a potential technique to deanonymise users of the tor network · hop in the tor network • we...
TRANSCRIPT
![Page 1: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/1.jpg)
UK TOP SECRET STRAPl COMINT
A potential technique to deanonymise users of the TOR network
OPC-MCR, GCHQ
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ on
© Crown Copyright. All rights reserved.
![Page 2: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/2.jpg)
UK TOP SECRET STRAPl COMINT
Outline
• TOR and the need for deanonymisation • Data transformation • Scoring
• Results
• Current status • Software
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ
© Crown Copyright. All rights reserved.
![Page 3: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/3.jpg)
UK TOP SECRET STRAPl COMINT
What is TOR?
• "The Onion Router" • Hides source of traffic by passing encrypted
versions of your internet traffic between multiple TOR routers
• Notation: - "Client" -the initiator of communication - "Guard node" -the TOR router the client contacts - "Exit node" - the TOR router that relays your traffic to
the final destination (with no extra encryption so this link can be exploited by SIGINT system)
~~~ This information is exempt from disclosure under the Freedom of Information Act 2000 and ~G Q~ other UK information legislation. Refer disclosure requests to GCHQ
G ( H Q © Crown Copyright. All rights reserved.
![Page 4: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/4.jpg)
Client
UK SECRET STRAPl COMINT
What is TOR? Guard Node~
-
Onion Router · """"""'"
A
Onion Router
B
•. H .. .. .. .. · .... .. ..... •i!•
Onion Router
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ
© Crown Copyright. All rights reserved.
Exit Node
Server
![Page 5: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/5.jpg)
UK TOP SECRET STRAPl COMINT
Who uses TOR?
• TOR was created by the US government and is now maintained by the Electronic Frontier Foundation (EFF)
• EFF will tell you there are many pseudo-legitimate uses for TOR
• We're interested as bad people use TOR, in particular: - Terrorists - Paedophiles
~~~ This information is exempt from disclosure under the Freedom of Information Act 2000 and ~G Q~ other UK information legislation. Refer disclosure requests to GCHQ
G ( H Q © Crown Copyright. All rights reserved.
![Page 6: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/6.jpg)
UK TOP SECRET STRAPl COMINT
Aim
• Find client IP address associated with TOR exit node traffic
• Attack based on externals - specifically packet timings - Strong crypt is being used
This information is exempt from disclosure under the Freedom of I other UK information legislation. Refer disclosure requests to GCHQ
© Crown Copyright. All rights reserved.
![Page 7: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/7.jpg)
UK TOP SECRET STRAPl COMINT
Aim
• We'll make our task easier by assuming we own the exit node being used - Allows us to see all the traffic associated with a TOR
circuit - Demultiplex traffic by (unknown) user
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under other UK information legislation. Refer disclosure requests to GCHQ on ___ llllllil_lllillll ___ _ © Crown Copyright. All rights reserved.
![Page 8: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/8.jpg)
UK TOP SECRET STRAPl COMINT
Side note: Circuit tracing
• One suggestion was to track packets through each hop in the TOR network
• We experimented with spotting all links in circuits created by GCHQ
• Visibility was too low to be a sensible approach - 13 out of 8294 potential inter-TOR-router links were seen
• We will directly correlate: - exit node traffic, and
- traffic between client and guard node
~~~ This information is exempt from disclosure under the Freedom of Information Act 2000 and ~G Q~ other UK information legislation. Refer disclosure requests to GCHQ
G ( H Q © Crown Copyright. All rights reserved.
![Page 9: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/9.jpg)
UK SECRET STRAPl COMINT
Guard Node Client Onion
Router A
Collect through SIGINT
Onion Router
B
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ on
© Crown Copyright. All rights reserved.
Own this node
xit Node
Server
![Page 10: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/10.jpg)
UK TOP SECRET STRAPl COMINT
Test data collection
• Used the standard "TOR button" web-browser package to access TOR
• Made minor changes to ensure we could collect exit node traffic 1. "News": Search for news, visit news websites 2. "TOR": Browse the TOR website and then use a privacy
checking website • Split into 2a and 2b as TOR changed circuit mid-way through
1. "Download": visit to Slash Dot followed by downloading a large PDF file.
2. "Forum": Search on Google followed by browsing a PC technical help forum.
~~~ This information is exempt from disclosure under the Freedom of Information Act 2000 and ~G Q~ other UK information legislation. Refer disclosure requests to GCHQ on
G ( H Q © Crown Copyright. All rights reserved.
![Page 11: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/11.jpg)
UK TOP SECRET STRAPl COMINT
Flattening of timing patterns
• (ICTR-NE) observed that TOR can flatten out timing patterns
• TOR uses a rate-limiting store-and-forward procedure at each TOR router
• Graph shows bytes of exit node traffic in green and client traffic in red whilst downloading a 1MB file (fiqure from
r
1-
,, ld1i l IIIII IIIIIL IIIidl l r1ll,,l1 il Lilli lr lrll llrl,flrlrrdlllll lliilfl,lll l I Ill,,, IIIII IIIII .. 1111111 IIIII IIIII I IIIII I IIIII IIII I IIIII I llllllllllllllllillllilllilll, I I I I
Os 5 0 ; 1005 150s 200s
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ on
© Crown Copyright. All rights reserved.
50000
25000
0
![Page 12: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/12.jpg)
UK TOP SECRET STRAPl COMINT
Cumulative packet cou n~s
• Our new insight is to use cumulative packet counts
• Hope packets are approximately preserved - Approximate as TOR
repacketises data
• See strong correlation
Ex it -Guard -
~j~Ct~os--------~,~ ~j~St~oc--------~1
I I I I I I I I I
15:46 15:48 15 :50 15:52 15:54 15 :56 15:46 15:48 15:50 15:52 15 :54 15:56
-~i7--lal~r~ la
C: I I I L....:.......,-1 -----,1-------,--1 __ ___J
g 16:02 16:04 16:06 16:02 16:04 16:06
f ;Cos , ~bl ~foc , ~b l E 16:02 16:04 16:06 16:08 16:02 16:04 16:06 16:08
a;ros ' ;~:/l!roc' ~3 16:12 16:14 16:16 16:18 16:12 16:14 16:16 16:18
~fos 4J~f'oc ~4 I I I~ I I I I
16:22 16:24 16:26 16 28 16:22 16:24 16:26 16:28
T ime (hh :mm)
This information is exempt from disclosure under the Freedom of I other UK information legislation. Refer disclosure requests to GCHQ
© Crown Copyright. All rights reserved.
![Page 13: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/13.jpg)
UK TOP SECRET STRAPl COMINT
Scoring: basic idea
• An idea of - Bin time into intervals - For each interval get a pair (Ei, Gi)
• Cumulative exit node packets upto time i • Cumulative guard node packets upto time i
- Measure the correlation between these pairs
• We use ls time-windows - Easy for the SIGINT system -Seems to work
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ on
© Crown Copyright. All rights reserved.
![Page 14: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/14.jpg)
UK TOP SECRET STRAPl COMINT
Scoring: refinements
• We also expect counts to be similar Fit a linear model
• Gi =a+ PEi
Only accept sessions where 1h < p < 2
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ
© Crown Copyright. All rights reserved.
![Page 15: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/15.jpg)
UK TOP SECRET STRAPl COMINT
Scoring: refinements
• There may be an unknown time-offset - Traffic takes time to relay through the TOR network - SIGINT clocks may not be synchronised - We slide the traces against each other and find the best
match - Truncate to exit node trace (we know that it is a
complete TOR circuit)
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under
other UK information legislation. Refer disclosure requests to GCHQ on --------·
© Crown Copyright. All rights reserved.
![Page 16: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/16.jpg)
UK TOP SECRET STRAPl COMINT
Self-comparison beta rA2
-500 0 500
• We show how the score 2 .0 CtoS 1 StoC
1.5
1
behaviour as a function 1.0
0 .5
of time slide 0 .0 ~ /~
CtoS 2a StoC 2a
• See high correlation fLo u (pink) at small time 2.0
1.5
CtoS 2b StoC 2b
offset 1.0
0 .5
0.0 ~ A CtoS 3 StoC 3
• Also generally see ~ (blue) in a sensible A ~
CtoS 4 StoC 4
range 2.0
1.5
1.0
0 .5
0.0 ~ ~ -500 0 500
Time offset Is
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ on
© Crown Copyright. All rights reserved.
2 .0
1.5
1.0
0 .5
0 .0
2.0
1.5
1.0
0.5
0.0
![Page 17: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/17.jpg)
UK TOP SECRET STRAPl COMINT
False positives
• Want an algorithm with very low false positive rate • Used 2 hours of (timestamp, source IP, destination
IP) tuples captured from 4 lOG internet bearers • Filtered to tuples between a guard node and a non
TOR node • Allow time to arbitrarily slide +/- 2 hours
- In real redeployment one would restrict this slide
• Allow us to plot ROC curves for the technique
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ on
© Crown Copyright. All rights reserved.
![Page 18: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/18.jpg)
UK TOP SECRET STRAF
False positives
• Linear- log ROC curve plot • Server-to-client good
We miss the very short "2a" session with no false-positives Threshold r2=0.998
• High as comparing increasing functions
• Client-to-server direction -many false positives
There's less structure in data as less data flows in this direction when web-browsing
This information is exempt from disclosure under the Freedom of lnfor other UK information legislation. Refer disclosure requests to GCHQ c
© Crown Copyright. All rights reserved.
~ .,....
ro 0
2 !'!:!
(£)
~ 0
'iii 0 0.. """ 0 Q) ::::l .=
N 0
0 0
0
oO 0
Q)
-ro ..... (£)
~ 0 :;:::; 'iii 0
""" 0.. Q) 0 ::::l .=
N 0
0 0
Server to client
-
-
-
-
-
-I I I I
1e-06 1e-04 1e-02 1e+OO
False positive rate
Client to server
1e-06 1e-04 1e-02 1e+OO
False positive rate
![Page 19: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/19.jpg)
UK TOP SECRET STRAPl COMINT
A larger experiment
• We want to find some false hits to understand worst case accuracy for the server-to-client direction
• Let's open the aperture very wide - 2027 bearer hours of logs with any time slide - Filter to all traffic involving a TOR node
• Not just likely guard-to-client traffic as before
• We find some false hits (540) but rate is assessed to be low enough.
• 92% of false hits are against the big download session which has little structure
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ
© Crown Copyright. All rights reserved.
![Page 20: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/20.jpg)
UK TOP SECRET STRAPl COMINT
The next step
• We are collecting the required logs of packet times with TOR guard nodes in SIGINT
• GTE I JTRIG have adapted some TOR exit nodes we own to collect the required exit node data - We are keen to engage with others with exit nodes too
• Then run the attack - Expect to basically work
- Some extra work might be required to only allow queries on sessions with enough structure
• Need the bulk data first to progress this question
~ ~ ~ This information is exempt from disclosure under the Freedom of I i ~G Q~ other UK information legislation. Refer disclosure requests to GCHQ
G ( H Q © Crown Copyright. All rights reserved.
![Page 21: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/21.jpg)
UK TOP SECRET STRAPl COMINT
R package
e can be downloaded from
• Includes algorithm and the collected web-browsing data
• Recommend R packages for sharing analytics, can contain: - R I C I Fortran code - Example data - Runnable examples and documentation - Unit tests
This information is exempt from disclosure under the Freedom of I other UK information legislation. Refer disclosure requests to GCHQ
© Crown Copyright. All rights reserved.
![Page 22: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/22.jpg)
UK TOP SECRET STRAPl COMINT
Conclusion
• Have shown a potential externals-based deanonymisation attack for TOR - Requires SIGINT collection of guard-to-client packet
times - Requires TOR collection from exit nodes we own
• Hope to get this running live at GCHQ soon
• Full paper and software available from
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ on
© Crown Copyright. All rights reserved.
![Page 23: A potential technique to deanonymise users of the TOR network · hop in the TOR network • We experimented with spotting all links in circuits created by GCHQ • Visibility was](https://reader033.vdocument.in/reader033/viewer/2022052014/602b559e16587c2e7832d38b/html5/thumbnails/23.jpg)
UK TOP SECRET STRAPl COMINT
Questions?
• Work by •
This information is exempt from disclosure under the Freedom of Information Act 2000 and other UK information legislation. Refer disclosure requests to GCHQ on
© Crown Copyright. All rights reserved.