Cryptanalysis of a fair anonymity for the tor network

The aim of this paper is to present an attack upon the protocol of Diaz et al. \cite{Diaz}, which goal is to introduce a fair anonymity in the Tor network. This attack allows an attacker to impersonate Tor users with the complicity of an exit node

ENHANCING THE PERFORMANCE AND SECURITY OF ANONYMOUS COMMUNICATION NETWORKS

With the increasing importance of the Internet in our daily lives, the private information of millions of users is prone to more security risks. Users data are collected either for commercial purposes and sold by service providers to marketeers or political purposes and used to track people by governments, or even for personal purposes by hackers. Protecting online users privacy has become a more pressing matter over the years. To this end, anonymous communication networks were developed to serve this purpose. Tors anonymity network is one of the most widely used anonymity networks online; it consists of thousands of routers run by volunteers. Tor preserves the anonymity of its users by relaying the traffic through a number of routers (called onion routers) forming a circuit. Tor was mainly developed as a low-latency network to support interactive applications such as web browsing and messaging applications. However, due to some deficiencies in the original design of Tors network, the performance is affected to the point that interactive applications cannot tolerate it. In this thesis, we attempt to address a number of the performance-limiting issues in Tor networks design. Several researches proposed changes in the transport design to eliminate the effect of these problems and improve the performance of Tors network. In our work, we propose "QuicTor," an improvement to the transport layer of Tors network by using Googles protocol "QUIC" instead of TCP. QUIC was mainly developed to eliminate TCPs latency introduced from the handshaking delays and the head-of-line blocking problem. We provide an empirical evaluation of our proposed design and compare it to two other proposed designs, IMUX and PCTCP.We show that QuicTor significantly enhances the performance of Tors network. Tor was mainly developed as a low-latency network to support interactive web browsing and messaging applications. However, a considerable percentage of Tor traffic is consumed by bandwidth acquisitive applications such as BitTorrent. This results in an unfair allocation of the available bandwidth and significant degradation in the Quality-of-service (QoS) delivered to users. In this thesis, we present a QoS-aware deep reinforcement learning approach for Tors circuit scheduling (QDRL). We propose a design that coalesces the two scheduling levels originally presented in Tor and addresses it as a single resource allocation problem. We use the QoS requirements of different applications to set the weight of active circuits passing through a relay. Furthermore, we propose a set of approaches to achieve the optimal trade-off between system fairness and efficiency. We designed and implemented a reinforcement-learning-based scheduling approach (TRLS), a convex-optimization-based scheduling approach (CVX-OPT), and an average-rate-based proportionally fair heuristic (AR-PF). We also compared the proposed approaches with basic heuristics and with the implemented scheduler in Tor. We show that our reinforcement-learning-based approach (TRLS) achieved the highest QoS-aware fairness level with a resilient performance to the changes in an environment with a dynamic nature, such as the Tor networ

The Evolution of Giving: Considerations for Regulation of Cryptocurrency Donation Deductions

This Issue Brief looks at the rapidly growing area of cryptocurrency donations to nonprofit organizations. Given the recent IRS guidance issued on taxation of Bitcoin, specifically its decision to treat cryptocurrencies as property, questions now arise as to how charitable contributions of the coins will be valued for tax deductions. Though Bitcoin resembles most other capital gain property, its volatility, general decline in value, anonymity, and potential for abuse require specific guidance on valuation and substantiation so as to handle its unique nature and prevent larger deductions for charitable contributions than those to which taxpayers are entitled

The Evolution of Giving: Considerations for Regulation of Cryptocurrency Donation Deductions

This Issue Brief looks at the rapidly growing area of cryptocurrency donations to nonprofit organizations. Given the recent IRS guidance issued on taxation of Bitcoin, specifically its decision to treat cryptocurrencies as property, questions now arise as to how charitable contributions of the coins will be valued for tax deductions. Though Bitcoin resembles most other capital gain property, its volatility, general decline in value, anonymity, and potential for abuse require specific guidance on valuation and substantiation so as to handle its unique nature and prevent larger deductions for charitable contributions than those to which taxpayers are entitled

Compromising Tor Anonymity Exploiting P2P Information Leakage

Privacy of users in P2P networks goes far beyond their current usage and is a fundamental requirement to the adoption of P2P protocols for legal usage. In a climate of cold war between these users and anti-piracy groups, more and more users are moving to anonymizing networks in an attempt to hide their identity. However, when not designed to protect users information, a P2P protocol would leak information that may compromise the identity of its users. In this paper, we first present three attacks targeting BitTorrent users on top of Tor that reveal their real IP addresses. In a second step, we analyze the Tor usage by BitTorrent users and compare it to its usage outside of Tor. Finally, we depict the risks induced by this de-anonymization and show that users' privacy violation goes beyond BitTorrent traffic and contaminates other protocols such as HTTP

The Evolution of Embedding Metadata in Blockchain Transactions

The use of blockchains is growing every day, and their utility has greatly expanded from sending and receiving crypto-coins to smart-contracts and decentralized autonomous organizations. Modern blockchains underpin a variety of applications: from designing a global identity to improving satellite connectivity. In our research we look at the ability of blockchains to store metadata in an increasing volume of transactions and with evolving focus of utilization. We further show that basic approaches to improving blockchain privacy also rely on embedding metadata. This paper identifies and classifies real-life blockchain transactions embedding metadata of a number of major protocols running essentially over the bitcoin blockchain. The empirical analysis here presents the evolution of metadata utilization in the recent years, and the discussion suggests steps towards preventing criminal use. Metadata are relevant to any blockchain, and our analysis considers primarily bitcoin as a case study. The paper concludes that simultaneously with both expanding legitimate utilization of embedded metadata and expanding blockchain functionality, the applied research on improving anonymity and security must also attempt to protect against blockchain abuse.Comment: 9 pages, 6 figures, 1 table, 2018 International Joint Conference on Neural Network

Anonymity in Bitcoin and Bitmessage

This report describes two projects created by the author which are based on ideas which originate from the Bitcoin community. The first, bmd, is a re-implementation of the Bitmessage protocol in go. Bitmessage is an anonymous and secure messaging system invented by Jonathan Warren, who was inspired by the design of Bitcoin's p2p network. [WARR1] The second is Shufflepuff, an implementation of a protocol called CoinShuffle[RUFF1] which allows several people to construct a Bitcoin transaction with an input and an output for each participant without any participant knowing who owns which output. CoinShuffle was invented by Tim Ruffing et al, and it is an upgrade of a protocol called CoinJoin, invented by Gregory Maxwell. This paper discusses the background, properties, applications, and design of bmd and Shufflepuff. There is also a report of a performance analysis on bmd.Electrical and Computer Engineerin