Uvavanyo: Ungakufihla njani ukusetyenziswa kweTor ukudlula iibhloko

Ubalo lwe-Intanethi ngumba okhulayo obaluleke kakhulu kwihlabathi jikelele. Oku kukhokelela “kugqatso lwezixhobo” njengoko ii-arhente zikarhulumente kunye neenkampani zabucala kumazwe ahlukeneyo zifuna ukuvala imixholo eyahlukeneyo kunye nokuzabalaza ngeendlela zokunqanda izithintelo ezinjalo, ngelixa abaphuhlisi kunye nabaphandi bezama ukwenza izixhobo ezisebenzayo zokulwa nokuvalwa.

Izazinzulu ezivela kwiCarnegie Mellon, iYunivesithi yaseStanford kunye neeyunivesithi zamazwe ngamazwe ze-SRI ziqhutywe ulingo, ngexesha apho baphuhlise inkonzo ekhethekileyo yokufihla ukusetyenziswa kweTor, esinye sezona zixhobo zidumileyo zokudlula iibhloko. Sinikezela kuwe ibali malunga nomsebenzi owenziwe ngabaphandi.

Tor ngokuchasene nokuvalwa

I-Tor iqinisekisa ukungaziwa kwabasebenzisi ngokusetyenziswa kweelayidi ezikhethekileyo - oko kukuthi, iiseva eziphakathi phakathi komsebenzisi kunye nesayithi ayifunayo. Ngokuqhelekileyo, iireyidi ezininzi zibekwe phakathi komsebenzisi kunye nesayithi, nganye enokuthi idibanise kuphela inani elincinci ledatha kwipakethi ethunyelwe - ngokwaneleyo ukufumana inqaku elilandelayo kwikhonkco kwaye uyithumele apho. Ngenxa yoko, nokuba i-relay elawulwa ngabahlaseli okanye i-censors yongezwa kwikhonkco, abayi kukwazi ukufumana i-addressee kunye nendawo ekuya kuyo i-traffic.

I-Tor isebenza ngokufanelekileyo njengesixhobo esichasene nokulawulwa, kodwa i-censors isenamandla okuyithintela ngokupheleleyo. I-Iran ne-China ziqhube amaphulo okuthintela ngempumelelo. Bakwazile ukuchonga itrafikhi yeTor ngokuskena ukuxhawula izandla kwe-TLS kunye nezinye iimpawu ezahlukileyo zeTor.

Emva koko, abaphuhlisi bakwazile ukulungelelanisa inkqubo ukuze badlule ukuthintela. I-Censors iphendule ngokuvala uxhulumaniso lwe-HTTPS kwiindawo ezahlukeneyo, kuquka iTor. Abaphuhlisi beprojekthi benze inkqubo ye-obfsproxy, eyongeza i-encrypts traffic. Olu khuphiswano luyaqhubeka rhoqo.

Idatha yokuqala yovavanyo

Abaphandi bagqiba ekubeni baphuhlise isixhobo esiya kufihla ukusetyenziswa kweTor, okwenza ukuba ukusetyenziswa kwayo kwenzeke nakwimimandla apho inkqubo ivaliwe ngokupheleleyo.

• Njengeengqikelelo zokuqala, izazinzulu zibeka oku kulandelayo:
• I-censor ilawula icandelo langaphakathi elizimeleyo lothungelwano, elidibanisa ne-intanethi yangaphandle, engaxilwanga.
• Abasemagunyeni abathintelayo balawula yonke isiseko sothungelwano phakathi kwecandelo lothungelwano oluvavanyiweyo, kodwa hayi isoftware kwiikhompyuter zabasebenzisi bokugqibela.
• I-censor ifuna ukuthintela abasebenzisi ukuba bafikelele kwizinto ezingathandekiyo kwimbono yakhe;
• Ii-routers kwi-perimeter yeli candelo zihlalutya idatha engafihlwayo yazo zonke iipakethi ukuvala umxholo ongafunekiyo kunye nokuthintela iipakethi ezifanelekileyo ukuba zingene kwi-perimeter.
• Zonke iireyilayi zeTor zimi ngaphandle komjikelezo.

ntoni lo msebenzi

Ukufihla ukusetyenziswa kweTor, abaphandi benza isixhobo seStegoTorus. Injongo yayo ephambili kukuphucula amandla eTor ukuchasa uhlalutyo lweprotocol oluzenzekelayo. Isixhobo sibekwe phakathi komxhasi kunye ne-relay yokuqala kwikhonkco, isebenzisa i-encryption protocol kunye neemodyuli ze-steganography ukwenza kube nzima ukuchonga i-Tor traffic.

Kwinqanaba lokuqala, imodyuli ebizwa ngokuba yi-chopper iqala ukudlala - iguqula i-traffic ibe lulandelelwano lweebhloko ezinobude obahlukeneyo, ezithunyelwa ngaphandle komyalelo.

Idatha iguqulelwe ngokuntsonkothileyo kusetyenziswa i-AES kwimo ye-GCM. Intloko yebhloko iqulethe inombolo ye-32-bit yokulandelelana, amasimi amabini ubude (d kunye ne-p) - ezi zibonisa inani ledatha, intsimi ekhethekileyo F kunye ne-56-bit check field, ixabiso layo kufuneka libe zero. Ubuncinci ubude bebhloko bungama-32 bytes, kwaye ubuninzi bungama-217 + 32 bytes. Ubude bulawulwa ziimodyuli ze-steganography.

Xa uxhulumaniso lusekiwe, i-bytes yokuqala yolwazi ngumyalezo wokuxhawula izandla, ngoncedo lwayo umncedisi uyaqonda ukuba ujongene noqhagamshelwano olukhoyo okanye olutsha. Ukuba uxhulumaniso lolwekhonkco elitsha, ngoko umncedisi uphendula ngokuxhawula, kwaye ngamnye wabathathi-nxaxheba batshintshiselwano bakhupha izitshixo zeseshoni kuyo. Ukongeza, inkqubo isebenzisa indlela yokubuyisela kwakhona - iyafana nokunikezelwa kwesitshixo seseshoni, kodwa iibhloko zisetyenziswa endaweni yemiyalezo yokuxhawula izandla. Lo matshini utshintsha inombolo yolandelelwano, kodwa ayichaphazeli i-ID yekhonkco.

Emva kokuba bobabini abathathi-nxaxheba kunxibelelwano bathumele kwaye bafumene ibhlokhi yokugqibela, ikhonkco ivaliwe. Ukukhusela ukuhlaselwa kwe-replay okanye ukulibaziseka kokunikezelwa kwebhloko, bobabini abathathi-nxaxheba kufuneka bakhumbule i-ID ixesha elide emva kokuvala.

Imodyuli eyakhelwe-ngaphakathi ye-steganography ifihla itrafikhi yeTor ngaphakathi kweprotocol ye-p2p - efana nendlela iSkype esebenza ngayo kunxibelelwano olukhuselekileyo lweVoIP. Imodyuli ye-HTTP steganography ilinganisa itrafikhi ye-HTTP engafihlwanga. Inkqubo ilinganisa umsebenzisi wangempela kunye nesikhangeli esiqhelekileyo.

Ukuchasa uhlaselo

Ukuze uvavanye ukuba ingakanani indlela ecetywayo ephucula ukusebenza kakuhle kweTor, abaphandi bavelisa iintlobo ezimbini zokuhlaselwa.

Eyokuqala kwezi kukwahlula imijelo yeTor kwimijelo ye-TCP esekwe kwiimpawu ezisisiseko zeTor protocol - le yindlela esetyenziselwa ukuvimba inkqubo yorhulumente waseTshayina. Uhlaselo lwesibini lubandakanya ukufunda imijelo yeTor esele eyaziwayo ukukhupha ulwazi malunga nokuba zeziphi iisayithi ezityelelwe ngumsebenzisi.

Abaphandi baqinisekisa ukusebenza kohlobo lokuqala lohlaselo oluchasene ne "vanilla Tor" - kuba oku baqokelele umkhondo wokutyelela kwiindawo eziphezulu ze-10 Alexa.com ngamaxesha angamashumi amabini ngeTor eqhelekileyo, obfsproxy kunye neStegoTorus enemodyuli ye-HTTP steganography. I-dataset ye-CAIDA enedatha kwi-port 80 isetyenziswe njengereferensi yokuthelekisa - phantse ngokuqinisekileyo zonke ezi ziqhagamshelo ze-HTTP.

Uvavanyo lubonise ukuba kulula ukubala iTor eqhelekileyo. Iprotocol yeTor igxininise kakhulu kwaye inenani leempawu ekulula ukuzibala - umzekelo, xa uyisebenzisa, uqhagamshelwano lweTCP luhlala imizuzwana engama-20-30. Isixhobo se-Obfsproxy senza kancinci ukufihla la manqaku acacileyo. I-StegoTorus, nayo, ivelisa i-traffic esondele kakhulu kwireferensi ye-CAIDA.

Kwimeko yohlaselo olubalwe iziza ezityelelweyo, abaphandi bathelekisa ukubakho kokuvezwa kwedatha kwimeko ye "vanilla Tor" kunye nesisombululo sabo seStegoTorus. Isikali sisetyenziselwe ukuvavanya AUC (Indawo ephantsi kweCurve). Ngokweziphumo zohlalutyo, kwavela ukuba kwimeko yeTor eqhelekileyo ngaphandle kokhuseleko olongezelelweyo, amathuba okutyhila idatha malunga neendawo ezityelelweyo aphezulu kakhulu.

isiphelo

Imbali yongquzulwano phakathi kwabasemagunyeni bamazwe azisa ukujongwa kwi-Intanethi kunye nabaphuhlisi beenkqubo zokubhloka ngokudlulayo icebisa ukuba kuphela amanyathelo okhuseleko abanzi anokusebenza. Ukusebenzisa isixhobo esinye kuphela akunakuqinisekisa ukufikelela kwiinkcukacha eziyimfuneko kwaye ulwazi malunga nokudlula ibhloko aluyi kwaziwa kubahloli.

Ngoko ke, xa usebenzisa nayiphi na imfihlo kunye nezixhobo zokufikelela kumxholo, kubalulekile ukuba ungalibali ukuba akukho zisombululo ezifanelekileyo, kwaye xa kunokwenzeka, udibanise iindlela ezahlukeneyo zokuphumeza impumelelo enkulu.

Amakhonkco aluncedo kunye nemathiriyeli evela I-Infatica:

• Uphando: Ukudala inkonzo yommeli ethintela ukuvalela usebenzisa ithiyori yomdlalo
• Imbali yomlo wokulwa novavanyo: indlela esebenza ngayo i-flash proxy eyenziwe zizazinzulu zaseMIT naseStanford
• Ukuqonda njani xa iiproxi zilele: ukuqinisekiswa kweendawo ezibonakalayo zenethiwekhi ye-proxies usebenzisa i-algorithm ye-geolocation esebenzayo
• Ungazifihla njani kwi-Intanethi: uthelekisa iseva kunye neeproxies zabahlali

umthombo: www.habr.com