Presentation is loading. Please wait.

Presentation is loading. Please wait.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

Similar presentations


Presentation on theme: "CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz."— Presentation transcript:

1 CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz

2 Administrative items  Midterm next week –Based on everything from last midterm through today  Discussion of HW2…

3 Anonymous communication

4 Anonymizers  Single anonymizer proxy…  How to achieve bidirectional communication –Note: one side need not know the other  Anonymizers already exist! –Email –http

5 Anonymizers  Issues/drawbacks? –Robustness –Useful for hiding the source from the destination; less useful for preventing full-fledged traffic analysis… Unless encryption is used, which it typically would not be  Possible attacks –Latency vs. timing correlation 0-latency solution using spurious messages? –One user sending multiple messages to the same server –Message sizes –Replay attacks

6 Onion routing  Use multiple servers…  Send “onions”; strip off a layer at each hop –Only the initiator knows the entire route!  Bidirectional communication? –Routing tables –Reply onions (pre-compute keying material)  Security issues? –Payload sizes? (Use random padding) –Forward secrecy –Is it suspicious to contact an onion router?

7 Peer-to-peer anonymizers  Every node can act as an onion router!  Why does this improve anonymity?

8 Tor  All nodes also act as proxies  Negotiate pairwise keys between links –Forward secrecy  Routes maintained for ~10 minutes, then refreshed  Even the initiator does not know the path

9 Mix Nets  Useful as a tool within specific protocols –Primarily voting  Each mix-net server receives a set of encrypted votes, “randomizes” and permutes them, and forwards then along to the next server –How to prove correctness?

10 Covert channels  Anonymous communication is also possible using covert channels –May not even leak the fact that communication is happening at all! –May be a route for communication that is disallowed  Examples –Sending a print job –TCP timestamps/sequence numbers –Timeslicing

11 Steganography  E.g., embed messages into low-order bits of images  More securely, use rejection sampling on any source

12 Kleptography  Embed a covert channel (into crypto software/hardware) that leaks the secret key!  Known to be possible for standard crypto algorithms…


Download ppt "CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz."

Similar presentations


Ads by Google