The Predecessor Attack: An Analysis of a Threat to Anonymous
A New Replay Attack Against Anonymous Communication Networks
description
Transcript of A New Replay Attack Against Anonymous Communication Networks
A New Replay Attack Against Anonymous
Communication Networks
Xinwen Fu
April 20, 2023
Xinwen Fu 2/15ICC08
Outline Introduction Replay attack against anonymous
communication systems - Tor Evaluation Summary
Xinwen Fu 3/15ICC08
Internet Security Internet has brought convenience to our everyday
lives
However, it has also become a breeding ground for a variety of crimes Malicious codes (worm and viruses) caused $13.2
billions in financial losses worldwide in 2001
We need to understand these attacks and design corresponding countermeasures
We present our research on a new attack against anonymous communication systems
Xinwen Fu 4/15ICC08
Traditional Spy Network
Indirectly send secret to Intelligence headquarter through a number of intermediate agents.
Protect the intelligence agent (i.e., source of secret) from being identified.
IntelligenceCenter
Xinwen Fu 5/15ICC08
Anonymous Communication Network - Tor
Client: the user of the Tor network
Server: the target TCP applications such as web servers
Tor router: the special proxy relays the application data
Directory server: servers holding Tor router information
Xinwen Fu 6/15ICC08
Problem Definition of Attacks against Tor
Alice is sending messages to Bob through encrypted and anonymous channel, how can Evil confirm the communication relationship between Alice and Bob?
BobAliceNetwork
Xinwen Fu 7/15ICC08
Outline Introduction Replay attack against anonymous
communication systems - Tor Evaluation Summary
Xinwen Fu 8/15ICC08
Basic Principle of the Replay Attack
A circuit is created by a sender and dedicated for a pair of users
circuit A circuit B circu
it C
Xinwen Fu 9/15ICC08
Replay Attack against Tor
A packet comes from Alice through circuit A, and goes to Bob after circuit C
Replayed packet X causes a (special) decryption error at the end of circuit C at Eve 2 An AES counter is synchronized through path and disturbed The duplicated packet disrupt the counter
Therefore, Circuits A and C are created by Alice Claim: Alice is communication with Bob
Alice BobEve 1 at Entry Eve 2 at Exit
circuit A circuit B circuit C
t t t t
Xinwen Fu 10/15ICC08
Outline Introduction Replay attack against anonymous
communication systems - Tor Evaluation Summary
Xinwen Fu 11/15ICC08
Experiment Setup
Xinwen Fu 12/15ICC08
Duplication Causing Path Teardown
Xinwen Fu 13/15ICC08
Outline Introduction Replay attack against anonymous
communication systems - Tor Evaluation Summary
Xinwen Fu 14/15ICC08
Summary and Future Work We identified a new replay attack against
Tor and the attack can seriously degrade anonymity that Tor provides Need only one packet!!!
Our experiments validate the feasibility and effectiveness of the replay attack
Future work: develop countermeasure against the replay attack
Xinwen Fu 15/15ICC08
Thank you!
Xinwen Fu 16/15ICC08
Traditional Spy Network
Indirectly send secret to Intelligence headquarter through a number of intermediate agents.
Protect the intelligence agent (i.e., source of secret) from being identified.
Xinwen Fu 17/15ICC08
Replay Attack against Tor