Mid-defense: Mitigating protocol-level attacks in TOR using indistinguishability obfuscation

TOR is one of the most famous anonymity networks. TOR works correctly when at least one honest relay exists along an established circuit. However, many attacks reveal anonymity of TOR communications by watermarking traffics, changing timings, counting cells per packets, and recently, introducing errors in cells. This paper focuses on protocol-level attacks which can de-anonymize users by changing a cell, and provides a solution for this attack by changing the way integrities of cells are checked. The proposed design allows all relays, not just the exit node, to check the integrity of cells, independently. In addition, this paper proposes a novel method, based on the concept of indistinguishability obfuscation, for dummy traffic generation within the middle relay. Finally, a method is introduced to distinguish between real and dummy flows, solely by an onion proxy (on a client's machine).

[1]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[2]  Weijia Jia,et al.  Protocol-level attacks against Tor , 2013, Comput. Networks.

[3]  Weijia Jia,et al.  Novel Packet Size-Based Covert Channel Attacks against Anonymizer , 2013, IEEE Transactions on Computers.

[4]  Hannes Federrath,et al.  International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability , 2001 .

[5]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[6]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[7]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[8]  LingZhen,et al.  A new cell-counting-based attack against Tor , 2012 .

[9]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[10]  Jean-François Raymond,et al.  Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[11]  Zhen Ling,et al.  One Cell is Enough to Break Tor's Anonymity , 2009 .

[12]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[13]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[14]  Zhen Ling,et al.  Equal-Sized Cells Mean Equal-Sized Packets in Tor? , 2011, 2011 IEEE International Conference on Communications (ICC).

[15]  Nikita Borisov,et al.  RAINBOW: A Robust And Invisible Non-Blind Watermark for Network Flows , 2009, NDSS.