Hello My name is Nima Azizzadeh and I'm a second year of mastering Cyber Security major at University of Tehran, Iran. I am extremely interested in pursuing independent research. An extensive research experience will greatly help me consolidate my future career choice.
Recently I'm interested in tor project vulnerabilities and I looked at some papers about it. This paper "The Effect of DNS on Tor’s Anonymity, NDSS, February 2017" attracted a great deal of my attention. A lot of research has gone into improving the Tor network, but its use of DNS has received little attention. In this research project, they set out to learn how DNS can harm the anonymity of Tor users, and how adversaries can leverage the DNS protocol to deanonymize users. They studied (i) how exposed the DNS protocol is compared to web traffic, (ii) how Tor exit relays are configured to use DNS, (iii) how existing website fingerprinting attacks can be enhanced with DNS, and (iv) how effective these enhanced website fingerprinting attacks are at Internet-scale.
Also, I found another project that I think can defend against these attacks to some degree. The project is T-DNS (Connection-Oriented DNS to Improve Privacy and Security - DNS over TCP and TLS). It combines TCP to smoothly support large payloads and mitigate spoofing and amplification for DoS. T-DNS uses transport-layer security (TLS) to provide privacy from users to their DNS resolvers and optionally to authoritative servers.
I want to integrate T-DNS server proxy and client proxy with Tor project source code to add some security feature to Tor project. I also implement T-DNS server proxy and client proxy I just need to add this feature in Tor source code. Something like creating a built-in standalone T-DNS client proxy and server proxy in Tor relays, and encourage people to use them with Tor Exits (and other DNS clients and servers).
As you have a lot of exprience on Tor project, I would be happy if you could help me on this or give me some suggestion to clarify the way for me. I look forward to hearing from you!
Best Regards, Nima Azizzadeh
On 25 Jul 2017, at 15:36, Nima Azizzadeh n.azizzadeh@gmail.com wrote:
Hello My name is Nima Azizzadeh and I'm a second year of mastering Cyber Security major at University of Tehran, Iran. I am extremely interested in pursuing independent research. An extensive research experience will greatly help me consolidate my future career choice.
Recently I'm interested in tor project vulnerabilities and I looked at some papers about it. This paper "The Effect of DNS on Tor’s Anonymity, NDSS, February 2017" attracted a great deal of my attention. A lot of research has gone into improving the Tor network, but its use of DNS has received little attention. In this research project, they set out to learn how DNS can harm the anonymity of Tor users, and how adversaries can leverage the DNS protocol to deanonymize users. They studied (i) how exposed the DNS protocol is compared to web traffic, (ii) how Tor exit relays are configured to use DNS, (iii) how existing website fingerprinting attacks can be enhanced with DNS, and (iv) how effective these enhanced website fingerprinting attacks are at Internet-scale.
Also, I found another project that I think can defend against these attacks to some degree. The project is T-DNS (Connection-Oriented DNS to Improve Privacy and Security - DNS over TCP and TLS). It combines TCP to smoothly support large payloads and mitigate spoofing and amplification for DoS. T-DNS uses transport-layer security (TLS) to provide privacy from users to their DNS resolvers and optionally to authoritative servers.
I want to integrate T-DNS server proxy and client proxy with Tor project source code to add some security feature to Tor project. I also implement T-DNS server proxy and client proxy I just need to add this feature in Tor source code. Something like creating a built-in standalone T-DNS client proxy and server proxy in Tor relays, and encourage people to use them with Tor Exits (and other DNS clients and servers).
As you have a lot of exprience on Tor project, I would be happy if you could help me on this or give me some suggestion to clarify the way for me. I look forward to hearing from you!
Hi Nima,
We would love to make Tor's DNS more secure.
Tor Exits use DNS from a lot of different providers. The Tor network can't rely on just a few T-DNS servers. That would make them a single point of failure.
So I think we need to fix the DNS protocol and upgrade most DNS servers to make this work.
Or, we could create a standalone T-DNS client proxy and server proxy, and encourage people to use them with Tor Exits (and other DNS clients and servers). That would be a great way to upgrade gradually.
Tim
T -- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n ------------------------------------------------------------------------