Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ryan Lackey Dynamic Locations: Secure Mobile Services Discovery and Dynamic Group Membership Ryan Lackey

Published byElwin Grant Modified over 8 years ago

Similar presentations

Presentation on theme: "Ryan Lackey Dynamic Locations: Secure Mobile Services Discovery and Dynamic Group Membership Ryan Lackey"— Presentation transcript:

1 Ryan Lackey http://www.metacolo.com/ Dynamic Locations: Secure Mobile Services Discovery and Dynamic Group Membership Ryan Lackey www.metacolo.com

2 Ryan Lackey http://www.metacolo.com/ Who? Interest in “cypherpunk” technologies from 1992 to present, particularly anonymized communications, agents, and electronic cash Ultimate goal: anonymous secure infrastructure from end to end: clients, servers, networks, pro Founded HavenCo/ran 2000-2002 metacolo: offshore colo in 9 markets, related projects, including secure mobile systems

3 Ryan Lackey http://www.metacolo.com/ Introduction Lots of work has been done to network fixed equipment, and to secure fixed network connections, but most mobile apps are just slightly modified versions of fixed applications Most mobile networked systems have simplified security models; some link security but little application specific security end to end Fundamentally new kinds of applications are possible with secure mobile systems

4 Ryan Lackey http://www.metacolo.com/ Fundamental Constraints Power and bandwidth limited Many nodes in continual motion and appear/disappear rapidly Much infrastructure is closed and long cycles to upgrade and deploy UI complicated by devices and use cases (user attention not dedicated)

5 Ryan Lackey http://www.metacolo.com/ Platform HP/Compaq iPaq running Linux Laptops running Linux and FreeBSD 802.11b and 1xRTT IP-based communications Open systems for easy development, python for rapid development

6 Ryan Lackey http://www.metacolo.com/ Applications of Interest “Matchmaking” – letting parties meet with similar interests meet up Secure messaging (communications and message-based low-overhead protocols, including payment systems) Secure streams (VoIP, VPN)

7 Ryan Lackey http://www.metacolo.com/ “Matchmaking” Demo app is letting people define a set of interests, then announce to the world, without risk of being “interrogated” by third parties Useful for service discovery too – announce that you’re running certain services to others in the set, but not to the public (RIAA, MPAA, Government, etc) Attestations, with optional protection from traffic analysis as well

8 Ryan Lackey http://www.metacolo.com/ Secure short messages Text messaging Much easier technically than streams Store/forward possibility Also useful for many protocols, either in two way or polled mode

9 Ryan Lackey http://www.metacolo.com/ Streams Voice over IP is key market – encrypted cellphone using low-bandwidth channel (1xRTT or HSCSD GSM) and anonymization of calls

10 Ryan Lackey http://www.metacolo.com/ Interaction models True peer to peer “Security proxy” or user selected/operated operational server Centralized client-server operated by application developers Centralized client-server operated by communications providers

11 Ryan Lackey http://www.metacolo.com/ Existing p2p systems Generally designed for high bandwidth media sharing with minimal anonymity layered over existing IP networks Not really designed for interactive communication

12 Ryan Lackey http://www.metacolo.com/ Existing mobile client-server systems Designed with link encryption to the wireless hub, or to the server Closed development environment controlled by mobile companies Hard for users and application developers to really trust the security model

13 Ryan Lackey http://www.metacolo.com/ Early mobile p2p systems “lovegety” – a system to use RF to share information about membership in certain groups Subject to “trawling”, direction finding attacks, and “corraling” small numbers of users to identify

14 Ryan Lackey http://www.metacolo.com/ Security Implications Confidentiality, Integrity, Authentication solvable through traditional systems Traffic analysis is the hard problem Complete undetectability of special traffic Of course, reliability, availability, etc. are still major concerns, and special mobile constraints

15 Ryan Lackey http://www.metacolo.com/ Policy Implications Centralized systems vulnerable to technical or legal attack Who to trust – communications provider, applications provider? Trust is essential to enabling certain applications

16 Ryan Lackey http://www.metacolo.com/ Central Mediation Servers trusted by some party to take all communications and retransmit Defeats firewalls/proxies/NAT as well as provides protection from traffic analysis Persistence; can buffer communications for users with intermittent connectivity

17 Ryan Lackey http://www.metacolo.com/ True Peer to Peer Cryptographic Systems Computationally intensive on client Bandwidth intensive; may only be able to send single bits! Generally can put user into a “collusion set” but unless set is large, elimination can identify user

18 Ryan Lackey http://www.metacolo.com/ Covert channels for mobile use Masking using pre-recorded traffic Sniffing and simulating MITM “Design for MITM” – Dining Cryptographer’s Networks, etc.

19 Ryan Lackey http://www.metacolo.com/ Dining Cryptographer’s Network Due to David Chaum, described at http://cypherpunks.venona.com/date/1992/12/msg00107.html Multiple parties can communicate without revealing to one another which is initiating the communications

20 Ryan Lackey http://www.metacolo.com/ Anonymizing remailers as model Store and forward messaging with latency added Complicated due to node unreliability Send out multiple messages; tradeoff of bandwidth waste vs. latency vs. reliability

21 Ryan Lackey http://www.metacolo.com/ Current solution Communications with a trusted server using fixed-rate messaging (tuned for bandwidth) Inter-server communications, allowing users to select “security proxy servers” to act on their behalf, optionally running servers themselves

22 Ryan Lackey http://www.metacolo.com/ Conclusions Mobile-specific (more properly, dynamic) security is a very hard problem Key is finding applications which fit currently available technology – message based, with secure service discovery

23 Ryan Lackey http://www.metacolo.com/ Future work Develop an application developer’s toolkit with service discovery on top of secure message-passing and streams systems “Killer apps” of VoIP and mobile payment – good stream based systems

Download ppt "Ryan Lackey Dynamic Locations: Secure Mobile Services Discovery and Dynamic Group Membership Ryan Lackey"

Similar presentations

Communication Topics Jason Hill –

Communication Topics Jason Hill –
Review of Topology and Access Techniques / Switching Concepts BSAD 141 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.

Review of Topology and Access Techniques / Switching Concepts BSAD 141 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Project Byzantium Networking for the Zombie Apocalypse.

Project Byzantium Networking for the Zombie Apocalypse.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
Eric Kilroy. Introduction  Virtual Private Network A way to connect to a private network through a public network such as the internet.

Eric Kilroy. Introduction  Virtual Private Network A way to connect to a private network through a public network such as the internet.
A. Frank 1 Internet Resources Discovery (IRD) Peer-to-Peer (P2P) Technology (1) Thanks to Carmit Valit and Olga Gamayunov.

A. Frank 1 Internet Resources Discovery (IRD) Peer-to-Peer (P2P) Technology (1) Thanks to Carmit Valit and Olga Gamayunov.
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.

Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.

Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Cellular IP: Proxy Service Reference: “Incorporating proxy services into wide area cellular IP networks”; Zhimei Jiang; Li Fung Chang; Kim, B.J.J.; Leung,

Cellular IP: Proxy Service Reference: “Incorporating proxy services into wide area cellular IP networks”; Zhimei Jiang; Li Fung Chang; Kim, B.J.J.; Leung,
Polycom Conference Firewall Solutions. 2 The use of Video Conferencing Is Rapidly Growing More and More people are adopting IP conferencing Audio and.

Polycom Conference Firewall Solutions. 2 The use of Video Conferencing Is Rapidly Growing More and More people are adopting IP conferencing Audio and.
Information Systems Today: Managing in the Digital World TB4-1 4 Technology Briefing Networking.

Information Systems Today: Managing in the Digital World TB4-1 4 Technology Briefing Networking.
Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.

Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.
1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.

1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.

Similar presentations

Ads by Google