Download presentation
Presentation is loading. Please wait.
1
Anonymity and Friends: Keeping the Act of Communication Private Chris DuPuis dupuis@cs.washington.edu 8 March 2006
2
Anonymity and friends ● Receiver Anonymity: You can't determine who the message is to ● Sender Anonymity: You can't tell who the message is from ● Unlinkability: You can't tell that a message received by Bob was sent by Alice, or vice versa ● Plausible deniability: You can't be certain that a message from Bob's computer is actually from Bob (likewise for receiving)
3
Scenario 1: Sending a message anonymously Hi Mark! Hi Bob. My boss is a crook, and I have proof. I'm not a crook. And you're fired.
4
Scenario 1: Email From: "Mark Felt" To: "Bob Woodward" Subject: Nixon is a crook Nixon is a crook. I have proof, but I can't tell you my real name. Your pal, Deep Throat
5
Anonymous proxy service From: mark@fbi.gov To: anon@anon.penet.fi <Stuff encrypted with anon.penet.fi's public key, including bob's address> From: anon@anon.penet.fi To: bob@washpost.com Nixon is a crook. Your pal, Deep Throat
6
Kneecap protocol Give us your logs. We'll NEVER give you our logs! Break his kneecaps. OK, here are our logs.
7
Cascading: Avoiding the kneecap protocol anon.indymedia.org kremvax.ru anon.sjgames.com anon.penet.fi
8
Cascade weaknesses ● Similar-sized message in and out of a proxy – Solution: Pad/split all messages into regular-sized packets. ● Same time in and out of a proxy – For each message, delay it a random time. – "Mix delay" ● No forward security – Use ephemeral TLS connections between proxies
9
Message received
10
Scenario 2: Plausible deniability for downloading GET DeCSS.c HTTP/1.1 Content-type:.... Go to jail. Go directly to jail. Do not pass go. Do not collect $200.
11
Strategy: Hide in a crowd
12
Freenet: Keeping the data private ● Author creates a string describing the file: – e.g. /sources/generic/video/dvd/DeCSS.c ● Author creates hash of descriptive string. ● Author feeds hash into public/private key pair generating algorithm ● Author encrypts file with generated private key ● Author sends file into P2P network using hash as filename ● User generates key pair similarly, and decrypts file with public key
13
Freenet: Finding the data anonymously ● Use the "hide in a crowd" strategy. – Therefore, users have anonymity ● Files are all encrypted ● Retrieval keys are all cryptographic hashes. – Therefore, user has plausible deniability as to what's stored on his disk drive ● But how do users know what to ask for? – Out-of-band communication.
14
Questions?
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.