Compromising Tor Anonymity Exploiting P2P Information Leakage

Privacy of users in P2P networks goes far beyond their current usage and is a fundamental requirement to the adoption of P2P protocols for legal usage. In a climate of cold war between these users and anti-piracy groups, more and more users are moving to anonymizing networks in an attempt to hide their identity. However, when not designed to protect users information, a P2P protocol would leak information that may compromise the identity of its users. In this paper, we first present three attacks targeting BitTorrent users on top of Tor that reveal their real IP addresses. In a second step, we analyze the Tor usage by BitTorrent users and compare it to its usage outside of Tor. Finally, we depict the risks induced by this de-anonymization and show that users' privacy violation goes beyond BitTorrent traffic and contaminates other protocols such as HTTP

Bitcoin over Tor isn't a good idea

Bitcoin is a decentralized P2P digital currency in which coins are generated by a distributed set of miners and transaction are broadcasted via a peer-to-peer network. While Bitcoin provides some level of anonymity (or rather pseudonymity) by encouraging the users to have any number of random-looking Bitcoin addresses, recent research shows that this level of anonymity is rather low. This encourages users to connect to the Bitcoin network through anonymizers like Tor and motivates development of default Tor functionality for popular mobile SPV clients. In this paper we show that combining Tor and Bitcoin creates an attack vector for the deterministic and stealthy man-in-the-middle attacks. A low-resource attacker can gain full control of information flows between all users who chose to use Bitcoin over Tor. In particular the attacker can link together user's transactions regardless of pseudonyms used, control which Bitcoin blocks and transactions are relayed to the user and can \ delay or discard user's transactions and blocks. In collusion with a powerful miner double-spending attacks become possible and a totally virtual Bitcoin reality can be created for such set of users. Moreover, we show how an attacker can fingerprint users and then recognize them and learn their IP address when they decide to connect to the Bitcoin network directly.Comment: 11 pages, 4 figures, 4 table

Improving Content Availability in the I2P Anonymous File-Sharing Environment

International audienceAnonymous communication has gained more and more interest from Internet users as privacy and anonymity problems have emerged. Dedicated anonymous networks such as Freenet and I2P allow anonymous file-sharing among users. However, one major problem with anonymous file-sharing networks is that the available content is highly reduced, mostly with outdated files, and non-anonymous networks, such as the BitTorrent network, are still the major source of content: we show that in a 30-days period, 21648 new torrents were introduced in the BitTorrent community, whilst only 236 were introduced in the anonymous I2P network, for four different categories of content. Therefore, how can a user of these anonymous networks access this varied and non-anonymous content without compromising its anonymity? In this paper, we improve content availability in an anonymous environment by proposing the first internetwork model allowing anonymous users to access and share content in large public communities while remaining anonymous. We show that our approach can efficiently interconnect I2P users and public BitTorrent swarms without affecting their anonymity nor their performance. Our model is fully implemented and freely usable

Improving security and efficiency of mix-based anonymous communication systems

The communication layer leaks important private information even in the presence of encryption, which makes anonymous communication a fundamental element of systems that protect the privacy of users. Traffic mixers have long been used to achieve communication anonymity, but the security challenges and the resulted inefficiencies hinder the path to a wide adoption of these systems. In this thesis, we take a step towards improving the security of traffic mixers and building a platform for efficient anonymous communication. We begin by revisiting Binomial Mix, which is one of the most effective designs for traffic mixing proposed to date, and the one that introduced randomness to the behaviour of traffic mixers. When thoroughly examined in different traffic conditions, Binomial Mix proved to be significantly more resilient against attacks than previously believed. We then build on the design of Binomial Mix and propose two new designs for traffic mixers. The first design, Multi-Binomial Shared-Pool Mix (MBSP Mix), employs multiple sources of randomness which results in a behaviour less predictable by the attacker and thus provides a higher degree of anonymity. The second design, Multi-Binomial Independent-Pool Mix (MBIP Mix), enables a single traffic mixer to anonymise multiple communication channels with potentially differing latencies. This additional property significantly improves the security and efficiency of the mix. Moving beyond the design of traffic mixers in isolation, we propose the architecture and details of a generic framework for anonymous communication. The proposed framework consists of various parts designed to enable the integration of various Anonymous Communication Systems as plug-in components into a shared and unified system. In addition to achieving a larger user-base and enjoying its associated security benefits, this approach enables the reusability of components across multiple communication systems. Finally, we also present techniques to make the circuit establishment facility of the framework resistant towards Denial-of-Service attacks. We believe that our work is one step towards building a fully developed generic framework for anonymous communication and our results can inspire and be used for the design of a robust generic framework

Strategies for Unbridled Data Dissemination: An Emergency Operations Manual

This project is a study of free data dissemination and impediments to it. Drawing upon post-structuralism, Actor Network Theory, Participatory Action Research, and theories of the political stakes of the posthuman by way of Stirnerian egoism and illegalism, the project uses a number of theoretical, technical and legal texts to develop a hacker methodology that emphasizes close analysis and disassembly of existent systems of content control. Specifically, two tiers of content control mechanisms are examined: a legal tier, as exemplified by Intellectual Property Rights in the form of copyright and copyleft licenses, and a technical tier in the form of audio, video and text-based watermarking technologies. A series of demonstrative case studies are conducted to further highlight various means of content distribution restriction. A close reading of a copyright notice is performed in order to examine its internal contradictions. Examples of watermarking employed by academic e-book and journal publishers and film distributors are also examined and counter-forensic techniques for removing such watermarks are developed. The project finds that both legal and technical mechanisms for restricting the flow of content can be countervailed, which in turn leads to the development of different control mechanisms and in turn engenders another wave of evasion procedures. The undertaken methodological approach thus leads to the discovery of on-going mutation and adaptation of in-between states of resistance. Finally, an analysis of various existent filesharing applications is performed, and a new Tor-based BitTorrent tracker is set up to strengthen the anonymization of established filesharing methods. It is found that there exist potential de-anonymization attacks against all analyzed file-sharing tools, with potentially more secure filesharing options also seeing less user adoption