Presentation is loading. Please wait.

Presentation is loading. Please wait.

Conscript Your Friends into Larger Anonymity Sets with JavaScript ACM Workshop on Privacy in the Electronic Society 4 November 2013 Henry Corrigan-Gibbs.

Published byByron Barten Modified over 10 years ago

Similar presentations

Presentation on theme: "Conscript Your Friends into Larger Anonymity Sets with JavaScript ACM Workshop on Privacy in the Electronic Society 4 November 2013 Henry Corrigan-Gibbs."— Presentation transcript:

1 Conscript Your Friends into Larger Anonymity Sets with JavaScript ACM Workshop on Privacy in the Electronic Society 4 November 2013 Henry Corrigan-Gibbs Stanford Bryan Ford Yale

2 New Anonymity Systems Have a Chicken-and-Egg Problem Few users Small anonymity sets

3

4

5 Emacs rulz!! Overthrow the regime!! Start the revolution!! Adversary could just arrest all three participants

6

7 Overthrow the regime!! Start the revolution!! Emacs rulz!! ??

8 Idea Conscript casual Internet users into an anonymity system using JavaScript –Casual users submit null messages –Savvy users use a browser plug-in to swap out the null messages with real ones Compatible with a number of existing anonymity systems

9 Outline Motivation Architecture Attacks and Defenses Evaluation

10 000 GET /index.html... E 1 (E 2 (E 3 (000))) Using a randomized encryption scheme

11 GET /index.html... Plugin m E 1 (E 2 (E 3 (m))) E 1 (E 2 (E 3 (000))) m m 000

12 The Adversary Sees

13

14 Start the revolution ! 00000000

15 Security Property IF Casual users messages indistinguishable from savvy users messages THEN Conscripting increases the size of the savvy users anonymity set CasualSavvy

16 Compatible Anonymity Systems 1.Monotonic anonymity set size 2.Possible to simulate traffic streams 3.Easy to identify malformed messages Yes: Timed mix cascade, verifiable shuffles, remailers (maybe), verifiable DC-nets No: Tor, batching mix net

17 The ConScript Script E.g., for a mix-net The JavaScript application sends –RSA encryption routines, –server public keys, and –code to POST ciphertext to mix-server. Mix servers uses Access-Control-Allow-Origin header

18 Outline Motivation Architecture Attacks and Defenses Evaluation

19 Web server can serve malicious JavaScript User can submit incorrect messages Vulnerabilities of the underlying anonymity system Threats

20 JavaScript Attack Plugin Plugin only swaps out msg if scripts match exactly

21 More Attacks Side-channel attack Selective DoS attack (trickle attack) Distribution point monitoring –Who downloads the plug-in? User-counting attack […] Even if adversary can distinguish: Anonymity provided | Savvy users |

22 Outline Motivation Architecture Attacks and Defenses Evaluation

23 Proof-of-Concept Evaluation DeviceMix-net Verifiable DC-net Workstation81156 Laptop133231 iPhone 49 00962 973 Milestone–63 504 Time (ms) to generate a dummy message on different devices. OpenPGP.js for RSA encryption, SJCL for ECC.

24 Related Work AdLeaks [Roth et al., FC13] –Similar idea: JS for dummy messages –Works with one particular anonymity system –Vulnerable to active attacks by browsers FlashProxy [Fifield et al., PETS12] –Use JavaScript to conscript browsers into acting as Tor bridges Bauer [WPES 03] –Covert channel between mix servers

25 Conclusion Conscripted anonymity is one possible way to address the chicken-and-egg problem in online anonymity Ongoing work on in-browser crypto could have benefits for anonymity systems too –e.g., W3C Crypto API standard

26 Questions? Henry Corrigan-Gibbs henrycg@stanford.edu Thanks to David Fifield and David Wolinsky for their comments.

27

Download ppt "Conscript Your Friends into Larger Anonymity Sets with JavaScript ACM Workshop on Privacy in the Electronic Society 4 November 2013 Henry Corrigan-Gibbs."

Similar presentations

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
A Verifiable Secret Shuffle of Homomorphic Encryptions Jens Groth UCLA On ePrint archive:

A Verifiable Secret Shuffle of Homomorphic Encryptions Jens Groth UCLA On ePrint archive:
Ensuring High-Quality Randomness in Cryptographic Key Generation Henry Corrigan-Gibbs, Wendy Mu, Dan Boneh - Stanford Bryan Ford - Yale 20 th ACM Conference.

Ensuring High-Quality Randomness in Cryptographic Key Generation Henry Corrigan-Gibbs, Wendy Mu, Dan Boneh - Stanford Bryan Ford - Yale 20 th ACM Conference.
I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.

I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.
Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *

Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *
Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.

Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.
Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.

Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.
Scalable Anonymous Group Communication in the Anytrust Model David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University,

Scalable Anonymous Group Communication in the Anytrust Model David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University,
RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.

RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.
Dissent in Numbers: Making Strong Anonymity Scale David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University, 2 US Naval.

Dissent in Numbers: Making Strong Anonymity Scale David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University, 2 US Naval.
1 Dissent: Accountable, Anonymous Communication Joan Feigenbaum Joint work with Bryan Ford, Henry Corrigan-Gibbs, Yixuan.

1 Dissent: Accountable, Anonymous Communication Joan Feigenbaum Joint work with Bryan Ford, Henry Corrigan-Gibbs, Yixuan.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
1 Analyzing Anonymity Protocols 1.Analyzing onion-routing security 1.Anonymity Analysis of Onion Routing in the Universally Composable Framework in Provable.

1 Analyzing Anonymity Protocols 1.Analyzing onion-routing security 1.Anonymity Analysis of Onion Routing in the Universally Composable Framework in Provable.
Reusable Anonymous Return Channels

Reusable Anonymous Return Channels
Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)

Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)
Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University.

Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University.

Similar presentations

Ads by Google