Bitcoin over Tor isn't a good idea

Bitcoin is a decentralized P2P digital currency in which coins are generated by a distributed set of miners and transaction are broadcasted via a peer-to-peer network. While Bitcoin provides some level of anonymity (or rather pseudonymity) by encouraging the users to have any number of random-looking Bitcoin addresses, recent research shows that this level of anonymity is rather low. This encourages users to connect to the Bitcoin network through anonymizers like Tor and motivates development of default Tor functionality for popular mobile SPV clients. In this paper we show that combining Tor and Bitcoin creates an attack vector for the deterministic and stealthy man-in-the-middle attacks. A low-resource attacker can gain full control of information flows between all users who chose to use Bitcoin over Tor. In particular the attacker can link together user's transactions regardless of pseudonyms used, control which Bitcoin blocks and transactions are relayed to the user and can \ delay or discard user's transactions and blocks. In collusion with a powerful miner double-spending attacks become possible and a totally virtual Bitcoin reality can be created for such set of users. Moreover, we show how an attacker can fingerprint users and then recognize them and learn their IP address when they decide to connect to the Bitcoin network directly.Comment: 11 pages, 4 figures, 4 table

Deanonymisation techniques for Tor and Bitcoin

This thesis is devoted to low-resource off-path deanonymisation techniques for two popular systems, Tor and Bitcoin. Tor is a software and an anonymity network which in order to confuse an observer encrypts and re-routes traffic over random pathways through several relays before it reaches the destination. Bitcoin is a distributed payment system in which payers and payees can hide their identities behind pseudonyms (public keys) of their choice. The estimated number of daily Tor users is 2,000,000 which makes it arguable the most used anonymity network. Bitcoin is the most popular cryptocurrency with market capitalization about 3.5 billion USD. In the first part of the thesis we study the Tor network. At the beginning we show how to remotely find out which Tor relays are connected. This effectively allows for an attacker to reduce Tor users' anonymity by ruling out impossible paths in the network. Later we analyze the security of Tor Hidden Services. We look at them from different attack perspectives and provide a systematic picture of what information can be obtained with very inexpensive means. We expose flaws both in the design and implementation of Tor Hidden Services that allow an attacker to measure the popularity of arbitrary hidden services, efficiently collect hidden service descriptors (and thus get a global picture of all hidden services in Tor), take down hidden services and deanonymize hidden services. In the second part we study Bitcoin anonymity. We describe a generic method to deanonymize a significant fraction of Bitcoin users and correlate their pseudonyms with their public IP addresses. We discover that using Bitcoin through Tor not only provides limited level of anonymity but also exposes the user to man-in-the middle attacks in which an attacker controls which Bitcoin blocks and transactions the user is aware of. We show how to fingerprint Bitcoin users by setting an "address cookie" on their computers. This can be used to correlate the same user across different sessions, even if he uses Tor, hidden-services or multiple proxies. Finally, we describe a new anonymous decentralized micropayments scheme in which clients do not pay services with electronic cash directly but submit proof of work shares which the services can resubmit to a crypto-currency mining pool. Services credit users with tickets that can later be used to purchases enhanced services

ACTIVE TECHNIQUES FOR REVEALING AND ANALYZING THE SECURITY OF HIDDEN SERVERS

In the last years we have witnessed a boom in the use of techniques and tools that provide anonymity. Such techniques and tools are used by clients that want their communication to stay anonymous or to access censored content, as well as by administrators to hide the location of their servers. All those activities can be easily performed with the support of an anonymity network. An important component of an anonymity network is the hidden server, a machine whose IP address is kept secret. Such hidden servers are the target of research in this thesis. More specifically, we focus on different types of hidden servers used in the Tor anonymity network. Tor hidden services (HSes) are anonymous services hosted in the Tor Network. The HS itself is a hidden server because users that connect to it are not aware of its IP address, and thus its location. Another equally important kind of hidden servers are Tor bridges. Bridges are entry nodes of the Tor Network, whose IP address is not publicly disclosed to avoid blocking traffic towards them. Bridges are meant to be used by clients that connect from countries where governments perform selective filtering over the contents that users can access, and for this reason governments try to block connections to those nodes. In this thesis we develop novel approaches and we implement them into techniques to analyze the security and reveal the location of hidden servers. This thesis comprises two parts, one dealing with HSes and the other one with bridges. In the first part of the thesis, we develop a novel active approach for recovering the IP address of hidden servers that are used for hosting HSes. To this end, we design, implement, and evaluate a tool called Caronte that explores the content and configuration of a hidden service to automatically identify location leaks. Later those leaks are leveraged for trying to unveil the IP address of the hidden service. Our approach differs from previous ones, because Caronte does not rely on flaws in the Tor protocol and assumes an open-world model, i.e., it does not require a list of candidate servers known in advance. A final validation iistep guarantees that all the candidates that are false positives (i.e., they are not hosting the hidden service) are discarded. We demonstrate Caronte by running it on real HSes and successfully deanonymizing over 100 of them. In the second part of the thesis we perform the first systematic study of the Tor bridge infrastructure. Our study covers both the public bridge infrastructure available to all Tor users, and the previously unreported private bridge infrastructure, comprising private nodes for the exclusive use of those who know about their existence. Our analysis of the public infrastructure is twofold. First, we examine the security implications of the public data accessible from the CollecTor service. This service collects and publishes detailed information and statistics about core elements of the Tor Network. Despite the fact that CollecTor anonymizes sensitive data (e.g., IP or emails of bridge owners) prior to its publication, we identify several pieces of information that may be detrimental for the security of public bridges. Then, we measure security relevant properties of public bridges, including their lifetime and how often they change IP and port. Our results show how the public bridge ecosystem with clients is stable and those bridges rarely change their IP address. This has consequences for the current blocking policies that governments are using to restrict access to the anonymity network, because more aggressive strategies could be adopted. We also show how the presence of multiple transport protocols could harm bridge anonymity (since the adversary becomes able to identify the bridge through the weakest protocol). To study the private bridge infrastructure, we use an approach to discover 694 private bridges on the Internet and a novel technique, that leverages additional services running on bridges, to track bridges across IP changes. During this process, we identify the existence of infrastructures that use private proxies to forward traffic to backend bridges or relays. Finally, we discuss the security implications of our findings

Attacking and Defending Emerging Computer Systems Using The Memory Remanence Effect

In computer systems, manufacturing variances and hardware effects are typically abstracted away by the software layer. This dissertation explores how these effects, specifically memory remanence, can be used both as an attack vector and a tool to defend emerging computing systems. To achieve this, we show how time-keeping, anonymity, and authenticity can be affected by memory remanence. In terms of attacks, we explore the deanonymizing effect of approximate computing in the context of approximate memory in Probable Cause. We show how data passing through an approximate memory is watermarked with a device specific tag that points the attacker back to the device. In terms of defenses, we first present TARDIS: an approach to provide a notion of time for transiently powered embedded devices without requiring any hardware modification using remanence effect of SRAM. TARDIS allows these devices to keep a coarse-grained notion of time without the need for a running clock. Second, we propose data retention voltage of memory cells as a new type of physical unclonable function that allows for low-cost authentication and counterfeit resistance in computer systems.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/136985/1/rahmati_1.pd

Hardening Tor Hidden Services

Tor is an overlay anonymization network that provides anonymity for clients surfing the web but also allows hosting anonymous services called hidden services. These enable whistleblowers and political activists to express their opinion and resist censorship. Administrating a hidden service is not trivial and requires extensive knowledge because Tor uses a comprehensive protocol and relies on volunteers. Meanwhile, attackers can spend significant resources to decloak them. This thesis aims to improve the security of hidden services by providing practical guidelines and a theoretical architecture. First, vulnerabilities specific to hidden services are analyzed by conducting an academic literature review. To model realistic real-world attackers, court documents are analyzed to determine their procedures. Both literature reviews classify the identified vulnerabilities into general categories. Afterward, a risk assessment process is introduced, and existing risks for hidden services and their operators are determined. The main contributions of this thesis are practical guidelines for hidden service operators and a theoretical architecture. The former provides operators with a good overview of practices to mitigate attacks. The latter is a comprehensive infrastructure that significantly increases the security of hidden services and alleviates problems in the Tor protocol. Afterward, limitations and the transfer into practice are analyzed. Finally, future research possibilities are determined

Application of data analytics - Case studies

Data analytics is the technique of finding knowledge by examining raw data. It is an important tool for researchers to verify existing knowledge or infer new knowledge. In this dissertation, we focus on anonymous traffic and privacy-aware systems. Our research is divided into three data analytics case studies. We use data analytics to learn from and improve existing systems. Tor, an anonymous network, is designed to protect Internet users from traffic analysis attacks. Researchers have shown that traffic analysis like timing attack and website fingerprinting attack are still realistic and can be used to deanonymize Tor users. We first analyze the anonymity of Tor itself; we show that a timing attack can be used to bypass the anonymity provided by Tor. We also propose a schema to identify this type of timing attack. Our second case study is about website fingerprinting. We propose a new realistic cover traffic algorithm to mitigate website fingerprinting attacks. Our algorithm reduces the accuracy of website fingerprinting attacks to 14% with zero latency overhead and 20% bandwidth overhead. Our third case study is about web browser fingerprinting in anonymous communications. We analyze the network traffic generated by web browsers and show that features of web browsers can be inferred with high probability

(Nothing else) MATor(s): Monitoring the Anonymity of Tor\u27s Path Selection

In this paper we present MATor: a framework for rigorously assessing the degree of anonymity in the Tor network. The framework explicitly addresses how user anonymity is impacted by real-life characteristics of actually deployed Tor, such as its path selection algorithm, Tor consensus data, and the preferences and the connections of the user. The anonymity assessment is based on rigorous anonymity bounds that are derived in an extension of the AnoA framework (IEEE CSF 2013). We show how to apply MATor on Tor\u27s publicly available consensus and server descriptor data, thereby realizing the first real-time anonymity monitor. Based on experimental evaluations of this anonymity monitor on Tor Metrics data, we propose an alternative path selection algorithm that provides stronger anonymity guarantees without decreasing the overall performance of the Tor network

TOWARDS RELIABLE CIRCUMVENTION OF INTERNET CENSORSHIP

The Internet plays a crucial role in today\u27s social and political movements by facilitating the free circulation of speech, information, and ideas; democracy and human rights throughout the world critically depend on preserving and bolstering the Internet\u27s openness. Consequently, repressive regimes, totalitarian governments, and corrupt corporations regulate, monitor, and restrict the access to the Internet, which is broadly known as Internet \emph{censorship}. Most countries are improving the internet infrastructures, as a result they can implement more advanced censoring techniques. Also with the advancements in the application of machine learning techniques for network traffic analysis have enabled the more sophisticated Internet censorship. In this thesis, We take a close look at the main pillars of internet censorship, we will introduce new defense and attacks in the internet censorship literature. Internet censorship techniques investigate users’ communications and they can decide to interrupt a connection to prevent a user from communicating with a specific entity. Traffic analysis is one of the main techniques used to infer information from internet communications. One of the major challenges to traffic analysis mechanisms is scaling the techniques to today\u27s exploding volumes of network traffic, i.e., they impose high storage, communications, and computation overheads. We aim at addressing this scalability issue by introducing a new direction for traffic analysis, which we call \emph{compressive traffic analysis}. Moreover, we show that, unfortunately, traffic analysis attacks can be conducted on Anonymity systems with drastically higher accuracies than before by leveraging emerging learning mechanisms. We particularly design a system, called \deepcorr, that outperforms the state-of-the-art by significant margins in correlating network connections. \deepcorr leverages an advanced deep learning architecture to \emph{learn} a flow correlation function tailored to complex networks. Also to be able to analyze the weakness of such approaches we show that an adversary can defeat deep neural network based traffic analysis techniques by applying statistically undetectable \emph{adversarial perturbations} on the patterns of live network traffic. We also design techniques to circumvent internet censorship. Decoy routing is an emerging approach for censorship circumvention in which circumvention is implemented with help from a number of volunteer Internet autonomous systems, called decoy ASes. We propose a new architecture for decoy routing that, by design, is significantly stronger to rerouting attacks compared to \emph{all} previous designs. Unlike previous designs, our new architecture operates decoy routers only on the downstream traffic of the censored users; therefore we call it \emph{downstream-only} decoy routing. As we demonstrate through Internet-scale BGP simulations, downstream-only decoy routing offers significantly stronger resistance to rerouting attacks, which is intuitively because a (censoring) ISP has much less control on the downstream BGP routes of its traffic. Then, we propose to use game theoretic approaches to model the arms races between the censors and the censorship circumvention tools. This will allow us to analyze the effect of different parameters or censoring behaviors on the performance of censorship circumvention tools. We apply our methods on two fundamental problems in internet censorship. Finally, to bring our ideas to practice, we designed a new censorship circumvention tool called \name. \name aims at increasing the collateral damage of censorship by employing a ``mass\u27\u27 of normal Internet users, from both censored and uncensored areas, to serve as circumvention proxies