Conscript Your Friends into Larger Anonymity Sets with JavaScript ACM Workshop on Privacy in the Electronic Society 4 November 2013 Henry Corrigan-Gibbs.

Slides:

Advertisements

Similar presentations

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.

Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

A Verifiable Secret Shuffle of Homomorphic Encryptions Jens Groth UCLA On ePrint archive:

Ensuring High-Quality Randomness in Cryptographic Key Generation Henry Corrigan-Gibbs, Wendy Mu, Dan Boneh - Stanford Bryan Ford - Yale 20 th ACM Conference.

I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.

Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *

Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.

Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.

Scalable Anonymous Group Communication in the Anytrust Model David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University,

RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.

Dissent in Numbers: Making Strong Anonymity Scale David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University, 2 US Naval.

1 Dissent: Accountable, Anonymous Communication Joan Feigenbaum Joint work with Bryan Ford, Henry Corrigan-Gibbs, Yixuan.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

1 Analyzing Anonymity Protocols 1.Analyzing onion-routing security 1.Anonymity Analysis of Onion Routing in the Universally Composable Framework in Provable.

Reusable Anonymous Return Channels

Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)

Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University.

Web 2.0 security Kushal Karanjkar Under guidance of Prof. Richard Sinn.

Proactive Secure Mobile Digital Signatures Work in progress. Ivan Damgård and Gert Læssøe Mikkelsen University of Aarhus.

Parallel Mixing Philippe Golle, PARC Ari Juels, RSA Labs.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

Detecting Fraudulent Clicks From BotNets 2.0 Adam Barth Joint work with Dan Boneh, Andrew Bortz, Collin Jackson, John Mitchell, Weidong Shao, and Elizabeth.

Anonymity and Security in Public Internet Forums Ho-fung LEUNG Senior Member, IEEE Dept. of Computer Science & Engineering The Chinese University of Hong.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

魂▪創▪通魂▪創▪通 Digital Certificate and Beyond Sangrae Cho Authentication Research Team.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

Introduction to InfoSec – Recitation 10 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Cryptographic Voting Protocols: A Systems Perspective By Chris Karlof, Naveen Sastry, and David Wagner University of California, Berkely Proceedings of.

RIA Introduce Comparison among several technology.

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

Privacy in P2P based Data Sharing Muhammad Nazmus Sakib CSCE 824 April 17, 2013.

Towards a Safe Playground for HTTPS and Middle-Boxes with QoS2 Zhenyu Zhou CS Dept., Duke University.

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.

BLUEPRINT: Robust Prevention of Cross-site Scripting Attacks for Existing Browsers Mike Ter Louw, V.N. Venkatakrishnan University of Illinois at Chicago.

Speaker:Chiang Hong-Ren Botnet Detection by Monitoring Group Activities in DNS Traffic.

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.

Web Application with AJAX CS 526 advanced interned and Web system Presenters Faris Kateb Mohammed AbdulAziz Omar Alzahrani.

CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.

Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.

Web Controlled of Robot Georgi Chakarov Ivelin Stoyanov.

Class 8 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman

Collusion-Resistant Anonymous Data Collection Method Mafruz Zaman Ashrafi See-Kiong Ng Institute for Infocomm Research Singapore.

Denial-of-Service, Address Ownership,and,Early Authentication in IPv6 World (An Approach) Aditya Vutukuri From article by Pekka Nikander Ericsson Research.

Web Application with AJAX CS 526 advanced interned and Web system Presenters Faris Kateb Mohammed AbdulAziz Omar Alzahrani.

Faster Implementation of Modular Exponentiation in JavaScript

The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

A Brief Introduction to Mix Networks Ari Juels RSA Laboratories © 2001, RSA Security Inc.

Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing.

1 Utkarsha MishraCOMPSCI 725 David Silver, Suman Jana, Eric Chen, Collin Jackson, and Dan Boneh. “Password Managers: Attacks and Defenses.” In Proceedings.

Implementing Secure IRC App with Elgamal By Hyungki Choi ID : Date :

Denial of Convenience Attack to Smartphones Using a Fake Wi-Fi Access Point Erich Dondyk, Cliff C. Zou University of Central Florida.

Web Application with AJAX CS 526 advanced interned and Web system Presenters Faris Kateb Mohammed AbdulAziz Omar Alzahrani.

Maninda Edirisooriya. Introduction Extension for Google Chrome. Privacy protection system for online chat. Encrypts chat text using 128 bit AES. Decrypts.

Modified Onion Routing and its Proof of Concept By: Gyanranjan Hazarika.

Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum

Anonymous Communication

Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017

Anupam Das , Nikita Borisov

Anonymity - Background

Anonymous Communication

Anonymous Communication

Presentation transcript:

Conscript Your Friends into Larger Anonymity Sets with JavaScript ACM Workshop on Privacy in the Electronic Society 4 November 2013 Henry Corrigan-Gibbs Stanford Bryan Ford Yale

New Anonymity Systems Have a Chicken-and-Egg Problem Few users Small anonymity sets

Emacs rulz!! Overthrow the regime!! Start the revolution!! Adversary could just arrest all three participants

Overthrow the regime!! Start the revolution!! Emacs rulz!! ??

Idea Conscript casual Internet users into an anonymity system using JavaScript –Casual users submit null messages –Savvy users use a browser plug-in to swap out the null messages with real ones Compatible with a number of existing anonymity systems

Outline Motivation Architecture Attacks and Defenses Evaluation

000 GET /index.html... E 1 (E 2 (E 3 (000))) Using a randomized encryption scheme

GET /index.html... Plugin m E 1 (E 2 (E 3 (m))) E 1 (E 2 (E 3 (000))) m m 000

The Adversary Sees

Start the revolution !

Security Property IF Casual users messages indistinguishable from savvy users messages THEN Conscripting increases the size of the savvy users anonymity set CasualSavvy

Compatible Anonymity Systems 1.Monotonic anonymity set size 2.Possible to simulate traffic streams 3.Easy to identify malformed messages Yes: Timed mix cascade, verifiable shuffles, r ers (maybe), verifiable DC-nets No: Tor, batching mix net

The ConScript Script E.g., for a mix-net The JavaScript application sends –RSA encryption routines, –server public keys, and –code to POST ciphertext to mix-server. Mix servers uses Access-Control-Allow-Origin header

Outline Motivation Architecture Attacks and Defenses Evaluation

Web server can serve malicious JavaScript User can submit incorrect messages Vulnerabilities of the underlying anonymity system Threats

JavaScript Attack Plugin Plugin only swaps out msg if scripts match exactly

More Attacks Side-channel attack Selective DoS attack (trickle attack) Distribution point monitoring –Who downloads the plug-in? User-counting attack […] Even if adversary can distinguish: Anonymity provided | Savvy users |

Outline Motivation Architecture Attacks and Defenses Evaluation

Proof-of-Concept Evaluation DeviceMix-net Verifiable DC-net Workstation81156 Laptop iPhone Milestone– Time (ms) to generate a dummy message on different devices. OpenPGP.js for RSA encryption, SJCL for ECC.

Related Work AdLeaks [Roth et al., FC13] –Similar idea: JS for dummy messages –Works with one particular anonymity system –Vulnerable to active attacks by browsers FlashProxy [Fifield et al., PETS12] –Use JavaScript to conscript browsers into acting as Tor bridges Bauer [WPES 03] –Covert channel between mix servers

Conclusion Conscripted anonymity is one possible way to address the chicken-and-egg problem in online anonymity Ongoing work on in-browser crypto could have benefits for anonymity systems too –e.g., W3C Crypto API standard

Questions? Henry Corrigan-Gibbs Thanks to David Fifield and David Wolinsky for their comments.