Presentation is loading. Please wait.

Presentation is loading. Please wait.

Anonymous Communication

Published byΜελπομένη Παυλόπουλος Modified over 4 years ago

Similar presentations

Presentation on theme: "Anonymous Communication"— Presentation transcript:

1 Anonymous Communication
COS 518: Advanced Computer Systems Lecture 20 Michael Freedman Slides based heavily on Christo Wilson’s CS4700/5700 at Northeastern

2 Definition “Who you are” from the communicating party
Hiding identities of parties involved in communications from each other, or from third-parties “Who you are” from the communicating party “Who you are talking to” from everyone else

3 Quantifying Anonymity
How can we calculate how anonymous we are? Suspects (Anonymity Set) Who sent this message? Larger anonymity set = stronger anonymity

4

5 Anonymity Systems

6 Crypto (SSL) Content is unobservable
Data Traffic Content is unobservable Due to encryption Source and destination are trivially linkable No anonymity!

7 Anonymizing Proxies No anonymity! Source is known Destination known
HTTPS Proxy No anonymity! Source is known Destination anonymity Destination known Source anonymity

8 Anonymizing VPNs No anonymity! Source is known Destination known
VPN Gateway No anonymity! Source is known Destination anonymity Destination known Source anonymity

9 Crowds

10 Crowds Key idea High-level implementation
Users’ traffic blends into a crowd of users Eavesdroppers and end-hosts don’t know which user originated what traffic High-level implementation Every user runs a proxy on their system When a message is received, select x [0, 1] If x > pf: forward the message to a random proxy Else: deliver the message to the actual receiver

11 Crowds Example Links between users use public key crypto
Users may appear on the path multiple times Final Destination

12 Anonymity in Crowds No source anonymity
Target receives m (>= 0) msgs, sends m+1 msgs Thus, target is sending something Destination anonymity is maintained If the source isn’t sending directly to the receiver

13 Anonymity in Crowds Source and destination are anonymous
Source and destination are proxies Destination is hidden by encryption

14 Anonymity in Crowds Destination known Source is anonymous
O(n) possible sources, where n is the number of proxies

15 Anonymity in Crowds Destination is known
Evil proxy able to decrypt the message Source is somewhat anonymous Suppose f evil in system and if pf > 0.5 and n > 3(f + 1), source cannot be inferred with prob > 0.5

16 Summary of Crowds The good: The bad: Crowds has excellent scalability
Each user helps forward messages and handle load More users = better anonymity for everyone Strong source anonymity guarantees The bad: Very weak destination anonymity Evil proxies can always see the destination Weak unlinkability guarantees

17 MIXes

18 Mix Networks A different approach to anonymity than Crowds
Originally designed for anonymous David Chaum, 1981 Concept has since been generalized for TCP traffic Hugely influential ideas Onion routing Traffic mixing Dummy traffic (a.k.a. cover traffic)

19 Onion Routing Encrypted Tunnels Mix Non-encrypted data
[KP , KP , KP] <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> Non-encrypted data E(KP , E(KP , E(KP , M))) = C Mixes form a cascade of anonymous proxies All traffic is protected with layers of encryption

20 Another View of Encrypted Paths
<KP, KS> <KP, KS> <KP, KS>

21 Return Traffic In a mix network, how can the destination respond to the sender? During path establishment, the sender places keys at each mix along the path Data is re-encrypted as it travels the reverse path <KP1 , KS1> KP1 KP2 KP3 <KP2 , KS2> <KP3 , KS3>

22 Traffic Mixing Hinders timing attacks Problems: 1 1 4 2 2 3 3 4
Mix collects msgs for t seconds Messages are randomly shuffled and sent in a different order Hinders timing attacks Messages may be artificially delayed Temporal correlation is warped Problems: Requires lots of traffic Adds latency to network flows Arrival Order Send Order 1 1 4 2 2 3 3 4

23 Applied to cryptographic voting
Server collects votes Computes random shuffle of votes Outputs votes in randomized order Includes “proof” that correctly shuffled Arrival Order Send Order 1 1 4 2 2 3 3 4

24 Chain multiple MIXes for security
Synchronously collects and shuffles messages (votes) Secure as long as at least 1 honest Arrival Order Send Order 1 1 4 2 2 3 3 4 Random shuffle Random shuffle Random shuffle

25 Dummy / Cover Traffic Simple idea:
Send useless traffic to help obfuscate real traffic

26 In practice Hard to be anonymous Information leaked at many layers

27 Using Content to Deanonymize
HTTPS Proxy Login to account Information sent in cookies Accessing Facebook pages No anonymity!

28 It’s Hard to be Anonymous!
Network location (IP address) can be linked directly to you ISPs store communications records (legally required for several years) Law enforcement can subpoena these records Application is being tracked Cookies, Flash cookies, E-Tags, HTML5 Storage, browser fingerprinting Centralized services like Skype, Google voice Activities can be used to identify you Unique websites and apps that you use, types of clicked links Types of links that you click

29 You Have to Protect at All Layers!
Challenges: Maintain performance Provide functionality!

Download ppt "Anonymous Communication"

Similar presentations

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
CS 4700 / CS 5700 Network Fundamentals Lecture 22: Anonymous Communications (Wave Hi to the NSA)

CS 4700 / CS 5700 Network Fundamentals Lecture 22: Anonymous Communications (Wave Hi to the NSA)
Information Hiding: Anonymous Communication

Information Hiding: Anonymous Communication
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.

Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.

CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.
Privacy and Anonymity CS432 - Security in Computing Copyright © 2005, 2006 by Scott Orr and the Trustees of Indiana University.

Privacy and Anonymity CS432 - Security in Computing Copyright © 2005, 2006 by Scott Orr and the Trustees of Indiana University.
Chapter 16 The World Wide Web. 16-2 Chapter Goals (16.1-16.2) Compare and contrast the Internet and the World Wide Web Describe general Web processing.

Chapter 16 The World Wide Web Chapter Goals ( ) Compare and contrast the Internet and the World Wide Web Describe general Web processing.
Anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1.

Anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1.
Provable Unlinkability Against Traffic Analysis Amnon Ta-Shma Joint work with Ron Berman and Amos Fiat School of Computer Science, Tel-Aviv University.

Provable Unlinkability Against Traffic Analysis Amnon Ta-Shma Joint work with Ron Berman and Amos Fiat School of Computer Science, Tel-Aviv University.
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Similar presentations

Ads by Google