From 7dfaa527c5c218c244f6bbf9fc08d4c04670d080 Mon Sep 17 00:00:00 2001 From: Christoph Egger Date: Tue, 22 Oct 2013 22:16:16 -0400 Subject: [PATCH] start --- beamer.tex | 514 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 514 insertions(+) create mode 100644 beamer.tex diff --git a/beamer.tex b/beamer.tex new file mode 100644 index 0000000..344c2f7 --- /dev/null +++ b/beamer.tex @@ -0,0 +1,514 @@ +\documentclass[handout]{beamer} +\usetheme{i4} +\usepackage[utf8]{inputenc} +\usepackage{tikz} +\usepackage{multicol} +\usepackage{listings} +\lstloadlanguages{lisp} + +\usetikzlibrary{svg.path,positioning,intersections} +\usepgflibrary{shapes.geometric} +\usepgflibrary{shapes.misc} +\usepgflibrary{shapes.symbols} + +\usepgflibrary{shapes} +\usetikzlibrary{shapes,decorations,shadows} +\usetikzlibrary{decorations.pathmorphing} +\usetikzlibrary{decorations.shapes} +\usetikzlibrary{fadings} +\usetikzlibrary{patterns} +\usetikzlibrary{calc} +\tikzstyle{netdb}=[anchor=center,color=black,rectangle,draw,minimum + size=1em,minimum height=.5em] +\tikzstyle{client}=[fill=i4gray,rectangle,draw] +\tikzstyle{chain}=[rectangle,draw,minimum size=1em,minimum height=.5em] +\tikzstyle{arrow}=[->,thick,draw,shorten <=2pt,shorten >=2pt,] +\tikzstyle{tunnel}=[fill=gray,shape=ellipse,minimum size=4em,minimum height=1.1em] + +\newcommand{\iip}[1]{\textcolor{i4red}{#1}} + +\author[Christoph Egger]{{\bf Christoph Egger}, Johannes Schlumberger, Christopher + Kruegel, Giovanni Vigna} +\title{Practical Attacks Against The I2P Network} +\institute{Friedrich-Alexander University Erlangen-Nuremberg\\ +University of California, Santa Barbara} +\date{October 25, 2013} +\begin{document} + +\begin{frame}[plain] + \vspace{1.5em} + \titlepage + \begin{center} + \includegraphics[width=0.2\paperwidth]{ucsbseal} + \hspace{1.5em} + \includegraphics[width=0.25\paperwidth]{streifenlogo} + \end{center} +\end{frame} + +\begin{frame} + \frametitle{Outline} + \begin{multicols}{2} + \begin{block}{What is I2P?} + \begin{itemize} + \item Tunnels + \item Network Database + \item \textcolor{gray}{Floodfill Participation} + \item Thread model + \end{itemize} + \end{block} + \begin{block}{Attacks} + \begin{itemize} + \item \textcolor{gray}{Floodfill Takeover Attack} + \item Sybil Attack + \item \textcolor{gray}{Eclipse Attack} + \item Deanonymization Attack + \end{itemize} + \end{block} + \begin{block}{Evaluation} + \begin{itemize} + \item \textcolor{gray}{Floodfill Takeover Attack} + \item Sybil Attack + \item \textcolor{gray}{Eclipse Attack} + \item Deanonymization Attack + \end{itemize} + \end{block} + \begin{block}{Conclusions} + \begin{itemize} + \item Limitations + \item I2P Improvements + \item \textcolor{gray}{Related Work} + \end{itemize} + \end{block} + \end{multicols} +\end{frame} + +\begin{frame} + \frametitle{Introduction I2P} + \begin{itemize}\addtolength{\itemsep}{1\baselineskip} + \item Solution for anonymous Communication + \item Separated from the ``Internet'' -- \emph{Darknet} + \item Fully distributed Design + \item Based on Onion Routing + \item Between 18,000 and 28,000 active users + \end{itemize} +\end{frame} +\section{I2P} +\begin{frame} + \frametitle{I2P} + \begin{multicols}{2} + \begin{block}{Router} + \begin{itemize} + \item Handle Connections + \item Provide Name Services + \end{itemize} + \end{block} + \pause + \begin{block}{Applications} + \begin{itemize} + \item Server, Client or P2P Software + \item Sockets interface with TCP-like or UDP-like Semantics + \end{itemize} + \end{block} + \pause + \begin{figure} + \centering + \begin{tikzpicture}[scale=1.2] + \tikzstyle{every node}=[font=\tiny] + \node[minimum width=7em,minimum height=6em,draw=gray](clientpc) at (25mm,9mm) {}; + \node[above=0mm of clientpc.south] {User's Computer}; + \node[cloud,drop shadow,fill=white,draw,minimum + width=4.5em,minimum height=2.5em](ip) at (22mm,27mm) {I2P}; + \node[client](client) at (22mm, 18mm) {I2P Router}; + \node[rectangle,draw,below=0mm of client.south east](app1) {Application}; + \node[rectangle,draw,below=0mm of app1.south](app2) {Application}; + \node[rectangle,draw,below=0mm of app2.south](app3) {Application}; + + \path[arrow] (app1.west) -| ([xshift=3.5mm]client.south west); + \path[arrow] (app2.west) -| ([xshift=2.5mm]client.south west); + \path[arrow] (app3.west) -| ([xshift=1.5mm]client.south west); + \path[arrow] ([xshift=.5mm]client.north) -- ([xshift=.5mm]ip.south); + \path[arrow] ([xshift=-.5mm]ip.south) -- ([xshift=-.5mm]client.north); + \end{tikzpicture} + \end{figure} + + \end{multicols} +\end{frame} + +\begin{frame} + \frametitle{Tunnels} + \begin{itemize} + \item using onion-routing for anonymity + \item unidirectional + \item paired for bi-directional communication + \end{itemize}\pause + \begin{block}{Client Tunnels} + \begin{itemize} + \item Used for Data Interactions + \item Several pro Application + \end{itemize} + \end{block} + \pause + \begin{block}{Exploratory Tunnels} + \begin{itemize} + \item Used for Database interaction + \item 2 to 3 per Node + \end{itemize} + \end{block} +\end{frame} + +\begin{frame} + \frametitle{Network Database} + \begin{itemize} + \item<1-> Kademlia-like DHT based on \texttt{XOR}-distance run on + 320 super-nodes + \item<2-> \iip{databaseRecord}\\ + Information named using a hash over their cryptographic Keys + \item<3-> \iip{storageLocation}\\ + Hash over name and today's date + \item<4-> \iip{routerInfo}\\ + Peer information: IP address, Port, Protocol, Keys + \item<5-> \iip{leaseSet}\\ + Service Information: Entry tunnels, Keys + \end{itemize} + % \begin{multicols}{2} + % \begin{block}{\iip{routerInfo}} + % \begin{itemize} + % \item Peer information: IP address, Port, Protocol, Keys + % \end{itemize} + % \end{block} + % \begin{block}{\iip{leaseSet}} + % \begin{itemize} + % \item Service Information: Entry tunnels, Keys + % \end{itemize} + % \end{block} + % % \begin{figure} + % % \centering + % % \begin{tikzpicture} + % % \node[draw,rectangle split, rectangle split parts=2] (lease) at (-3em,0) {\iip{leaseSet}\nodepart{second}\tiny{Keys}}; + % % \node[draw,rectangle split, rectangle split parts=2] (router) at (3em,0) {\iip{routerInfo}\nodepart{second}\tiny{Keys}}; + % % \node[draw,ellipse] (hashfn1) at (0,-3em) {\tiny{SHA256}}; + % % \node[draw,rectangle] (hash1) at (0,-5.5em) {\iip{resourceIdentifier}}; + % % \node[draw,rectangle,right=-0.1mm of hash1.east] (day) {Date}; + + % % \node[draw,ellipse] (hashfn1) at (0,-8em) {\tiny{SHA256}}; + % % \node[draw,rectangle] (resID) at (0,-10.5em) {\iip{storageLocation}}; + % % \end{tikzpicture} + % % \end{figure} + % \end{multicols} +\end{frame} + +\begin{frame} + \frametitle{Sample Interaction} + \begin{figure} + \centering + \begin{tikzpicture}[scale=1.2] + \tikzstyle{every node}=[font=\tiny] +% netDB + \foreach \sector in {% + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9}% + { + \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 10mm) {\sector}; + } + \node at (0, 0) {netDB}; +% client + \node[client](client) at (28mm, 12mm) {Server Router}; + \node[rectangle,draw,below=0mm of client.south west] {Application}; + \node[minimum width=7em,minimum height=4em,draw=gray](clientpc) at (25mm,9mm) {}; + \node[above=0mm of clientpc.south] {Server's System}; +% server + \node[client](server) at (-42mm, 12mm) {Client Router}; + \node[rectangle,draw,below=0mm of server.south east] {Application}; + \node[minimum width=7em,minimum height=4em,draw=gray](clientpc) at (-38mm,9mm) {}; + \node[above=0mm of clientpc.south] {Client's System}; +% client client tunnel + \node[chain,minimum size=6.5em,minimum height=2em,draw=gray](tunnel) at (16mm,20.5mm) {}; + \node[above=0mm of tunnel.north] {Server's data tunnel pair}; +% \node[tunnel,minimum width=9.5em] at (16mm, 19mm) {}; +% \node[tunnel,minimum width=9.5em] at (16mm, 22mm) {}; +% + \node[chain] (cco1) at (23mm, 19mm) {}; + \path[arrow] ([xshift=4mm]client.north) |- (cco1.east); + \node[chain] (cco2) at (16mm, 19mm) {}; + \path[arrow] (cco1.west) -- (cco2.east); + \node[chain] (cco3) at (9mm, 19mm) {}; + \path[arrow] (cco2.west) -- (cco3.east); + \node[chain] (cci1) at (23mm, 22mm) {}; + \path[arrow] (cci1.east) -| ([xshift=5mm]client.north); + \node[chain] (cci2) at (16mm, 22mm) {}; + \path[arrow] (cci2.east) -- (cci1.west); + \node[chain] (cci3) at (9mm, 22mm) {}; + \path[arrow] (cci3.east) -- (cci2.west); +% server client tunnel + \node[chain,minimum size=6.5em,minimum height=2em,draw=gray](tunnel) at (-30mm,20.5mm) {}; + \node[above=0mm of tunnel.north] {Client's data tunnel pair}; +% \node[tunnel,minimum width=9.5em] at (-34mm, 19mm) {}; +% \node[tunnel,minimum width=9.5em] at (-34mm, 22mm) {}; +% + \node[chain] (csi1) at (-37mm, 19mm) {}; + \path[arrow,<-] ([xshift=-4mm]server.north) |- (csi1.west); + \node[chain] (csi2) at (-30mm, 19mm) {}; + \path[arrow,<-] (csi1.east) -- (csi2.west); + \node[chain] (csi3) at (-23mm, 19mm) {}; + \path[arrow,<-] (csi2.east) -- (csi3.west); + \node[chain] (cso1) at (-37mm, 22mm) {}; + \path[arrow,<-] (cso1.west) -| ([xshift=-5mm]server.north); + \node[chain] (cso2) at (-30mm, 22mm) {}; + \path[arrow,<-] (cso2.west) -- (cso1.east); + \node[chain] (cso3) at (-23mm, 22mm) {}; + \path[arrow,<-] (cso3.west) -- (cso2.east); +% client exploratory tunnel + \node[chain,minimum size=4.5em,minimum height=2em,draw=gray](tunnel) at (-32.5mm,-3.5mm) {}; + \node[below=0mm of tunnel.south,align=center] {Client's exploratory\\tunnel pair}; +% \node[tunnel,minimum width=7.5em] at (-36.5mm, 0mm) {}; +% \node[tunnel,minimum width=7.5em] at (-36.5mm, -3mm) {}; +% + \node[chain] (eo1) at (-36mm, -2mm) {}; + \path[arrow] ([xshift=-4mm]server.south) |- (eo1.west); + \node[chain] (ei1) at (-36mm, -5mm) {}; + \path[arrow,<-] ([xshift=-5mm]server.south) |- (ei1.west); + \node[chain] (eo2) at (-29mm, -2mm) {}; + \path[arrow] (eo1.east) -- (eo2.west); + \node[chain] (ei2) at (-29mm, -5mm) {}; + \path[arrow,<-] (ei1.east) -- (ei2.west); +% service lookup + \draw[arrow,bend right=20,dashdotted] (eo2.east) to node[above=.8em,align=center] {service\\lookup} (node4.west); + \draw[arrow,bend right=10,<-,dashdotted] (ei2.east) to node {} ([yshift=-1mm]node4.west); +% data link + \draw[arrow,bend left=15,dashdotted] (cco3.west) to node {} (csi3.east); + \draw[arrow,bend right=15,dashdotted] (cci3.west) to node {} (cso3.east); + \node at (-9mm,20.5mm) {Data connection}; + \end{tikzpicture} + \end{figure} +\end{frame} + +\begin{frame} + \frametitle{Thread Model} + \begin{itemize}\addtolength{\itemsep}{1\baselineskip} + \item Implicitly specified in terms of attacks considered + \item Only allows local adversaries: No global view about traffic + passing through the network + \item Only allows limited number of malicious nodes -- around 20\,\% + of \iip{netDB} super-nodes and 20\,\% of total nodes + \item Secure cryptographic primitives + \end{itemize} +\end{frame} + +\section{Attacks} +\begin{frame} + \frametitle{Sybil Attack} + \begin{block}{Definition} + In a Sybil Attack, the adversary utilizes multiple identities to + break assumptions about the system + \end{block}\pause + \begin{block}{Goal} + Gaining control over parts of the keyspace in the \iip{netDB} with + limited resources + \end{block}\pause + \begin{block}{Challenge} + Active identities require considerable resources to be useful + \end{block}\pause + \begin{block}{Solution} + Compute a large pool of identities and only activate the relevant ones + \end{block} +\end{frame} + +\begin{frame} + \frametitle{Deanonymizing Users} + \begin{block}{Goal} + Given an user Alice and a resource R, we want to confirm or refute + Alice using R with high probability. + \end{block}\pause + \begin{block}{Vulnerability} + \begin{itemize} + \item<2-> Nodes store their \iip{routerInfo} directly in the \iip{netDB} + \item<3-> Nodes verify the storage 20 seconds later using one of their + \iip{exploratory Tunnels} + \item<4-> Nodes use the same \iip{exploratory Tunnel} again for + resource lookups + \end{itemize} + \end{block} +\end{frame} + +\begin{frame} + \frametitle{Deanonymizing Users} + \begin{figure} + \centering +\begin{tikzpicture}[scale=1.4,font=\tiny] +% netDB + \foreach \sector in {% + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9}% + { + \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 12mm) {\sector}; + } + \node at (0, 0) {netDB}; +% client + \node[client](client) at (-45mm, 12mm) {Client}; +% store + \draw[arrow,bend left=5,dashdotted] (client.north east) to node[above] {store} (node7.north west); + \draw[arrow,<-,bend left=5,dashdotted] (client.east) to node {} (node7.west); +% flood + \draw[arrow,draw,bend right=15] (node7.south east) to node {} (node8.south west); + \draw[arrow,draw,bend right=15] (node7.south east) to node[below] {replication} (node9.west); + \draw[arrow,draw,bend left=15] (node7.south east) to node {} (node6.north east); +% tunnels + \node[chain,minimum size=6em,minimum height=3.5em,draw=gray](tunnel) at (-35mm,-2.5mm) {}; + \node[below=2mm of tunnel.south] {exploratory tunnel pair}; +% \node[tunnel] at (-35mm, 0mm) {}; + \node[chain] (ol) at (-40mm, 0mm) {}; + \node[chain] (oe) at (-30mm, 0mm) {}; +% \node[tunnel] at (-35mm, -5mm) {}; + \node[chain] (il) at (-40mm, -5mm) {}; + \node[chain] (ie) at (-30mm, -5mm) {}; + \path[arrow] ([xshift=-1mm]client.south) |- (ol.west); + \path[arrow,<-] ([xshift=-2mm]client.south) |- (il.west); + \path[arrow] (ol.east) -- (oe.west); + \path[arrow,<-] (il.east) -- (ie.west); +% verify + \draw[arrow,bend left=5,dashdotted] (oe.north east) to node[above] {verify} ([yshift=1mm]node6.west); + \draw[arrow,bend left=15,<-,dashdotted] (ie.north east) to node {} (node6.west); +%lookup + \draw[arrow,bend right=15,dashdotted] (oe.south east) to node[above] {lookup} (node4.west); + \draw[arrow,bend right=5,<-,dashdotted] (ie.south east) to node {} ([yshift=-1mm]node4.west); +\end{tikzpicture} +\end{figure} +\end{frame} + +\section{Evaluation} +\begin{frame} + \frametitle{Sybil Attack} + \begin{block}{Generating identities} + \begin{itemize} + \item Building a Database of 50,000 identities takes around 30 + minutes on 12-core Xeon server + \item 156 nodes on average between two adjacent database nodes + \item All identities available to all malicious nodes + \end{itemize} + \end{block}\pause + \begin{block}{Using identities} + \begin{itemize} + \item Malicious nodes can calculate the correct identities and + change identity at any time + \item Nodes coordinate to avoid duplicate identities + \end{itemize} + \end{block} +\end{frame} + +\begin{frame} + \frametitle{Deanonyizing Attack} + \begin{block}{Setup} + \begin{itemize} + \item 20 attacking nodes in Santa Barbara + \begin{itemize} + \item 10 nodes capturing resource lookups + \item 10 nodes performing timing attack on \iip{routerInfo} storage + \end{itemize} + \item 6 monitoring nodes: 3 in Erlangen, 3 in Santa Barbara + \end{itemize} + \end{block}\pause + \begin{block}{Results} + \begin{itemize} + \item 60\,\% of potentially observable links detected + \item 52\,\% of attributed hits correct + \item Working equally well for geographically remote Hosts + \end{itemize} + \end{block} +\end{frame} + +\begin{frame} + \frametitle{Deanonymizing Users} + \begin{figure} + \centering +\begin{tikzpicture}[scale=1.4,font=\tiny] +% netDB + \foreach \sector in {% + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9}% + { + \node[netdb](node\sector) at ({36 * (-\sector + .5)} : 12mm) {\sector}; + } + \node at (0, 0) {netDB}; +% client + \node[client](client) at (-45mm, 12mm) {Client}; +% store + \draw[arrow,bend left=5,dashdotted] (client.north east) to node[above] {store} (node7.north west); + \draw[arrow,<-,bend left=5,dashdotted] (client.east) to node {} (node7.west); +% flood + \draw[arrow,draw,bend right=15] (node7.south east) to node {} (node8.south west); + \draw[arrow,draw,bend right=15] (node7.south east) to node[below] {replication} (node9.west); + \draw[arrow,draw,bend left=15] (node7.south east) to node {} (node6.north east); +% tunnels + \node[chain,minimum size=6em,minimum height=3.5em,draw=gray](tunnel) at (-35mm,-2.5mm) {}; + \node[below=2mm of tunnel.south] {exploratory tunnel pair}; +% \node[tunnel] at (-35mm, 0mm) {}; + \node[chain] (ol) at (-40mm, 0mm) {}; + \node[chain] (oe) at (-30mm, 0mm) {}; +% \node[tunnel] at (-35mm, -5mm) {}; + \node[chain] (il) at (-40mm, -5mm) {}; + \node[chain] (ie) at (-30mm, -5mm) {}; + \path[arrow] ([xshift=-1mm]client.south) |- (ol.west); + \path[arrow,<-] ([xshift=-2mm]client.south) |- (il.west); + \path[arrow] (ol.east) -- (oe.west); + \path[arrow,<-] (il.east) -- (ie.west); +% verify + \draw[arrow,bend left=5,dashdotted] (oe.north east) to node[above] {verify} ([yshift=1mm]node6.west); + \draw[arrow,bend left=15,<-,dashdotted] (ie.north east) to node {} (node6.west); +%lookup + \draw[arrow,bend right=15,dashdotted] (oe.south east) to node[above] {lookup} (node4.west); + \draw[arrow,bend right=5,<-,dashdotted] (ie.south east) to node {} ([yshift=-1mm]node4.west); +\end{tikzpicture} +\end{figure} +\end{frame} + +\begin{frame} + \frametitle{Results for multiple Hits} + \small{ + $N=144$, Number of time slices\\ + $q=0.001$, 7\,\% of total nodes accessing the resource once a day\\ + $x=0.52\cdot p + 0.48\cdot q$ \\ + $P(k~hits) = {N \choose k} x^k \cdot (1-x)^{N-k}$} + \begin{figure} + \centering + \includegraphics[width=.7\textwidth]{graph} + \end{figure} +\end{frame} + +\section{Conclusions} + +\begin{frame} + \frametitle{Limitations} + \begin{itemize}\addtolength{\itemsep}{1\baselineskip} + \item Only works reliable for longer/repeated resource access + \item Less reliable for popular resources + \item Needs extra resources per tracked user and per resource + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{I2P Improvements} + \begin{itemize}\addtolength{\itemsep}{1\baselineskip} + \item Limiting \iip{netDB} nodes per IPv4 network + \item Ignoring new \iip{netDB} nodes + \item Removing storage verification + \item Randomizing the time delta + \item Expiring tunnels after storage verification + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Bibliography} + \nocite{Mittal:2012} + \nocite{Timpanaro:2011} + \nocite{Herrmann:2011} + \nocite{Douceur:2002} + \nocite{Dingledine:2004} + \nocite{Evans:2011} + \bibliographystyle{plain} + \tiny{\bibliography{../i2p}} +\end{frame} + +\end{document} + +%%% Local Variables: +%%% mode: latex +%%% TeX-master: t +%%% TeX-PDF-mode: t +%%% End: \ No newline at end of file -- 2.39.2