13. Anonymity protocols

Question 1

What can encryption not hide on the internet?

Answer 1

Routing information

Question 2

What is anonymity?

Answer 2

A user may user a service or resource without disclosing the users identity

Question 3

What does 3DC stand for (protocol)?

Answer 3

Three-party dinning cryptographers

Question 4

What does the 3DS protocol do?

Answer 4

Reveals if the NSA paid or one of the cryptographers (but not which cryptographer)

Question 5

What is the 3DS protocol?

Answer 5

1. Each cryptographer flips a coin and shows it to left neighbour
2. Each cryptographer announces if the two coins are same, (if the cryptographer pays he lies)
3. odd number of same => NSA paid, even number of same => a cryptographer paid

Question 6

What makes 3DS protocol impractical?

Answer 6

• requires secure channels between participants to share coin flips
• requires large amounts of randomness

Question 7

What’s the idea behind Crowds protocol?

Answer 7

Randomly route requests through a crowd of users

Question 8

How does the Crowds protocol work?

Answer 8

1. Initiator picks forwarded from crowd and sends request
2. Forwarder sends request either to server or a new forwarder with some probability (and records request)
3. Response follows same route

Question 9

What is the Crowd protocol not resistant against?

Answer 9

An attacker which sees the whole network

Question 10

How does Chaum’s work?

Answer 10

1. Users send messages to a trusted mix server
2. Messages are padded and buffered to prevent
3. Dummy messages are generated

Question 11

Why are messages buffered in Chaum’s Mix?

Answer 11

Avoid time correlation attack’s

Question 12

Why are dummy messages sent in Chaum’s mix?

Answer 12

If the attacker sends n - 1 messages to mix (with capacity n) he can link the sender of the nth message

Question 13

How can you deal with the problem that some mixes may be corrupted in Chaum’s mix?

Answer 13

Send messages through a sequence of mixes, as long as a single mix is honest you have guaranteed anonymity

Question 14

What are the limitations of Chaum’s mix?

Answer 14

• Asymmetrical encryption is not efficient
• Dummy messages are inefficient
• Buffering is inefficient

Question 15

What does onion routing not defend against?

Answer 15

• Attacker that sees the whole network

- End to end timing attacks

Question 16

How does onion routing work?

Answer 16

1. Originator chooses a random chain of nodes
2. Originator establishes secret key with entry node, then second node (relayed through entry), till exit node
3. Once the chain is complete data can be sent anonymously by encrypting/decrypting with layers of secret keys

Question 17

How does an end-to-end timing attack work on Tor?

Answer 17

An attacker that controls the entry and exit node can delay a message, if the message was delayed at the exit node then they likely came from the client connecting to the entry node

Question 18

Why does the client not do DNS requests before onion routing?

Answer 18

Tor works over TCP, DNS is UDP so it would not be anonymous

Question 19

How does DNS work with Tor?

Answer 19

The exit node performs DNS on the address

Question 20

What are Tor onion services?

Answer 20

Services that can only be accessed via the Tor network, protecting the anonymity of the user and the server