Anonymous networks and timing attacks: a low-cost attack on Tarzan and Morphmix
Introduction | Tor | Tarzan and MorphMix | Low-cost attack | Low-cost attack on Tarzan and Morphmix | Principles of building secure systems (conclusion)
To test for Tarzan and MorphMix, we took the same attack model that was used in Tor. An attacker needs two things: a malicious host and a malicious server. The sender will act as a malicious node in both networks (Tarzan and MorphMix). In Tarzan terminology, it is called the Tarzan client, in MorphMix it is called the initiator node.
Next, the malicious host should receive a list of all other hosts. Then, it establishes a connection with each of them and tracks the delays that occur in connections. Observation should be carried out for some time. During the entire observation period, the malicious server continues to send its traffic to the system. At the end of the observation period, the results of measurements of delays in each connection are used to estimate the traffic volumes of the corresponding nodes. Then the node loads are compared with the server traffic. If matches are found, the node enters the anonymizing chain. After a comparison for all nodes, you can identify the entire chain.
Thus, for a successful attack, the following conditions must be met:
Tor is subject to attack, because its architecture meets these requirements. First, the Tor developers removed the blending operations and covering traffic, so the time characteristics of the streams persist throughout the chain. This was confirmed by experiments (Murdoch & Danezis 2005). Secondly, Tor provides the directory service with which the Tor client can get a list of all nodes (Tor servers) of the network. Thirdly, nothing prevents the Tor client from connecting to all Tor servers.
')
Check if Tarzan meets the above conditions.
Between Tarzan and Tor there are two main differences affecting the delay in networks. First, Tor handles queues in the round-robin fashion mode. Secondly, in Tor there is no mix and cover traffic. In Tarzan, things are different. Tarzan provides a mechanism for imitators. Due to which the activity of communications originating from a node is comparable with the activity of incoming ones. If any connection is not active enough, Tarzan adds fake traffic. In addition, before sending, the Tarzan node performs some blending operations on all outgoing flows.
So the question is whether the simulator mechanism can destroy the timing characteristics of the streams being transmitted. The only way to check is to conduct an experiment similar to the one that was arranged in Tor. Unfortunately, we do not have a test bench of the simulator mechanism. Let's leave this question open and we will assume that timing-characteristics are not destroyed. Thus, we still believe that the attack on Tor is also effective for Tarzan.
To search for other nodes in the network, the Tarzan node uses a gossip-protocol based mechanism. Those. Each Tarzan node can theoretically get information about all other nodes on the network. But the task can be difficult to accomplish due to the fact that Tarzan is a peer-to-peer network and the number of nodes can be very large and constantly changing. Thus, it seems doubtful that a malicious host will be able to estimate the delays of all other nodes on the network. However, since there is a theoretical possibility; we will assume that the condition is fulfilled.
If, after receiving a list of all the other hosts on the network, the malicious host has the opportunity to establish a direct connection with each of them, then the third condition is satisfied. Unlike Tor, Tarzan allows you to transmit traffic only through facial expressions. Thus, if a node is not included in the number of mimics of a malicious node, the malicious node will not be able to establish a direct connection with it. If the connection requires intermediaries, the malicious node cannot correctly measure the delays. Because the measurements may depend on the delays created by the intermediate nodes. Thus, it looks like a low-cost attack does not apply to Tarzan. However, it is not. In Tarzan there is PNAT - the last node in the tunnel, through which the connection goes to the outside world. Unlike other intermediate nodes in the tunnel, when the choice of each next node is limited to the list of mimics, the PNAT can be assigned to any network node. Thus, a malicious node has the ability to establish a direct connection without intermediaries with any node - the mimics mechanism does not solve the problem.
Summarize. Low-cost attack applicable to Tarzan, because The mimics mechanism does not destroy the timing characteristics of the streams, and PNAT can be chosen from among all network nodes, and not just from mimics.
The main difference between MorphMox and Tor lies in the network architecture and how the selection of the transmission nodes of the tunnel and the output node occurs. MorphMix follows the peer-to-peer architecture, and in Tor, dedicated servers are used as transmission nodes. In Tor, the Tor client independently selects all nodes for the organization of an anonymous tunnel. In MorphMix all intermediate nodes participate in the formation of the tunnel. There is an exit node in Tor, but no in MorphMix. Check the applicability of the low-cost attack on MorphMix using the same three criteria.
After the tunnel is established, the MorphMix and Tor nodes work in the same way. Both have no cover traffic. Thus, in this cut, the attack can be applied to MorphMix.
For the network, each MorphMix node may not know all the other nodes. Enough for each node to know its neighbors. When a node wants to create a tunnel, it sequentially requests from each subsequent MorphMix node a list of recommended nodes from which the next tunnel node will be selected. This mechanism allows you to create anonymous tunnels without having a list of all nodes on the network.
The bottom line is this. To launch an attack, a malicious host needs to get a list of all hosts. This is not a trivial task, because it is only possible to obtain information about other nodes using the tunnel creation mechanism. For a successful attack, a more efficient search mechanism is required - otherwise the definition of the list of all network nodes is very expensive. Those. The “low-cost” attack becomes “expensive.” In addition, by the time the list is created, it is likely to become obsolete, since The composition of the peer-to-peer network is very unstable. In addition, since MorphMix nodes do not know all the other nodes of the network, there is no guarantee that communication can be established between all nodes (whether direct or not). Thus, the attack is not feasible.
There are no connection restrictions in MorpMix. Those. each node can establish a direct connection with any other node.
In short, the described attack does not apply to MorpMix, because a malicious host cannot obtain a list of all other hosts on the network.
To test for Tarzan and MorphMix, we took the same attack model that was used in Tor. An attacker needs two things: a malicious host and a malicious server. The sender will act as a malicious node in both networks (Tarzan and MorphMix). In Tarzan terminology, it is called the Tarzan client, in MorphMix it is called the initiator node.
Next, the malicious host should receive a list of all other hosts. Then, it establishes a connection with each of them and tracks the delays that occur in connections. Observation should be carried out for some time. During the entire observation period, the malicious server continues to send its traffic to the system. At the end of the observation period, the results of measurements of delays in each connection are used to estimate the traffic volumes of the corresponding nodes. Then the node loads are compared with the server traffic. If matches are found, the node enters the anonymizing chain. After a comparison for all nodes, you can identify the entire chain.
Thus, for a successful attack, the following conditions must be met:
- The delays observed by a malware node really should reflect the load of other nodes.
- A malicious node should be able to obtain information about all other nodes on the network.
- A malicious node should be able to establish a direct connection with all other nodes.
Tor is subject to attack, because its architecture meets these requirements. First, the Tor developers removed the blending operations and covering traffic, so the time characteristics of the streams persist throughout the chain. This was confirmed by experiments (Murdoch & Danezis 2005). Secondly, Tor provides the directory service with which the Tor client can get a list of all nodes (Tor servers) of the network. Thirdly, nothing prevents the Tor client from connecting to all Tor servers.
')
Low cost attack in Tarzan
Check if Tarzan meets the above conditions.
Delays
Between Tarzan and Tor there are two main differences affecting the delay in networks. First, Tor handles queues in the round-robin fashion mode. Secondly, in Tor there is no mix and cover traffic. In Tarzan, things are different. Tarzan provides a mechanism for imitators. Due to which the activity of communications originating from a node is comparable with the activity of incoming ones. If any connection is not active enough, Tarzan adds fake traffic. In addition, before sending, the Tarzan node performs some blending operations on all outgoing flows.
So the question is whether the simulator mechanism can destroy the timing characteristics of the streams being transmitted. The only way to check is to conduct an experiment similar to the one that was arranged in Tor. Unfortunately, we do not have a test bench of the simulator mechanism. Let's leave this question open and we will assume that timing-characteristics are not destroyed. Thus, we still believe that the attack on Tor is also effective for Tarzan.
Ability to obtain information about all network nodes
To search for other nodes in the network, the Tarzan node uses a gossip-protocol based mechanism. Those. Each Tarzan node can theoretically get information about all other nodes on the network. But the task can be difficult to accomplish due to the fact that Tarzan is a peer-to-peer network and the number of nodes can be very large and constantly changing. Thus, it seems doubtful that a malicious host will be able to estimate the delays of all other nodes on the network. However, since there is a theoretical possibility; we will assume that the condition is fulfilled.
The ability to establish a direct connection to other nodes on the network
If, after receiving a list of all the other hosts on the network, the malicious host has the opportunity to establish a direct connection with each of them, then the third condition is satisfied. Unlike Tor, Tarzan allows you to transmit traffic only through facial expressions. Thus, if a node is not included in the number of mimics of a malicious node, the malicious node will not be able to establish a direct connection with it. If the connection requires intermediaries, the malicious node cannot correctly measure the delays. Because the measurements may depend on the delays created by the intermediate nodes. Thus, it looks like a low-cost attack does not apply to Tarzan. However, it is not. In Tarzan there is PNAT - the last node in the tunnel, through which the connection goes to the outside world. Unlike other intermediate nodes in the tunnel, when the choice of each next node is limited to the list of mimics, the PNAT can be assigned to any network node. Thus, a malicious node has the ability to establish a direct connection without intermediaries with any node - the mimics mechanism does not solve the problem.
Summarize. Low-cost attack applicable to Tarzan, because The mimics mechanism does not destroy the timing characteristics of the streams, and PNAT can be chosen from among all network nodes, and not just from mimics.
Low-cost attack in MorphMix
The main difference between MorphMox and Tor lies in the network architecture and how the selection of the transmission nodes of the tunnel and the output node occurs. MorphMix follows the peer-to-peer architecture, and in Tor, dedicated servers are used as transmission nodes. In Tor, the Tor client independently selects all nodes for the organization of an anonymous tunnel. In MorphMix all intermediate nodes participate in the formation of the tunnel. There is an exit node in Tor, but no in MorphMix. Check the applicability of the low-cost attack on MorphMix using the same three criteria.
Delays
After the tunnel is established, the MorphMix and Tor nodes work in the same way. Both have no cover traffic. Thus, in this cut, the attack can be applied to MorphMix.
Ability to obtain information about all network nodes
For the network, each MorphMix node may not know all the other nodes. Enough for each node to know its neighbors. When a node wants to create a tunnel, it sequentially requests from each subsequent MorphMix node a list of recommended nodes from which the next tunnel node will be selected. This mechanism allows you to create anonymous tunnels without having a list of all nodes on the network.
The bottom line is this. To launch an attack, a malicious host needs to get a list of all hosts. This is not a trivial task, because it is only possible to obtain information about other nodes using the tunnel creation mechanism. For a successful attack, a more efficient search mechanism is required - otherwise the definition of the list of all network nodes is very expensive. Those. The “low-cost” attack becomes “expensive.” In addition, by the time the list is created, it is likely to become obsolete, since The composition of the peer-to-peer network is very unstable. In addition, since MorphMix nodes do not know all the other nodes of the network, there is no guarantee that communication can be established between all nodes (whether direct or not). Thus, the attack is not feasible.
The ability to establish a direct connection to other nodes on the network
There are no connection restrictions in MorpMix. Those. each node can establish a direct connection with any other node.
In short, the described attack does not apply to MorpMix, because a malicious host cannot obtain a list of all other hosts on the network.
Source: https://habr.com/ru/post/121209/
All Articles