73       \end{itemize}
  74     \end{block}
  75     \begin{block}{Conclusions}
  76       \begin{itemize}
  77       \item Limitations
  78       \item I2P Improvements
  79       \item \textcolor{gray}{Related Work}
  80       \end{itemize}
  81     \end{block}
  82   \end{multicols}
  83 \end{frame}
  84
  85 \begin{frame}
  86   \frametitle{Introduction I2P}
  87   \begin{itemize}\addtolength{\itemsep}{1\baselineskip}
  88   \item Solution for anonymous Communication
  89   \item Separated from the ``Internet'' -- \emph{Darknet}
  90   \item Fully distributed Design
  91   \item Based on Onion Routing
  92   \item Between 18,000 and 28,000 active users
  93   \end{itemize}
  94 \end{frame}
  95 \section{I2P}
  96 \begin{frame}
  97   \frametitle{I2P}
  98   \begin{multicols}{2}
  99     \begin{block}{Router}
 100       \begin{itemize}
 101       \item Handle Connections
 102       \item Provide Name Services
 103       \end{itemize}
 104     \end{block}
 105     \pause
 106     \begin{block}{Applications}
 107       \begin{itemize}
 108       \item Server, Client or P2P Software
 109       \item Sockets interface with TCP-like or UDP-like Semantics
 110       \end{itemize}
 111     \end{block}
 112     \pause
 113     \begin{figure}
 114       \centering
 115       \begin{tikzpicture}[scale=1.2]
 116         \tikzstyle{every node}=[font=\small]
 117         \node[minimum width=9em,minimum height=9em,draw=gray](clientpc) at (25mm,9mm) {};
 118         \node[above=0mm of clientpc.south] {User's Computer};
 119         \node[cloud,drop shadow,fill=white,draw,minimum
 120         width=4.5em,minimum height=2.5em](ip) at (22mm,30mm) {I2P};
 121         \node[client](client) at (22mm, 18mm) {I2P Router};
 122         \node[rectangle,draw,below=0mm of client.south east](app1) {Application};
 123         \node[rectangle,draw,below=0mm of app1.south](app2) {Application};
 124         \node[rectangle,draw,below=0mm of app2.south](app3) {Application};
 125
 126         \path[arrow] (app1.west) -| ([xshift=3.5mm]client.south west);
 127         \path[arrow] (app2.west) -| ([xshift=2.5mm]client.south west);
 128         \path[arrow] (app3.west) -| ([xshift=1.5mm]client.south west);
 129         \path[arrow] ([xshift=.5mm]client.north) -- ([xshift=.5mm]ip.south);
 130         \path[arrow] ([xshift=-.5mm]ip.south) -- ([xshift=-.5mm]client.north);
 131       \end{tikzpicture}
 132     \end{figure}
 133
 134   \end{multicols}
 135 \end{frame}
 136
 137 \begin{frame}
 138   \frametitle{Tunnels}
 139   \begin{itemize}
 140   \item using onion-routing for anonymity
 141   \item unidirectional
 142   \item paired for bi-directional communication
 143   \end{itemize}\pause
 144   \begin{block}{Client Tunnels}
 145     \begin{itemize}
 146     \item Used for Data Interactions
 147     \item Several pro Application
 148     \end{itemize}
 149   \end{block}
 150   \pause
 151   \begin{block}{Exploratory Tunnels}
 152     \begin{itemize}
 153     \item Used for Database interaction
 154     \item 2 to 3 per Node
 155     \end{itemize}
 156   \end{block}
 157 \end{frame}
 158
 159 \begin{frame}
 160   \frametitle{Network Database}
 161   \begin{itemize}
 162   \item<1-> Kademlia-like DHT based on \texttt{XOR}-distance run on
 163     320 super-nodes
 164   \item<2-> \iip{databaseRecord}\\
 165     Information named using a hash over their cryptographic Keys
 166   \item<3-> \iip{storageLocation}\\
 167     Hash over name and today's date
 168   \item<4-> \iip{routerInfo}\\
 169     Peer information: IP address, Port, Protocol, Keys
 170   \item<5-> \iip{leaseSet}\\
 171     Service Information: Entry tunnels, Keys
 172   \end{itemize}
 173   % \begin{multicols}{2}
 174   %   \begin{block}{\iip{routerInfo}}
 175   %     \begin{itemize}
 176   %     \item Peer information: IP address, Port, Protocol, Keys
 177   %     \end{itemize}
 178   %   \end{block}
 179   %   \begin{block}{\iip{leaseSet}}
 180   %     \begin{itemize}
 181   %     \item Service Information: Entry tunnels, Keys
 182   %     \end{itemize}
 183   %   \end{block}
 184   %   % \begin{figure}
 185   %   %   \centering
 186   %   %   \begin{tikzpicture}
 187   %   %     \node[draw,rectangle split, rectangle split parts=2] (lease) at (-3em,0) {\iip{leaseSet}\nodepart{second}\tiny{Keys}};
 188   %   %     \node[draw,rectangle split, rectangle split parts=2] (router) at (3em,0) {\iip{routerInfo}\nodepart{second}\tiny{Keys}};
 189   %   %     \node[draw,ellipse] (hashfn1) at (0,-3em) {\tiny{SHA256}};
 190   %   %     \node[draw,rectangle] (hash1) at (0,-5.5em) {\iip{resourceIdentifier}};
 191   %   %     \node[draw,rectangle,right=-0.1mm of hash1.east] (day) {Date};
 192
 193   %   %     \node[draw,ellipse] (hashfn1) at (0,-8em) {\tiny{SHA256}};
 194   %   %     \node[draw,rectangle] (resID) at (0,-10.5em) {\iip{storageLocation}};
 195   %   %   \end{tikzpicture}
 196   %   % \end{figure}
 197   % \end{multicols}
 198 \end{frame}
 199
 200 \begin{frame}
 201   \frametitle{Sample Interaction}
 202   \begin{figure}
 203     \centering
 204     \begin{tikzpicture}[scale=1.2]
 205       \tikzstyle{every node}=[font=\small]
 206 % netDB
 207   \foreach \sector in {%
 208     0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
 209   {
 210     \node[netdb,cylinder, shape border
 211     rotate=90,fill=orange!50!white](node\sector) at ({36 * (-\sector +
 212       .6)} : 10.5mm) {\sector};
 213   }
 214   \node at (0, 0) {netDB};
 215 % client
 216   \node[minimum width=9.5em,minimum
 217   height=5em,draw=black,thick,fill=yellow!60!white,rounded corners](clientpc) at (27.5mm,9mm) {};
 218   \node[client](client) at (30.5mm, 12mm) {Server Router};
 219   \node[rectangle,draw,below=0mm of client.south west] {Application};
 220   \node[above=0mm of clientpc.south] {Server's System};
 221 % server
 222   \node[minimum width=9.5em,minimum
 223   height=5em,draw=black,thick,fill=yellow!60!white,rounded corners](clientpc) at (-38mm,9mm) {};
 224   \node[client](server) at (-42mm, 12mm) {Client Router};
 225   \node[rectangle,draw,below=0mm of server.south east] {Application};
 226   \node[above=0mm of clientpc.south] {Client's System};
 227 % client client tunnel
 228   \node[chain,minimum size=7em,minimum
 229   height=3em,draw=none,fill=green!30!white,rounded corners](tunnel) at (16mm,22.5mm) {};
 230   \node[above=0mm of tunnel.north] {Server's data tunnel pair};
 231 %  \node[tunnel,minimum width=9.5em] at (16mm, 19mm) {};
 232 %  \node[tunnel,minimum width=9.5em] at (16mm, 22mm) {};
 233 %
 234   \node[chain,top color=white,bottom color=green] (cco1) at (23mm, 21mm) {};
 235   \path[arrow] ([xshift=4mm]client.north) |- (cco1.east);
 236   \node[chain,top color=white,bottom color=green] (cco2) at (16mm, 21mm) {};
 237   \path[arrow] (cco1.west) -- (cco2.east);
 238   \node[chain,top color=white,bottom color=green] (cco3) at (9mm, 21mm) {};
 239   \path[arrow] (cco2.west) -- (cco3.east);
 240   \node[chain,top color=white,bottom color=green] (cci1) at (23mm, 24mm) {};
 241   \path[arrow] (cci1.east) -| ([xshift=5mm]client.north);
 242   \node[chain,top color=white,bottom color=green] (cci2) at (16mm, 24mm) {};
 243   \path[arrow] (cci2.east) -- (cci1.west);
 244   \node[chain,top color=white,bottom color=green] (cci3) at (9mm, 24mm) {};
 245   \path[arrow] (cci3.east) -- (cci2.west);
 246 % server client tunnel
 247   \node[chain,minimum size=7em,minimum
 248   height=3em,draw=none,fill=green!30!white,rounded corners](tunnel) at (-30mm,22.5mm) {};
 249   \node[above=0mm of tunnel.north] {Client's data tunnel pair};
 250 %  \node[tunnel,minimum width=9.5em] at (-34mm, 19mm) {};
 251 %  \node[tunnel,minimum width=9.5em] at (-34mm, 22mm) {};
 252 %
 253   \node[chain,top color=white,bottom color=green] (csi1) at (-37mm, 21mm) {};
 254   \path[arrow,<-] ([xshift=-4mm]server.north) |- (csi1.west);
 255   \node[chain,top color=white,bottom color=green] (csi2) at (-30mm, 21mm) {};
 256   \path[arrow,<-] (csi1.east) -- (csi2.west);
 257   \node[chain,top color=white,bottom color=green] (csi3) at (-23mm, 21mm) {};
 258   \path[arrow,<-] (csi2.east) -- (csi3.west);
 259   \node[chain,top color=white,bottom color=green] (cso1) at (-37mm, 24mm) {};
 260   \path[arrow,<-] (cso1.west) -| ([xshift=-5mm]server.north);
 261   \node[chain,top color=white,bottom color=green] (cso2) at (-30mm, 24mm) {};
 262   \path[arrow,<-] (cso2.west) -- (cso1.east);
 263   \node[chain,top color=white,bottom color=green] (cso3) at (-23mm, 24mm) {};
 264   \path[arrow,<-] (cso3.west) -- (cso2.east);
 265 % client exploratory tunnel
 266   \node[chain,minimum size=6em,minimum
 267   height=3em,draw=none,fill=blue!30!white,rounded corners](tunnel) at (-32.5mm,-6.5mm) {};
 268   \node[below=0mm of tunnel.south,align=center] {Client's exploratory\\tunnel pair};
 269 %  \node[tunnel,minimum width=7.5em] at (-36.5mm, 0mm) {};
 270 %  \node[tunnel,minimum width=7.5em] at (-36.5mm, -3mm) {};
 271 %
 272   \node[chain,top color=white,bottom color=blue] (eo1) at (-36mm, -5mm) {};
 273   \path[arrow] ([xshift=-4mm]server.south) |- (eo1.west);
 274   \node[chain,top color=white,bottom color=blue] (ei1) at (-36mm, -8mm) {};
 275   \path[arrow,<-] ([xshift=-5mm]server.south) |- (ei1.west);
 276   \node[chain,top color=white,bottom color=blue] (eo2) at (-29mm, -5mm) {};
 277   \path[arrow] (eo1.east) -- (eo2.west);
 278   \node[chain,top color=white,bottom color=blue] (ei2) at (-29mm, -8mm) {};
 279   \path[arrow,<-] (ei1.east) -- (ei2.west);
 280 % service lookup
 281   \draw[arrow,bend right=20,dashdotted] (eo2.east) to node[above=.8em,align=center] {service\\lookup} (node4.west);
 282   \draw[arrow,bend right=10,<-,dashdotted] (ei2.east) to node {} ([yshift=-1mm]node4.west);
 283 % data link
 284   \draw[arrow,bend left=15,dashdotted] (cco3.west) to node {} (csi3.east);
 285   \draw[arrow,bend right=15,dashdotted] (cci3.west) to node {} (cso3.east);
 286   \node at (-9mm,22.5mm) {Data connection};
 287 \end{tikzpicture}
 288 %       \foreach \sector in {%
 289 %         0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
 290 %       {
 291 %         \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 10mm) {\sector};
 292 %       }
 293 %       \node at (0, 0) {netDB};
 294 % % client
 295 %       \node[client](client) at (28mm, 12mm) {Server Router};
 296 %       \node[rectangle,draw,below=0mm of client.south west] {Application};
 297 %       \node[minimum width=7em,minimum height=4em,draw=gray](clientpc) at (25mm,9mm) {};
 298 %       \node[above=0mm of clientpc.south] {Server's System};
 299 % % server
 300 %       \node[client](server) at (-42mm, 12mm) {Client Router};
 301 %       \node[rectangle,draw,below=0mm of server.south east] {Application};
 302 %       \node[minimum width=7em,minimum height=4em,draw=gray](clientpc) at (-38mm,9mm) {};
 303 %       \node[above=0mm of clientpc.south] {Client's System};
 304 % % client client tunnel
 305 %       \node[chain,minimum size=6.5em,minimum height=2em,draw=gray](tunnel) at (16mm,20.5mm) {};
 306 %       \node[above=0mm of tunnel.north] {Server's data tunnel pair};
 307 % %  \node[tunnel,minimum width=9.5em] at (16mm, 19mm) {};
 308 % %  \node[tunnel,minimum width=9.5em] at (16mm, 22mm) {};
 309 % %
 310 %       \node[chain] (cco1) at (23mm, 19mm) {};
 311 %       \path[arrow] ([xshift=4mm]client.north) |- (cco1.east);
 312 %       \node[chain] (cco2) at (16mm, 19mm) {};
 313 %       \path[arrow] (cco1.west) -- (cco2.east);
 314 %       \node[chain] (cco3) at (9mm, 19mm) {};
 315 %       \path[arrow] (cco2.west) -- (cco3.east);
 316 %       \node[chain] (cci1) at (23mm, 22mm) {};
 317 %       \path[arrow] (cci1.east) -| ([xshift=5mm]client.north);
 318 %       \node[chain] (cci2) at (16mm, 22mm) {};
 319 %       \path[arrow] (cci2.east) -- (cci1.west);
 320 %       \node[chain] (cci3) at (9mm, 22mm) {};
 321 %       \path[arrow] (cci3.east) -- (cci2.west);
 322 % % server client tunnel
 323 %       \node[chain,minimum size=6.5em,minimum height=2em,draw=gray](tunnel) at (-30mm,20.5mm) {};
 324 %       \node[above=0mm of tunnel.north] {Client's data tunnel pair};
 325 % %  \node[tunnel,minimum width=9.5em] at (-34mm, 19mm) {};
 326 % %  \node[tunnel,minimum width=9.5em] at (-34mm, 22mm) {};
 327 % %
 328 %       \node[chain] (csi1) at (-37mm, 19mm) {};
 329 %       \path[arrow,<-] ([xshift=-4mm]server.north) |- (csi1.west);
 330 %       \node[chain] (csi2) at (-30mm, 19mm) {};
 331 %       \path[arrow,<-] (csi1.east) -- (csi2.west);
 332 %       \node[chain] (csi3) at (-23mm, 19mm) {};
 333 %       \path[arrow,<-] (csi2.east) -- (csi3.west);
 334 %       \node[chain] (cso1) at (-37mm, 22mm) {};
 335 %       \path[arrow,<-] (cso1.west) -| ([xshift=-5mm]server.north);
 336 %       \node[chain] (cso2) at (-30mm, 22mm) {};
 337 %       \path[arrow,<-] (cso2.west) -- (cso1.east);
 338 %       \node[chain] (cso3) at (-23mm, 22mm) {};
 339 %       \path[arrow,<-] (cso3.west) -- (cso2.east);
 340 % % client exploratory tunnel
 341 %       \node[chain,minimum size=4.5em,minimum height=2em,draw=gray](tunnel) at (-32.5mm,-3.5mm) {};
 342 %       \node[below=0mm of tunnel.south,align=center] {Client's exploratory\\tunnel pair};
 343 % %  \node[tunnel,minimum width=7.5em] at (-36.5mm, 0mm) {};
 344 % %  \node[tunnel,minimum width=7.5em] at (-36.5mm, -3mm) {};
 345 % %
 346 %       \node[chain] (eo1) at (-36mm, -2mm) {};
 347 %       \path[arrow] ([xshift=-4mm]server.south) |- (eo1.west);
 348 %       \node[chain] (ei1) at (-36mm, -5mm) {};
 349 %       \path[arrow,<-] ([xshift=-5mm]server.south) |- (ei1.west);
 350 %       \node[chain] (eo2) at (-29mm, -2mm) {};
 351 %       \path[arrow] (eo1.east) -- (eo2.west);
 352 %       \node[chain] (ei2) at (-29mm, -5mm) {};
 353 %       \path[arrow,<-] (ei1.east) -- (ei2.west);
 354 % % service lookup
 355 %       \draw[arrow,bend right=20,dashdotted] (eo2.east) to node[above=.8em,align=center] {service\\lookup} (node4.west);
 356 %       \draw[arrow,bend right=10,<-,dashdotted] (ei2.east) to node {} ([yshift=-1mm]node4.west);
 357 % % data link
 358 %       \draw[arrow,bend left=15,dashdotted] (cco3.west) to node {} (csi3.east);
 359 %       \draw[arrow,bend right=15,dashdotted] (cci3.west) to node {} (cso3.east);
 360 %       \node at (-9mm,20.5mm) {Data connection};
 361 %     \end{tikzpicture}
 362   \end{figure}
 363 \end{frame}
 364
 365 \begin{frame}
 366   \frametitle{Thread Model}
 367   \begin{itemize}\addtolength{\itemsep}{1\baselineskip}
 368   \item Implicitly specified in terms of attacks considered
 369   \item Only allows local adversaries: No global view about traffic
 370     passing through the network
 371   \item Only allows limited number of malicious nodes -- around 20\,\%
 372     of \iip{netDB} super-nodes and 20\,\% of total nodes
 373   \item Secure cryptographic primitives
 374   \end{itemize}
 375 \end{frame}
 376
 377 \section{Attacks}
 378 \begin{frame}
 379   \frametitle{Sybil Attack}
 380   \begin{block}{Definition}
 381     In a Sybil Attack, the adversary utilizes multiple identities to
 382     break assumptions about the system
 383   \end{block}\pause
 384   \begin{block}{Goal}
 385     Gaining control over parts of the keyspace in the \iip{netDB} with
 386     limited resources
 387   \end{block}\pause
 388   \begin{block}{Challenge}
 389     Active identities require considerable resources to be useful
 390   \end{block}\pause
 391   \begin{block}{Solution}
 392     Compute a large pool of identities and only activate the relevant ones
 393   \end{block}
 394 \end{frame}
 395
 396 \begin{frame}
 397   \frametitle{Deanonymizing Users}
 398   \begin{block}{Goal}
 399     Given an user Alice and a resource R, we want to confirm or refute
 400     Alice using R with high probability.
 401   \end{block}\pause
 402   \begin{block}{Vulnerability}
 403     \begin{itemize}
 404     \item<2-> Nodes store their \iip{routerInfo} directly in the \iip{netDB}
 405     \item<3-> Nodes verify the storage 20 seconds later using one of their
 406       \iip{exploratory Tunnels}
 407     \item<4-> Nodes use the same \iip{exploratory Tunnel} again for
 408       resource lookups
 409     \end{itemize}
 410   \end{block}
 411 \end{frame}
 412
 413 \begin{frame}
 414   \frametitle{Deanonymizing Users}
 415   \begin{figure}
 416   \centering
 417 \begin{tikzpicture}[scale=1.4]
 418 % netDB
 419   \foreach \sector in {%
 420     0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
 421   {
 422     \node[netdb,cylinder, shape border rotate=90,fill=orange!50!white](node\sector) at ({36 * (-\sector + .5)} : 12mm) {\sector};
 423   }
 424   \node at (0, 0) {netDB};
 425 % client
 426   \node[client](client) at (-45mm, 12mm) {Client};
 427 % store
 428   \draw[arrow,bend left=5,dashdotted] (client.north east) to node[above] {store} (node7.north west);
 429   \draw[arrow,<-,bend left=5,dashdotted] (client.east) to node {} (node7.west);
 430 % flood
 431   \draw[arrow,draw,bend right=15] (node7.south east) to node {} (node8.south west);
 432   \draw[arrow,draw,bend right=15] (node7.south east) to node[below] {replication} (node9.west);
 433   \draw[arrow,draw,bend left=15]  (node7.south east) to node {} (node6.north east);
 434 % tunnels
 435   \node[chain,minimum size=7em,minimum
 436   height=3.5em,draw=none,fill=blue!30!white,rounded corners](tunnel) at (-35mm,-2.5mm) {};
 437   \node[below=2mm of tunnel.south] {exploratory tunnel pair};
 438 %  \node[tunnel] at (-35mm, 0mm) {};
 439   \node[chain,top color=white,bottom color=blue] (ol) at (-40mm, 0mm) {};
 440   \node[chain,top color=white,bottom color=blue] (oe) at (-30mm, 0mm) {};
 441 %  \node[tunnel] at (-35mm, -5mm) {};
 442   \node[chain,top color=white,bottom color=blue] (il) at (-40mm, -5mm) {};
 443   \node[chain,top color=white,bottom color=blue] (ie) at (-30mm, -5mm) {};
 444   \path[arrow] ([xshift=-1mm]client.south) |- (ol.west);
 445   \path[arrow,<-] ([xshift=-3mm]client.south) |- (il.west);
 446   \path[arrow] (ol.east) -- (oe.west);
 447   \path[arrow,<-] (il.east) -- (ie.west);
 448 % verify
 449   \draw[arrow,bend left=5,dashdotted] (oe.north east) to node[above] {verify} ([yshift=1mm]node6.west);
 450   \draw[arrow,bend left=15,<-,dashdotted] (ie.north east) to node {} (node6.west);
 451 %lookup
 452   \draw[arrow,bend right=15,dashdotted] (oe.south east) to node[above] {lookup} (node4.west);
 453   \draw[arrow,bend right=5,<-,dashdotted] (ie.south east) to node {} ([yshift=-1mm]node4.west);
 454 \end{tikzpicture}
 455 % \begin{tikzpicture}[scale=1.4,font=\tiny]
 456 % % netDB
 457 %   \foreach \sector in {%
 458 %     0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
 459 %   {
 460 %     \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 12mm) {\sector};
 461 %   }
 462 %   \node at (0, 0) {netDB};
 463 % % client
 464 %   \node[client](client) at (-45mm, 12mm) {Client};
 465 % % store
 466 %   \draw[arrow,bend left=5,dashdotted] (client.north east) to node[above] {store} (node7.north west);
 467 %   \draw[arrow,<-,bend left=5,dashdotted] (client.east) to node {} (node7.west);
 468 % % flood
 469 %   \draw[arrow,draw,bend right=15] (node7.south east) to node {} (node8.south west);
 470 %   \draw[arrow,draw,bend right=15] (node7.south east) to node[below] {replication} (node9.west);
 471 %   \draw[arrow,draw,bend left=15]  (node7.south east) to node {} (node6.north east);
 472 % % tunnels
 473 %   \node[chain,minimum size=6em,minimum height=3.5em,draw=gray](tunnel) at (-35mm,-2.5mm) {};
 474 %   \node[below=2mm of tunnel.south] {exploratory tunnel pair};
 475 % %  \node[tunnel] at (-35mm, 0mm) {};
 476 %   \node[chain] (ol) at (-40mm, 0mm) {};
 477 %   \node[chain] (oe) at (-30mm, 0mm) {};
 478 % %  \node[tunnel] at (-35mm, -5mm) {};
 479 %   \node[chain] (il) at (-40mm, -5mm) {};
 480 %   \node[chain] (ie) at (-30mm, -5mm) {};
 481 %   \path[arrow] ([xshift=-1mm]client.south) |- (ol.west);
 482 %   \path[arrow,<-] ([xshift=-2mm]client.south) |- (il.west);
 483 %   \path[arrow] (ol.east) -- (oe.west);
 484 %   \path[arrow,<-] (il.east) -- (ie.west);
 485 % % verify
 486 %   \draw[arrow,bend left=5,dashdotted] (oe.north east) to node[above] {verify} ([yshift=1mm]node6.west);
 487 %   \draw[arrow,bend left=15,<-,dashdotted] (ie.north east) to node {} (node6.west);
 488 % %lookup
 489 %   \draw[arrow,bend right=15,dashdotted] (oe.south east) to node[above] {lookup} (node4.west);
 490 %   \draw[arrow,bend right=5,<-,dashdotted] (ie.south east) to node {} ([yshift=-1mm]node4.west);
 491 % \end{tikzpicture}
 492 \end{figure}
 493 \end{frame}
 494
 495 \section{Evaluation}
 496 \begin{frame}
 497   \frametitle{Sybil Attack}
 498   \begin{block}{Generating identities}
 499     \begin{itemize}
 500     \item Building a Database of 50,000 identities takes around 30
 501       minutes on 12-core Xeon server
 502     \item 156 nodes on average between two adjacent database nodes
 503     \item All identities available to all malicious nodes
 504     \end{itemize}
 505   \end{block}\pause
 506   \begin{block}{Using identities}
 507     \begin{itemize}
 508     \item Malicious nodes can calculate the correct identities and
 509       change identity at any time
 510     \item Nodes coordinate to avoid duplicate identities
 511     \end{itemize}
 512   \end{block}
 513 \end{frame}
 514
 515 \begin{frame}
 516   \frametitle{Deanonyizing Attack}
 517   \begin{block}{Setup}
 518     \begin{itemize}
 519     \item 20 attacking nodes in Santa Barbara
 520       \begin{itemize}
 521       \item 10 nodes capturing resource lookups
 522       \item 10 nodes performing timing attack on \iip{routerInfo} storage
 523       \end{itemize}
 524     \item 6 monitoring nodes: 3 in Erlangen, 3 in Santa Barbara
 525     \end{itemize}
 526   \end{block}\pause
 527   \begin{block}{Results}
 528     \begin{itemize}
 529     \item 60\,\% of potentially observable links detected
 530     \item 52\,\% of attributed hits correct
 531     \item Working equally well for geographically remote Hosts
 532     \end{itemize}
 533   \end{block}
 534 \end{frame}
 535
 536 \begin{frame}
 537   \frametitle{Deanonymizing Users}
 538   \begin{figure}
 539   \centering
 540 \begin{tikzpicture}[scale=1.4]
 541 % netDB
 542   \foreach \sector in {%
 543     0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
 544   {
 545     \node[netdb,cylinder, shape border rotate=90,fill=orange!50!white](node\sector) at ({36 * (-\sector + .5)} : 12mm) {\sector};
 546   }
 547   \node at (0, 0) {netDB};
 548 % client
 549   \node[client](client) at (-45mm, 12mm) {Client};
 550 % store
 551   \draw[arrow,bend left=5,dashdotted] (client.north east) to node[above] {store} (node7.north west);
 552   \draw[arrow,<-,bend left=5,dashdotted] (client.east) to node {} (node7.west);
 553 % flood
 554   \draw[arrow,draw,bend right=15] (node7.south east) to node {} (node8.south west);
 555   \draw[arrow,draw,bend right=15] (node7.south east) to node[below] {replication} (node9.west);
 556   \draw[arrow,draw,bend left=15]  (node7.south east) to node {} (node6.north east);
 557 % tunnels
 558   \node[chain,minimum size=7em,minimum
 559   height=3.5em,draw=none,fill=blue!30!white,rounded corners](tunnel) at (-35mm,-2.5mm) {};
 560   \node[below=2mm of tunnel.south] {exploratory tunnel pair};
 561 %  \node[tunnel] at (-35mm, 0mm) {};
 562   \node[chain,top color=white,bottom color=blue] (ol) at (-40mm, 0mm) {};
 563   \node[chain,top color=white,bottom color=blue] (oe) at (-30mm, 0mm) {};
 564 %  \node[tunnel] at (-35mm, -5mm) {};
 565   \node[chain,top color=white,bottom color=blue] (il) at (-40mm, -5mm) {};
 566   \node[chain,top color=white,bottom color=blue] (ie) at (-30mm, -5mm) {};
 567   \path[arrow] ([xshift=-1mm]client.south) |- (ol.west);
 568   \path[arrow,<-] ([xshift=-3mm]client.south) |- (il.west);
 569   \path[arrow] (ol.east) -- (oe.west);
 570   \path[arrow,<-] (il.east) -- (ie.west);
 571 % verify
 572   \draw[arrow,bend left=5,dashdotted] (oe.north east) to node[above] {verify} ([yshift=1mm]node6.west);
 573   \draw[arrow,bend left=15,<-,dashdotted] (ie.north east) to node {} (node6.west);
 574 %lookup
 575   \draw[arrow,bend right=15,dashdotted] (oe.south east) to node[above] {lookup} (node4.west);
 576   \draw[arrow,bend right=5,<-,dashdotted] (ie.south east) to node {} ([yshift=-1mm]node4.west);
 577 \end{tikzpicture}
 578 % \begin{tikzpicture}[scale=1.4,font=\tiny]
 579 % % netDB
 580 %   \foreach \sector in {%
 581 %     0, 1, 2, 3, 4, 5, 6, 7, 8, 9}%
 582 %   {
 583 %     \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 12mm) {\sector};
 584 %   }
 585 %   \node at (0, 0) {netDB};
 586 % % client
 587 %   \node[client](client) at (-45mm, 12mm) {Client};
 588 % % store
 589 %   \draw[arrow,bend left=5,dashdotted] (client.north east) to node[above] {store} (node7.north west);
 590 %   \draw[arrow,<-,bend left=5,dashdotted] (client.east) to node {} (node7.west);
 591 % % flood
 592 %   \draw[arrow,draw,bend right=15] (node7.south east) to node {} (node8.south west);
 593 %   \draw[arrow,draw,bend right=15] (node7.south east) to node[below] {replication} (node9.west);
 594 %   \draw[arrow,draw,bend left=15]  (node7.south east) to node {} (node6.north east);
 595 % % tunnels
 596 %   \node[chain,minimum size=6em,minimum height=3.5em,draw=gray](tunnel) at (-35mm,-2.5mm) {};
 597 %   \node[below=2mm of tunnel.south] {exploratory tunnel pair};
 598 % %  \node[tunnel] at (-35mm, 0mm) {};
 599 %   \node[chain] (ol) at (-40mm, 0mm) {};
 600 %   \node[chain] (oe) at (-30mm, 0mm) {};
 601 % %  \node[tunnel] at (-35mm, -5mm) {};
 602 %   \node[chain] (il) at (-40mm, -5mm) {};
 603 %   \node[chain] (ie) at (-30mm, -5mm) {};
 604 %   \path[arrow] ([xshift=-1mm]client.south) |- (ol.west);
 605 %   \path[arrow,<-] ([xshift=-2mm]client.south) |- (il.west);
 606 %   \path[arrow] (ol.east) -- (oe.west);
 607 %   \path[arrow,<-] (il.east) -- (ie.west);
 608 % % verify
 609 %   \draw[arrow,bend left=5,dashdotted] (oe.north east) to node[above] {verify} ([yshift=1mm]node6.west);
 610 %   \draw[arrow,bend left=15,<-,dashdotted] (ie.north east) to node {} (node6.west);
 611 % %lookup
 612 %   \draw[arrow,bend right=15,dashdotted] (oe.south east) to node[above] {lookup} (node4.west);
 613 %   \draw[arrow,bend right=5,<-,dashdotted] (ie.south east) to node {} ([yshift=-1mm]node4.west);
 614 % \end{tikzpicture}
 615 \end{figure}
 616 \end{frame}
 617
 618 \begin{frame}
 619   \frametitle{Results for multiple Hits}
 620   % \small{
 621   % $N=144$, Number of time slices\\
 622   % $q=0.001$, 7\,\% of total nodes accessing the resource once a day\\
 623   % $x=0.52\cdot p + 0.48\cdot q$ \\
 624   % $P(k~hits) = {N \choose k} x^k \cdot (1-x)^{N-k}$}
 625   \begin{figure}
 626     \centering
 627     \includegraphics[width=.9\textwidth]{graph}
 628   \end{figure}
 629 \end{frame}
 630
 631 \section{Conclusions}
 632
 633 \begin{frame}
 634   \frametitle{Limitations}
 635   \begin{itemize}\addtolength{\itemsep}{1\baselineskip}
 636   \item Only works reliable for longer/repeated resource access
 637   \item Less reliable for popular resources
 638   \item Needs extra resources per tracked user and per resource
 639   \end{itemize}
 640 \end{frame}
 641
 642 \begin{frame}
 643   \frametitle{I2P Improvements}
 644   \begin{itemize}\addtolength{\itemsep}{1\baselineskip}
 645   \item Limiting \iip{netDB} nodes per IPv4 network
 646   \item Ignoring new \iip{netDB} nodes
 647   \item Removing storage verification
 648   \item Randomizing the time delta
 649   \item Expiring tunnels after storage verification
 650   \end{itemize}
 651 \end{frame}
 652
 653 \begin{frame}
 654   \frametitle{Bibliography}
 655   \nocite{Mittal:2012}
 656   \nocite{Timpanaro:2011}
 657   \nocite{Herrmann:2011}
 658   \nocite{Douceur:2002}
 659   \nocite{Dingledine:2004}
 660   \nocite{Evans:2011}
 661   \bibliographystyle{plain}
 662   \tiny{\bibliography{../i2p}}
 663 \end{frame}
 664
 665 \end{document}
 666
 667 %%% Local Variables:
 668 %%% mode: latex
 669 %%% TeX-master: t
 670 %%% TeX-PDF-mode: t
 671 %%% End: