Kuyesa: Momwe mungabisire kugwiritsa ntchito Tor kudutsa midadada

Kuwunika pa intaneti ndi nkhani yofunika kwambiri padziko lonse lapansi. Izi zikupangitsa kuti "mpikisano wa zida" ukukulirakulira pomwe mabungwe aboma ndi mabungwe azinsinsi m'maiko osiyanasiyana akufuna kuletsa zinthu zosiyanasiyana ndikulimbana ndi njira zopewera zoletsa zotere, pomwe okonza ndi ofufuza amayesetsa kupanga zida zogwirira ntchito zothana ndi zoletsa.

Asayansi ochokera ku Carnegie Mellon, Stanford University ndi SRI International mayunivesite adachita kuyesa, pomwe adapanga ntchito yapadera yobisa kugwiritsa ntchito Tor, imodzi mwa zida zodziwika bwino zodutsira midadada. Tikukufotokozerani nkhani yokhudza ntchito yomwe ofufuza adachita.

Tor motsutsana ndi kutsekereza

Tor imatsimikizira kusadziwika kwa ogwiritsa ntchito pogwiritsa ntchito ma relay apadera - ndiko kuti, ma seva apakatikati pakati pa wogwiritsa ntchito ndi tsamba lomwe akufuna. Nthawi zambiri, ma relay angapo amakhala pakati pa wogwiritsa ntchito ndi tsambalo, chilichonse chomwe chimatha kutsitsa deta yaying'ono mu paketi yotumizidwa - yokwanira kuti mudziwe mfundo yotsatira mu unyolo ndikuitumiza kumeneko. Zotsatira zake, ngakhale ngati relay yoyendetsedwa ndi omwe akuwukira kapena ma censors awonjezeredwa pamndandanda, sangathe kudziwa yemwe akubwera komanso komwe akupita.

Tor imagwira ntchito bwino ngati chida chotsutsa-censorship, koma ma censors akadali ndi kuthekera koletsa kwathunthu. Iran ndi China zachita bwino kampeni yoletsa. Adatha kuzindikira kuchuluka kwa magalimoto a Tor posanthula kugwirana chanza kwa TLS ndi mawonekedwe ena apadera a Tor.

Pambuyo pake, opanga adakwanitsa kusintha makinawo kuti adutse kutsekereza. Censors adayankha ndikuletsa kulumikizana kwa HTTPS kumasamba osiyanasiyana, kuphatikiza Tor. Omwe amapanga projekiti adapanga pulogalamu ya obfsproxy, yomwe imabisanso kuchuluka kwa magalimoto. Mpikisanowu ukupitirirabe nthawi zonse.

Deta yoyamba ya kuyesa

Ofufuzawo adaganiza zopanga chida chomwe chimabisa kugwiritsa ntchito Tor, ndikupangitsa kuti kugwiritsidwa ntchito kwake kutheke ngakhale m'madera omwe dongosololi latsekedwa kwathunthu.

• Monga zongoganizira zoyamba, asayansi amapereka zotsatirazi:
• Censor imayang'anira gawo lakutali la netiweki, lomwe limalumikizana ndi intaneti yakunja, yosasinthidwa.
• Akuluakulu oletsa amawongolera zida zonse zama netiweki mkati mwa gawo la netiweki, koma osati mapulogalamu apamakompyuta ogwiritsa ntchito.
• Censor ikufuna kuletsa ogwiritsa ntchito kupeza zinthu zomwe sizingafuneke kuchokera kumalingaliro ake; zimaganiziridwa kuti zida zonse zotere zili pa seva kunja kwa gawo loyendetsedwa ndi netiweki.
• Ma routers ozungulira gawo ili amasanthula deta yosabisika ya mapaketi onse kuti atseke zosafunikira ndikuletsa mapaketi ofunikira kuti asalowe mozungulira.
• Ma relay onse a Tor ali kunja kwa kuzungulira.

Kodi ntchito

Kuti abise kugwiritsa ntchito Tor, ofufuza adapanga chida cha StegoTorus. Cholinga chake chachikulu ndikukweza luso la Tor kukana kusanthula kwa protocol. Chidacho chili pakati pa kasitomala ndi wolandila woyamba mu unyolo, amagwiritsa ntchito ma encryption protocol ndi ma module a steganography kuti zikhale zovuta kuzindikira kuchuluka kwa Tor.

Pa sitepe yoyamba, gawo lotchedwa chopper limalowa - limasintha magalimoto kukhala mndandanda wa midadada ya utali wosiyanasiyana, womwe umatumizidwa kunja kwa dongosolo.

Deta imabisidwa pogwiritsa ntchito AES munjira ya GCM. Mutu wa block uli ndi nambala yotsatizana ya 32-bit, minda iwiri yautali (d ndi p) - izi zikuwonetsa kuchuluka kwa data, gawo lapadera F ndi cheke cha 56-bit, mtengo wake uyenera kukhala zero. Kutalika kwa block ndi 32 byte, ndipo kuchuluka kwake ndi 217 + 32 bytes. Kutalika kumayendetsedwa ndi ma module a steganography.

Pamene kugwirizana kukhazikitsidwa, ma byte oyambirira a chidziwitso ndi uthenga wogwirana chanza, ndi chithandizo chake seva imamvetsetsa ngati ikuchita ndi kugwirizana komwe kulipo kapena kwatsopano. Ngati kugwirizana kuli kwa ulalo watsopano, ndiye kuti seva imayankha ndikugwirana chanza, ndipo aliyense wa osinthana nawo amatulutsa makiyi agawo kuchokera pamenepo. Kuphatikiza apo, dongosololi limagwiritsa ntchito njira yobwezeretsanso - ndizofanana ndi kugawa kiyi ya gawo, koma midadada imagwiritsidwa ntchito m'malo mwa mauthenga akugwirana chanza. Makinawa amasintha nambala yotsatizana, koma samakhudza ID ya ulalo.

Onse otenga nawo gawo pazolumikizana akatumiza ndikulandila chipika, ulalo umatsekedwa. Kuti muteteze ku ziwonetsero zobwerezabwereza kapena kuchedwa kubweza, onse awiri ayenera kukumbukira ID kwa nthawi yayitali atatseka.

Ma module opangidwa ndi steganography amabisa Tor traffic mkati mwa protocol ya p2p - yofanana ndi momwe Skype imagwirira ntchito pamawu otetezedwa a VoIP. Ma module a HTTP steganography amatsanzira kuchuluka kwa HTTP kosabisika. Dongosolo limatsanzira wosuta weniweni wokhala ndi msakatuli wokhazikika.

Kukana kuukira

Pofuna kuyesa kuchuluka kwa njira yomwe yaperekedwayo imathandizira magwiridwe antchito a Tor, ofufuzawo adapanga mitundu iwiri yakuukira.

Yoyamba mwa izi ndikulekanitsa mitsinje ya Tor kuchokera ku mitsinje ya TCP kutengera mikhalidwe yofunikira ya protocol ya Tor - iyi ndi njira yomwe imagwiritsidwa ntchito kuletsa dongosolo la boma la China. Kuwukira kwachiwiri kumakhudzanso kuphunzira mitsinje ya Tor yodziwika kale kuti mumve zambiri zamasamba omwe wogwiritsa ntchito adayendera.

Ofufuza adatsimikizira mphamvu ya mtundu woyamba wa kuukira kwa "Vanila Tor" - chifukwa cha izi adasonkhanitsa maulendo oyendera masamba kuchokera pamwamba pa 10 Alexa.com maulendo makumi awiri kudzera mu Tor, obfsproxy ndi StegoTorus ndi gawo la HTTP steganography. Deta ya CAIDA yokhala ndi data padoko 80 idagwiritsidwa ntchito ngati chifaniziro chofananiza - pafupifupi zonsezi ndi zolumikizira za HTTP.

Kuyesera kunawonetsa kuti ndikosavuta kuwerengera Tor wamba. Protocol ya Tor ndiyolunjika kwambiri ndipo ili ndi mawonekedwe angapo omwe ndi osavuta kuwerengera - mwachitsanzo, mukamagwiritsa ntchito, kulumikizana kwa TCP kumatha masekondi 20-30. Chida cha Obfsproxy sichimachitanso pang'ono kubisa nthawi zodziwikiratu izi. StegoTorus, nayenso, amapanga magalimoto omwe ali pafupi kwambiri ndi CAIDA.

Pankhani ya kuukira kwa malo omwe adayendera, ofufuzawo adafanizira kuthekera kwa kuwululidwa kwa data ngati "vanilla Tor" ndi yankho la StegoTorus. Sikelo idagwiritsidwa ntchito poyesa AUC (Area Under Curve). Malinga ndi zotsatira za kusanthula, zidapezeka kuti ngati Tor wakhazikika popanda chitetezo chowonjezera, mwayi wowululira zamasamba omwe adayendera ndiwokwera kwambiri.

Pomaliza

Mbiri ya mikangano pakati pa maulamuliro a mayiko omwe akuyambitsa kufufuza pa intaneti komanso opanga machitidwe oletsa kutsekereza akuwonetsa kuti njira zodzitetezera zokhazokha zitha kukhala zothandiza. Kugwiritsa ntchito chida chimodzi chokha sikungatsimikizire mwayi wopeza zofunikira komanso kuti chidziwitso chodutsa chipikacho sichidziwika kwa owerengera.

Choncho, pogwiritsira ntchito zida zilizonse zachinsinsi ndi zokhutira, ndikofunika kuti musaiwale kuti palibe njira zothetsera mavuto, ndipo ngati n'kotheka, phatikizani njira zosiyanasiyana kuti mukwaniritse bwino kwambiri.

Zothandiza maulalo ndi zipangizo kuchokera Infatica:

• Kafukufuku: Kupanga projekiti yolimbana ndi block pogwiritsa ntchito chiphunzitso chamasewera
• Mbiri yankhondo yolimbana ndi censorship: momwe njira yolumikizira yowunikira yopangidwa ndi asayansi ochokera ku MIT ndi Stanford imagwirira ntchito
• Momwe mungamvetsetsere ngati ma proxies akunama: kutsimikizira komwe kuli ma proxies a netiweki pogwiritsa ntchito algorithm ya geolocation
• Momwe mungadzibisire pa intaneti: kufananiza ma seva ndi ma proxies okhala

Source: www.habr.com