Deanonymizing Onion Services byIntroducing Packet Delay
2022 (English)Independent thesis Advanced level (professional degree), 20 credits / 30 HE credits
Student thesis
Abstract [en]
Background. Onion services facilitate two-way communication over the Tor net-work without letting either party know the other address or location. Many different techniques to break that anonymizing have come forth, but most of them have only been on paper. Some have been tested but then only on a separate network and not on the live Tor network.
Objectives. This thesis presents a technique that, with a minimal intrusion to the Tor network and no manipulation of the Introduction relay or the Rendezvous relay,can break the anonymizing of an Onion service.
Methods. The technique has been tested on the live Tor network with the approval of an ethics board. The Onion service anonymity was broken by having the Guard relay the Onion service used to connect to the Tor network introducea watermark containing the IP4 address of the Onion service in the TCP packet’s Request-Response Time (RRT). The TCP packets were used to transmit the water-mark where an HTTP echo request was sent from a Tor client where the RRT was captured, and the watermark was decoded. In order to decode the watermark, the normal RRT of packets on the Tor network was needed, so to get the data, HTTP echo requests were also sent without the watermark.
Results. The watermark was decoded by the Tor client 88.80% of the time out of 607 tries.
Conclusions. While this technique was proven to work, what holds it back is the need for the Onion service to choose the Guard relay that introduces the watermark.The chance of a specific Guard relay is chosen depends on that relays history on the Tor network. However, it’s usually about 0.005%, meaning it would need around,20000 tries to break the anonymity of a random Onion service if only one Guard relay is used.
Place, publisher, year, edition, pages
2022. , p. 36
National Category
Computer Sciences Other Computer and Information Science
Identifiers
URN: urn:nbn:se:bth-23059OAI: oai:DiVA.org:bth-23059DiVA, id: diva2:1664834
External cooperation
Axel Gehlin Björnberg
Subject / course
Degree Project in Master of Science in Engineering 30,0 hp
Educational program
DVACD Master of Science in Computer Security
Presentation
2022-05-24, Sal 1270, Valhallavägen 1, Karlskrona, 08:00 (English)
Supervisors
Examiners
2022-08-232022-06-052022-08-23Bibliographically approved