tor_stinks.pdf

(9329 KB) Pobierz
TOP SECRET/iCOMINT/i REL FVEY
Stinks ,
CT SIGDEV
JUN 2012
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20370101
TOP SECRET//COMINT/f REL FVEY
TOP SECRET/ICOMINT// REL FVEY
Tor Stinks....
• We will never be able to de-anonymize all Tor
users all the time.
• With manual analysis we can de-anonymize a
very small fraction
of Tor users, however,
no
success de-anonymizing a user in response to a
TOPI request/on demand.
TOP SECRET//COMINT// REL FVEY
TOP SECREMCOMIN17/ REL FVEY
REMATION II ,„
• Joint NSA GCHQ counter-Tor workshop
• Week one at MHS focus on analytics
• Week two at GCHQ focus on exploitation
https://wiki.gchqiindex.phphitle-REMATION
TOP SECRETi/COMINTll REL FVEY
TOP SECREMCOMIN17/ REL FVEY
Laundry List .
• Analytics to de-anonymize users • Exploitation
— Circuit reconstruction (21)
— Goes inta goes outta/low latency (2)
— Cookie leakage
— Dumb users (EPICFAIL)
— Node Lifespan (17)
— DNS
— QUANTUM attacks (1, 20, 22)
— Existing options (8 + 11)
— Shaping (9 + 16)
— Web server enabling (10)
— Nodes (14)
— Degrade user experience (13 + 18)
• Technical Analysis/Research
— Hidden services (4, 5, 6, 7)
— Timing pattern (3)
— Torservers.net/Amazon AWS
• Nodes
— Baseline our nodes (21)
— Tor node flooding
4
TOP SECRETIICOMINT/i REL FVEY
TOP SECRET/ICOMINT// REL FVEY
Analytics: Circuit Reconstruction („is„
Terrorist with
Tor client installed
N
Tor entry node
Tor relay node
Internet site
Tor exit node
A
ANONYMIZER CLOUD
Current: access to
yen/
few nodes. Success rate negligible
because all three Tor nodes in the circuit have to be in the set
of nodes we have access to.
— Difficult
to combine
meaningfully with
passive
SIGINT.
Goal: expand number of nodes we have access to
— GCHQ runs Tor nodes under NEWTONS CRADLE (how many?)
— Other partners?
— Partial reconstruction (first hops or last hops)?
TOP SECRETi/COMINTll REL FVEY

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin