Privacy and Anonymity Nick Feamster CS 6262 Spring 2009.

Slides:



Advertisements
Similar presentations
Aaron Johnson with Joan Feigenbaum Paul Syverson
Advertisements

1 UNIT I (Contd..) High-Speed LANs. 2 Introduction Fast Ethernet and Gigabit Ethernet Fast Ethernet and Gigabit Ethernet Fibre Channel Fibre Channel High-speed.
1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 12 Cross-Layer.
Author: Julia Richards and R. Scott Hawley
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 3 CPUs.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
Security Issues In Mobile IP
Network Security Problems Nick Feamster
Filtering: Sharpening Both Sides of the Double-Edged Sword Prof. Nick Feamster Georgia Tech feamster cc.gatech.edu.
Circumventing Web Censorship Nick Feamster. An Old Problem Many governments/companies trying to limit their citizens access to information –Censorship.
Manuscript Central Training Author Center Module 2.
UNITED NATIONS Shipment Details Report – January 2006.
1 Hyades Command Routing Message flow and data translation.
Writing Pseudocode And Making a Flow Chart A Number Guessing Game
18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.
XP New Perspectives on Microsoft Office Word 2003 Tutorial 7 1 Microsoft Office Word 2003 Tutorial 7 – Collaborating With Others and Creating Web Pages.
Properties of Real Numbers CommutativeAssociativeDistributive Identity + × Inverse + ×
Polygon Scan Conversion – 11b
1. 2 Objectives Become familiar with the purpose and features of Epsilen Learn to navigate the Epsilen environment Develop a professional ePortfolio on.
Block Cipher Modes of Operation and Stream Ciphers
Local Area Networks - Internetworking
1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson.
David Luebke 1 6/7/2014 ITCS 6114 Skip Lists Hashing.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 2 The OSI Model and the TCP/IP.
Countering DoS Attacks with Stateless Multipath Overlays Presented by Yan Zhang.
IP Multicast Information management 2 Groep T Leuven – Information department 2/14 Agenda •Why IP Multicast ? •Multicast fundamentals •Intradomain.
Basel-ICU-Journal Challenge18/20/ Basel-ICU-Journal Challenge8/20/2014.
CONTROL VISION Set-up. Step 1 Step 2 Step 3 Step 5 Step 4.
Services Course Windows Live SkyDrive Participant Guide.
Analyzing Genes and Genomes
PSSA Preparation.
Essential Cell Biology
Benchmark Series Microsoft Excel 2013 Level 2
© Paradigm Publishing, Inc Excel 2013 Level 2 Unit 2Managing and Integrating Data and the Excel Environment Chapter 6Protecting and Sharing Workbooks.
Profile. 1.Open an Internet web browser and type into the web browser address bar. 2.You will see a web page similar to the one on.
Off-the-Record Communication, or, Why Not To Use PGP
TCP/IP Protocol Suite 1 Chapter 18 Upon completion you will be able to: Remote Login: Telnet Understand how TELNET works Understand the role of NVT in.
Chipping Away at Censorship with User-Generated Content Sam Burnett, Nick Feamster and Santosh Vempala.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.
Anonymization and Privacy Services Infranet: Circumventing Web Censorship and Surveillance, Feamster et al, Usenix Security Symposium 2002.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Privacy and Anonymity CS432 - Security in Computing Copyright © 2005, 2006 by Scott Orr and the Trustees of Indiana University.
1 Infranet: Submersible Surfing Nick Feamster Magdalena Balazinska Greg Harfst Hari Balakrishnan David Karger.
Anonymity on the Internet Presented by Randy Unger.
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Class 8 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
Lecture 17 Page 1 CS 236 Online Onion Routing Meant to handle issue of people knowing who you’re talking to Basic idea is to conceal sources and destinations.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.
CS590B/690B Detecting Network Interference (FALL 2016)
DNS-sly: Avoiding Censorship through Network Complexity
Anonymous Communication
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
0x1A Great Papers in Computer Security
Anonymous Communication
Anonymous Communication
Presentation transcript:

Privacy and Anonymity Nick Feamster CS 6262 Spring 2009

2 Todays Lecture Anonymity and privacy –Who should care –Anonymous communication primitives Attacks on anonymous communication –Traffic analysis Infranet: Anonymity without encryption Recent trends

3 Privacy and Anonymity Privacy: Protecting sensitive information from others Anonymity: Being indistinguishable from others in a group

4 Who should care? Individuals –Web surfing – –VOIP –Purchasing habits –Work patterns and locations Corporations –Collaborations, partners Political dissidents

5 Why should you care? Surveillance Censorship Most anonymous communication systems address this challenge only A few exceptions: Freenet, Infranet, Tangler

6 Anonymity and Privacy in the News

7 Anonymity: Requires Company Traditional security requirements (confidentiality, integrity, etc.): can be achieved between a pair of participants Anonymity requires each participant to carry traffic for others Requires some notion of distributed trust.

8 Types of Anonymity Single proxy –Encryption: Safeweb, anonymizer, etc. –Covert channels: Infranet Network of proxies –Mixnets –Encryption (onion routing): nym.alias.net, Tor –Dining Cryptographer Networks: Herbivore

9 Single-Proxy Anonymization Advantages –Typically fast, low-latency communication Disadvantages –Initiator must trust the proxy –Single point of failure and attack anon.penet.fi, anonymizer.com, safeweb.com, InitiatorProxyResponder

10 Mixnets First proposed in 1981 by Chaum Each proxy handles messages in batches Key property: unlinkability Challenge: Designing low-latency mix networks

11 Onion Routing YZRdata Initiator XResponderYZ Y ZRdata Z R R Utilizes advantages provided by both proxies and mixnets

12 Systems with Onion-Style Routing nym.alias.net: Pseudonymous R er

13 Dining Cryptographers Proxies organized in a ring topology Proxy flips a coin and shares with left neighbor –Each proxy publishes the parity (XOR) of two bits To send a (1-bit) message, initiator lies when publicizing the coin flip –When everyone tells the truth: statements consistent –When one party is lying: statements are inconsistent, but cant identify source of inconsistency Information-theoretically anonymous, but rather impractical.

14 ? Non-Payers View: Same Coins samedifferent payer ? samedifferent

15 ? Non-Payers View: Different Coins same payer ? same

16 Some Attacks on Anonymous Communication Systems Timing attacks: traffic into and out of the network may reveal communication patterns Communication patterns: e.g., exploit timezone information Packet counting attacks: onion routing sends streams along the same path User interaction attacks: sender of the user behaves differently than someone who is relaying

17 Resisting Surveillance and Censorship Many governments/companies trying to limit their citizens access to information –Censorship (prevent access) –Punishment (deter access) –Surveillance (spy on or monitor access) –China, Saudi Arabia, many companies

18 Web Censorship Government manages national web firewall –Not optional: catches ALL web traffic Block certain requests –Possibly based on content –More commonly on DNS name / IP address/publisher –China: Western news sites, Falun Gong, etc. Log requests to detect troublemakers –Even without blocking, may just watch traffic But they dont block all Web traffic –Creates a crack in their barrier

19 An Old Problem Many governments/companies trying to limit their citizens access to information –Censorship (prevent access) –Punishment (deter access) –Surveillance (spy on or monitor access) –China, Saudi Arabia, many companies How can we defeat such attempts? –Circumvent censorship –Undetectably

20 Goal Circumvent censor via innocent web activity –Normal web server and client cooperate to create covert channel Without consequence for client –Censor shouldnt be able to detect use And without consequence for server –Broad participation increases system robustness –Offering service shouldnt lead to trouble E.g., loss of business through being blocked Or legal implications (?)

21 Requirements Client deniability –Detection could be embarrassing or worse Client statistical deniability –Even suspicion could be a problem Server covertness/statistical deniability –If server detected, can be blocked –Behave identically for clients and others Communication robustness –Even without detecting, censor could scramble covert channel Performance (bandwidth, latency) Confidentiality…and covertness.

22 Some Options SSL –Encrypted connection---cant tell content –Suspicious! –Doesnt help reach blocked servers –Govt. can require revealing SSL keys Anonymizing Proxies –Prevent servers from knowing identity of client –But proxy inside censor cant reach content –And proxy outside censor can be blocked –And use of proxy is suspicious

23 Conventional Mechanism: Safeweb Operation –Client contacts triangle-boy reflector –Reflector forwards requests to blocked server –Server returns content to client (IP spoof) But very easily detected –Local monitoring of the user only reveals an encrypted conversation.... (Safeweb manual) –Engenders suspicion (e.g., China blocks most SSL)u

24 Bottom Line Easy to hide what you are getting –e.g., just use SSL or some other confidential channel And easy to get through censors –Reflection (e.g., Safeweb) But hard to hide that you are doing it! To be practical, all these problems must be solved Want both confidentiality and covertness

25 Circumventing Censors Censors allow certain traffic Use to construct a covert channel –Talk to normal servers –Embed requests for censored content in normal- seeming requests –Receive censored content hidden in normal-seeming responses Requester: client asking for hidden content Responder: server covertly providing it

26 CENSOR Block/Tamper E.g., Great Firewall of China User browser User computer Infranet Architecture Requester Std. HTTP Visible responses Hidden responses Visible requests Hidden requests Infranet comm. tunnel Responder Uncensored Web site Ubiquitously deployed! Censored Web site cnn.com GET cnn.com Tunnel is covert in both directions Tunnel is confidential in both directions

27 Problems to Be Solved Hiding transmission of downstream content –How does the client transmit requests Upstream –Sending requests covertly to responder

28 Downstream Communication: Easier Responder is a normal web server, serving images (among other things) Encrypt data using a session key Embed in unimportant, random bits of images –Hide it, e.g., in high-order color bits steganography –Tamper-resistant watermarking Encrypted data looks random---only requester can tell it isnt (and decrypt)

29 Goals Analysis Client looks innocent Server less so –Any one image seems innocent –Same image with different random bits in each is suspicious –Evasion: webcams, banner ads, etc. Performance: ~1 KB/small image (variable)

30 Blocking Techniques Answer 1: not our problem –Leave it to watermarking research to figure out non- erasable watermarks Answer 2: semantic embeddings –Use position of objects in document –Prevents erasure because might be ruining content Answer 3: embed data in broadcast signals –Voice of America –Satellite broadcast TV channel What if censor erases high-order bits of the image?

31 Upstream Requests: More challenging No random content bits that can be fiddled to send messages to responder –Munging HTTP or TCP header fields problematic Solution: let browsing pattern itself be the message Suppose web page has k links. –GET on i th link signifies symbol i to requester –Result: log 2 (k) message bits from link click Can be automated To prevent censor from seeing message, encrypt with responder key

32 Goals Deniability: requester generates standard http GETs to allowed web sites –Fact of GETs isnt itself proof of wrongdoing –Known rule for translating GETs to message, but message is encrypted, so no evidence Statistical deniability –Encrypting message produces random string –Sent via series of random GETs –Problem: normal user browsing not random Some links rare Conditional dependence of browsing on past browsing

33 Upstream: Paranoid Mode Settle for one message bit per GET –Odd/even links on page –Or generalize to mod k for some small k User has many link choices for each bit –Can choose one that is reasonable –Incorporate error correcting code in case no reasonable next link sends correct bit Drawback: user must be directly involved in sending each message bit –Very low bandwidth vs time spent

34 Higher Performance Idea: Arithmetic coding of hidden requests –If request i has probability p i, then entropy of request distribution is – p i log p i –Arithmetic coding encodes request i using log p i bits –Result: expected request size equals entropy –Optimal Problem: Requester doesnt know probability distribution of hidden requests –Doesnt have info needed for encoding

35 Solution: Range-Mapping Responder serves many requesters –Uses past requests to build C, distribution of hidden requests –Sends to requester on easy downstream path Requester uses C to build arithmetic code and send encoded request Use visible GETs (clicks) as symbols that are sent (not bits) From its own server access logs, responder knows that different clicks have different conditional probabilities

36 Toy Example Suppose possible hidden requests fewer than links on page Responder sends dictionary: –link 1 means –link 2 means –Assigns common requests to common GETs Requester GETs link matching intended request One GET sends full (possibly huge) request Problem: in general, possible requests –Cant send a dictionary for all

37 Generalize: Twenty Questions Order all hidden request strings lexicographically Identify split string such that –Strings up to split have total probability 0.5 –Strings after split have total probability 0.5 Responder sends split string Requester sends 0/1 as desired request precedes/follows split string Recurse on half of distribution selected Result: requester sends O(entropy) bits

38 Range-Mapping in Pictures If each page has k links, each request transmits lg( k ) bits Expected # of visible requests to modulate a hidden request = ceil[H( C ) / lg ( k )] + 2

39 Problems and Next Steps Responders can be discovered and blocked –The discovery problem: allowing clients to discover responders ahead of censors All clients need not fetch content from the origin. Instead: –Some clients obtain content from origin (e.g., via responder, USB key, etc.) –CDN behind firewall distributes content to rest of clients –General idea: separation of upstream/downstream

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.