skip to main content
10.1145/3689943.3695043acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article
Open access

OnionVPN: Onion Routing-Based VPN-Tunnels with Onion Services

Published: 21 November 2024 Publication History

Abstract

Virtual Private Networks (VPNs) provide confidentiality and hide the original IP address. Although many VPN providers promise not to record user activity, several media reports of data breaches show that this is often not true. Tor, on the other hand, allows anonymous communication using onion routing and takes privacy and anonymity seriously, but at the cost of performance loss. What is missing is a sweet spot between VPNs and anonymization networks that supports bulk downloads and video streaming but provides countermeasures against untrusted VPN providers and Autonomous System (AS)-level attackers.
In this paper, we present OnionVPN, an onion routing-based VPN tunnel, that provides better bulk transfer performance than Tor and offers additional security features over a VPN: (1) intermediate VPN nodes see only encrypted traffic, (2) protection against AS-level attackers with a new path selection algorithm, and (3) onion services with a novel cryptographic NAT traversal algorithm using the Noise protocol framework. We analyze 118 VPN providers, systematically compare them to our requirements and show that OnionVPN is currently possible with three VPN providers. An alternative to Tor for bulk traffic could relieve the Tor network and provide a better experience for other users who need higher privacy and anonymity features.

References

[1]
J. A. Donenfeld, WireGuard: Next generation kernel network tunnel, in Proceedings 2017 Network and Distributed System Security Symposium, San Diego, CA: Internet Society, 2017, isbn: 978-1-891562-46-4. [Online]. Available: https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/wireguard-next-generation-kernel-network-tunnel/ (visited on 07/08/2024).
[2]
Report: No-Log VPNs Reveal Users Personal Data and Logs, vpnMentor. (Jul. 10, 2020), [Online]. Available: https://www.vpnmentor.com/blog/report-free-vpns-leak/ (visited on 01/16/2021).
[3]
J. Youngren. Hidden VPN Owners Unveiled: 101 VPNs Run by 23 Companies, VPNpro. (Jan. 5, 2021), [Online]. Available: https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/ (visited on 07/08/2024).
[4]
D. Ruiz. 21 million free VPN users data exposed. (Mar. 3, 2021), [Online]. Available: https://blog.malwarebytes.com/cybercrime/privacy/2021/03/21-million-free-vpn-users-data-exposed/ (visited on 07/08/2024).
[5]
C. Durward. LimeVPN Website Taken Down by Hacker Customers Sensitive Information Hacked and Sold on Telegram. (Jun. 29, 2021), [Online]. Available: https://www.privacysharks.com/well-known-vpn-provider-in-security-breach-sensitive-information-hacked-and-sold-on-dark-web/ (visited on 07/08/2024).
[6]
R. Ramesh, L. Evdokimov, D. Xue, and R. Ensafi, VPNalyzer: Systematic Investigation of the VPN Ecosystem, in Proceedings 2022 Network and Distributed System Security Symposium, San Diego, CA, USA: Internet Society, 2022, isbn: 978-1-891562-74-7.
[7]
N. Xue, Y. Malla, Z. Xia, C. Pöpper, and M. Vanhoef, Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables, presented at the 32nd USENIX Security Symposium, 2023, pp. 57195736, isbn: 978-1-939133-37-3.
[8]
R. Dingledine, N. Mathewson, and P. Syverson, Tor: The Second-Generation Onion Router: Tech. Rep., 2004. [Online]. Available: https://svn-archive.torproject.org/svn/projects/design-paper/tor-design.pdf (visited on 07/08/2024).
[9]
D. Goldschlag, M. Reed, and P. Syverson, Onion Routing for Anonymous and Private Internet Connections, Communications of the ACM, vol. 42, pp. 3941, 1999.
[10]
R. Jansen, J. Geddes, C. Wacek, M. Sherr, and P. Syverson, "Never Been KIST: Tor's Congestion Management Blossoms with Kernel-Informed Socket Transport," in Proceedings of the 23rd USENIX Security Symposium, 2014, p. 16.
[11]
R. Jansen, M. Traudt, J. Geddes, C. Wacek, M. Sherr, and P. Syverson, "KIST: Kernel-Informed Socket Transport for Tor," ACM Transactions on Privacy and Security (TOPS), no. 1, pp. 1-37, 2018.
[12]
M. AlSabah et al., "DefenestraTor: Throwing Out Windows in Tor," in Proceedings of the 11th on Privacy Enhancing Technologies Symposium (PETS), ser. Lecture Notes in Computer Science, Berlin, Heidelberg: Springer Berlin Heidelberg, 2011, pp. 134?154.
[13]
T. Wang, K. Bauer, C. Forero, and I. Goldberg, "Congestion-Aware Path Selection for Tor," in Proceedings of the 16th International Conference on Financial Cryptography and Data Security (FC), A. D. Keromytis, Ed., ser. Lecture Notes in Computer Science, Berlin, Heidelberg: Springer, 2012, pp. 98-113, isbn: 978-3-642-32946-3.
[14]
M. Perry. "Congestion Control Arrives in Tor 0.4.7-Stable! | Tor Project." (May 4, 2022), [Online]. Available: https://blog.torproject.org/congestion-contrl-047/ (visited on 07/08/2024).
[15]
S. Pahl, F. Adamsky, D. Kaiser, and T. Engel, "Examining the Hydra: Simultaneously Shared Links in Tor and the Effects on Its Performance," in Proceedings on Privacy Enhancing Technologies, vol. 2023, 2023, pp. 268-285.
[16]
C. Tang and I. Goldberg, "An Improved Algorithm for Tor Circuit Scheduling," presented at the 17th ACM Conference on Computer and Communications Security (CCS), Oct. 4, 2010, pp. 329-339.
[17]
Perrin, Trevor, "The Noise Protocol Framework," Tech. Rep., 2018, Revision 34. [Online]. Available: https://noiseprotocol.org/noise.pdf (visited on 11/18/2020).
[18]
D. Stebila. "List of Attacks from recent years on TLS." (2020), [Online]. Available: http://files.douglas.stebila.ca.s3.amazonaws.com/files/research/presentations/tls-attacks/tls_attacks_table.pdf (visited on 12/11/2020).
[19]
N. Ferguson and B. Schneier, "A Cryptographic Evaluation of IPsec," p. 28, 1999.
[20]
Donenfeld, Jason A. and Milner, Kevin, "Formal Verification of the WireGuard Protocol," Tech. Rep., 2018, Revision b956944. [Online]. Available: https://www.wireguard.com/papers/wireguard-formal-verification.pdf (visited on 11/18/2020).
[21]
B. Dowling and K. G. Paterson, "A Cryptographic Analysis of the WireGuard Protocol," in Proceedings of the International Conference on Applied Cryptography and Network Security (ACNS 2018), vol. 10892, Springer International Publishing, 2018, pp. 3-21.
[22]
B. Lipp, "A Mechanised Computational Analysis of the WireGuard Virtual Private Network Protocol," Masterthesis, Karlsruhe Institute of Technology, May 23, 2018. [Online]. Available: https://bit.ly/3mU8jNZ.
[23]
D. J. Bernstein, "ChaCha, a variant of Salsa20," in Workshop Record of SASC, 2008. [Online]. Available: https://cr.yp.to/chacha/chacha-20080128.pdf.
[24]
D. J. Bernstein, "The Poly1305-AES Message-Authentication Code," in Fast Software Encryption, H. Gilbert and H. Handschuh, Eds., Berlin, Heidelberg: Springer, 2005, pp. 32-49, isbn: 978-3-540-31669-5.
[25]
J.-P. Aumasson, S. Neves, Z. Wilcox-O'Hearn, and C. Winnerlein, "BLAKE2: Simpler, Smaller, Fast as MD5," in Applied Cryptography and Network Security, vol. 7954, Berlin, Heidelberg: Springer Berlin Heidelberg, 2013, pp. 119-135, isbn: 978-3-642-38979-5.
[26]
J.-P. Aumasson and D. J. Bernstein, "SipHash: A Fast Short-Input PRF," in Progress in Cryptology - INDOCRYPT 2012, Berlin, Heidelberg: Springer, 2012, pp. 489-508, isbn: 978-3-642-34931-7.
[27]
A. Hülsing, K. Ning, P. Schwabe, F. Weber, and P. R. Zimmermann, "Post-Quantum WireGuard," in 2021 2021 IEEE Symposium on Security and Privacy (SP), IEEE Computer Society, May 2021, pp. 511-528.
[28]
L. Overlier and P. Syverson, "Locating hidden servers," in 2006 IEEE Symposium on Security and Privacy (S&P?06), Berkeley/Oakland, CA: IEEE, 2006, 15 pp.?114, isbn: 978-0-7695-2574-7. [Online]. Available: http://ieeexplore.ieee.org/document/1624004/ (visited on 07/08/2024).
[29]
"Tor rendezvous specification - version 3.? (Feb. 5, 2024), [Online]. Available: https://raw.githubusercontent.com/torproject/torspec/main/rend-spec-v3.txt (visited on 07/08/2024).
[30]
A. Kwon, M. AlSabah, D. Lazar, M. Dacier, and S. Devadas, Circuit fingerprinting attacks: Passive deanonymization of tor hidden services, presented at the 24th USENIX Security Symposium, 2015, pp. 287302, isbn: 978-1-939133-11-3.
[31]
G. Kadianakis, T. Polyzos, M. Perry, and K. Chatzikokolakis, Tor circuit fingerprinting defenses using adaptive padding, Jan. 11, 2022. arXiv: 2103.03831[cs].
[32]
T. Bui, S. P. Rao, M. Antikainen, and T. Aura, Client-side vulnerabilities in commercial VPNs, Dec. 10, 2019. arXiv: 1912.04669[cs]. [Online]. Available: http://arxiv.org/abs/1912.04669 (visited on 07/08/2024).
[33]
Routing & Network Namespace Integration. (Feb. 5, 2024), [Online]. Available: https://www.wireguard.com/netns/ (visited on 07/08/2024).
[34]
Strongswan in linux network namespaces. (Feb. 8, 2024), [Online]. Available: https://docs.strongswan.org/docs/5.9/howtos/nameSpaces.html (visited on 07/08/2024).
[35]
Project todo - wireguard. (Nov. 13, 2023), [Online]. Available: https://www.wireguard.com/todo/ (visited on 07/08/2024).
[36]
S. J. Murdoch and P. Zieliski, Sampled traffic analysis by internet-exchange-level adversaries, in Privacy Enhancing Technologies, N. Borisov and P. Golle, Eds., vol. 4776, Series Title: Lecture Notes in Computer Science, Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, pp. 167183, isbn: 978-3-540-75550-0. [Online]. Available: http://link.springer.com/10.1007/978-3-540-75551-7_11 (visited on 07/08/2024).
[37]
A. Johnson, C. Wacek, R. Jansen, M. Sherr, and P. Syverson, Users get routed: Traffic correlation on tor by realistic adversaries, in Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS 13, Berlin, Germany: ACM Press, 2013, pp. 337348, isbn: 978-1-4503-2477-9. [Online]. Available: http://dl.acm.org/citation.cfmdoid=2508859.2516651 (visited on 10/16/2023).
[38]
J. Juen, A. Johnson, A. Das, N. Borisov, and M. Caesar, Defending tor from network adversaries: A case study of network path prediction, 2, vol. 2015, Jun. 1, 2015, pp. 171187.
[39]
M. Edman and P. Syverson, As-awareness in tor path selection, in Proceedings of the 16th ACM conference on Computer and communications security - CCS 09, Chicago, Illinois, USA: ACM Press, 2009, p. 380, isbn: 978-1-60558-894-0. [Online]. Available: http://portal.acm.org/citation.cfmdoid=1653662.1653708 (visited on 11/02/2022).
[40]
Z. Weinberg, S. Cho, N. Christin, V. Sekar, and P. Gill, How to catch when proxies lie: Verifying the physical locations of network proxies with active geolocation, Oct. 31, 2018, isbn: 978-1-4503-5619-0.
[41]
Mullvad servers. (Apr. 11, 2024), [Online]. Available: https://mullvad.net/en/servers (visited on 07/08/2024).
[42]
J. Qiu and L. Gao, CAM04-4: AS path inference by exploiting known AS paths, in IEEE Globecom 2006, ISSN: 1930-529X, Nov. 2006, pp. 15. [Online]. Available: https://ieeexplore.ieee.org/abstract/document/4150657 (visited on 08/12/2024).
[43]
Tor Rendezvous Specification Version 3, The Tor Project, Tech. Rep., Jul. 8, 2024. [Online]. Available: https://github.com/torproject/torspec/blob/main/rend- spec- v3.txt (visited on 07/08/2024).
[44]
Removing the support for forwarded ports - Blog, Mullvad VPN. (May 29, 2023), [Online]. Available: https://mullvad.net/en/blog/2023/5/29/removing-the-support-for-forwarded-ports/ (visited on 07/08/2024).
[45]
Gradual removal of port forwarding from the IVPN service. (Jun. 29, 2023), [Online]. Available: https://www.ivpn.net/blog/gradual-removal-of-port-forwarding/ (visited on 07/08/2024).
[46]
Ip leak affecting vpn providers with port forwarding. (Feb. 8, 2024), [Online]. Available: https://www.perfect-privacy.com/en/blog/ip-leak-vulnerability-affecting-vpn-providers-with-port-forwarding (visited on 07/08/2024).
[47]
C. H. E. A. Keranen and J. Rosenberg, Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal, IETF, Request for Comments RFC 8445, Jul. 2018, 100 pp. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc8445.
[48]
H. Rosenberg Weinberger and Mahy, STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs), IETF, Request for Comments RFC 3485, Mar. 2003, 47 pp. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc3485.
[49]
Tor Project. Tor Metrics! (2024), [Online]. Available: https://metrics.torproject.org/ (visited on 05/16/2024).
[50]
Rob Jansen and Justin Tracey and Ian Goldberg. tornet-tools. (Feb. 22, 2022), [Online]. Available: https://github.com/shadow/tornettools/blob/2ea14da/tornettools/generate_tgen.py (visited on 07/08/2024).
[51]
verizon. Monthly IP Latency Data | Verizon Enterprise Solutions. (2024), [Online]. Available: https://enterprise.verizon.com/terms/latency (visited on 06/15/2024).
[52]
M. Perry, RTT-based Congestion Control for Tor, The Tor Project, Jul. 2, 2020. [Online]. Available: https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/proposals/324-rtt-congestion-control.txt (visited on 07/08/2024).
[53]
R. Nithyanand, O. Starov, A. Zair, P. Gill, and M. Schapira, Measuring and Mitigating AS-level Adversaries Against Tor, presented at the 23rd Network and Distributed System Security Symposium (NDSS), 2016.
[54]
Extra security with double vpn | nordvpn. (Aug. 29, 2024), [Online]. Available: https://nordvpn.com/features/double-vpn (visited on 08/29/2024).
[55]
What is secure core (Aug. 29, 2024), [Online]. Available: https://protonvpn.com/support/secure-core-vpn (visited on 08/29/2024).
[56]
Multihop with wireguard. (Apr. 17, 2024), [Online]. Available: https://mullvad.net/en/help/multihop-wireguard (visited on 08/29/2024).
[57]
Onion over vpn: Layers of ultimate online security | nord-vpn. (Aug. 29, 2024), [Online]. Available: https://nordvpn.com/features/onion-over-vpn (visited on 08/29/2024).
[58]
Onion over a VPN. (Nov. 9, 2023), [Online]. Available: https://surfshark.com/blog/tor-over-vpn (visited on 08/29/2024).
[59]
What is Onion Over VPN. (Jan. 20, 2024), [Online]. Available: https://www.cyberghostvpn.com/privacyhub/onion-over-vpn (visited on 08/29/2024).
[60]
Nymvpn free beta testing has begun. (Aug. 21, 2024), [Online]. Available: https://nymvpn.com/en/blog/nymvpn-free-beta-testing (visited on 08/29/2024).
[61]
H.-C. Hsiao et al., LAP: Lightweight anonymity and privacy, in 2012 IEEE Symposium on Security and Privacy, San Francisco, CA, USA: IEEE, May 2012, pp. 506520, isbn: 978-1-4673-1244-8. [Online]. Available: http://ieeexplore.ieee.org/document/6234433/ (visited on 08/28/2024).
[62]
J. Sankey and M. Wright, Dovetail: Stronger anonymity in next-generation internet routing, in Privacy Enhancing Technologies, E. De Cristofaro and S. J. Murdoch, Eds., Series Title: Lecture Notes in Computer Science, vol. 8555, Cham: Springer International Publishing, 2014, pp. 283303, isbn: 978-3-319-08505-0. [Online]. Available: http://link.springer.com/10.1007/978-3-319-08506-7_15 (visited on 08/30/2024).
[63]
C. Chen, D. E. Asoni, D. Barrera, G. Danezis, and A. Perrig, HORNET: High-speed onion routing at the network layer, in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, ser. CCS 15, New York, NY, USA: Association for Computing Machinery, Oct. 12, 2015, pp. 14411454, isbn: 978-1-4503-3832-5. [Online]. Available: https://dl.acm.org/doi/10.1145/2810103.2813628 (visited on 08/30/2024).
[64]
C. Diaz, H. Halpin, and A. Kiayias, The nym network: The next generation of privacy infrastructure, White Paper, version, vol. 1, 2021.
[65]
M. Akhoondi, C. Yu, and H. V. Madhyastha, LASTor: A low-latency AS-aware tor client, in 2012 IEEE Symposium on Security and Privacy, San Francisco, CA, USA: IEEE, May 2012, pp. 476490. (visited on 07/08/2024).
[66]
A. Barton and M. Wright, DeNASA: Destination-naive AS-awareness in anonymous communications, 2016. [Online]. Available: https://petsymposium.org/popets/2016/popets-2016-0044.php (visited on 04/17/2024).
[67]
F. Rochet, R. Wails, A. Johnson, P. Mittal, and O. Pereira, CLAPS: Client-Location-Aware Path Selection in Tor, presented at the 27th ACM Conference on Computer and Communications Security (CCS), Nov. 2, 2020, pp. 1734.
[68]
Y. Sun, A. Edmundson, N. Feamster, M. Chiang, and P. Mittal, Counter-RAPTOR: Safeguarding tor against active routing attacks, presented at the 38th IEEE Symposium on Security and Privacy (SP), May 2017, pp. 977992.
[69]
Y. Sun et al., RAPTOR: Routing Attacks on Privacy in Tor, presented at the 24th USENIX Security Symposium, 2015, pp. 271286, isbn: 978-1-939133-11-3.

Index Terms

  1. OnionVPN: Onion Routing-Based VPN-Tunnels with Onion Services

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    WPES '24: Proceedings of the 23rd Workshop on Privacy in the Electronic Society
    November 2024
    219 pages
    ISBN:9798400712395
    DOI:10.1145/3689943
    This work is licensed under a Creative Commons Attribution International 4.0 License.

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 21 November 2024

    Check for updates

    Author Tags

    1. VPN
    2. anonymization networks
    3. onion-routing

    Qualifiers

    • Research-article

    Funding Sources

    • European Union

    Conference

    CCS '24
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 106 of 355 submissions, 30%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 145
      Total Downloads
    • Downloads (Last 12 months)145
    • Downloads (Last 6 weeks)119
    Reflects downloads up to 12 Jan 2025

    Other Metrics

    Citations

    View Options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Login options

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media