anonymity
play

Anonymity Professor Patrick McDaniel CSE545 - Advanced Network - PowerPoint PPT Presentation

Dec 29, 2022 •31 likes •421 views

Anonymity Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011 CSE545 - Advanced Network Security - Professor McDaniel Page 1 Anonymity CSE545 - Advanced Network Security - Professor McDaniel Page 2 The Internet

  1. Anonymity Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011 CSE545 - Advanced Network Security - Professor McDaniel Page 1

  2. Anonymity CSE545 - Advanced Network Security - Professor McDaniel Page 2

  3. The Internet can’t be censored “The Net treats censorship as damage and routes around it.” - John Gillmore (2011 -- go ask Libya) CSE545 - Advanced Network Security - Professor McDaniel Page

  4. Actually, none of this is true • It is easy to adopt a pseudonym or a persona on the Internet, but it is difficult to be truly anonymous Identities can usually be revealed with cooperation of ISP , local sys-admins, web ‣ logs, phone records, etc. • The Internet can put up a good fight against censorship, but in the end there is still a lot of Internet censorship Repressive governments and intellectual property lawyers have been pretty ‣ successful at getting Internet content removed Case in point, “the great firewall of China” ‣ CSE545 - Advanced Network Security - Professor McDaniel Page

  5. Why anonymity? • What about in the real world? ‣ Do you want people to know which stores, movies, restaurants, books you make use of? ‣ Do you want everything you say to be associated with you (forever)? • Are there activities that you would not like to share when surfing the net? ‣ With whom? ‣ What about writings (e.g., blogging), new group postings, … “McDaniel’s programming stupidity example” CSE545 - Advanced Network Security - Professor McDaniel Page

  6. Degrees of anonymity More Absolute privacy: adversary cannot observe communication Beyond suspicion: no user is more suspicious than any other Probable innocence: each user is more likely innocent than not Possible innocence: nontrivial probability that user is innocent Exposed (default on web): adversary learns responsible user Provably exposed: adversary can prove your actions to others Less CSE545 - Advanced Network Security - Professor McDaniel Page

  7. Software tools n Information and • Encryption tools – prevent transparency tools – make others from listening in on informed choices about how your communications your information will be File encryption ‣ used Email encryption ‣ « Identity management tools Encrypted network ‣ « P3P connections n Filters • Anonymity and « Cookie cutters pseudonymity tools – « Child protection software prevent your actions from being linked to you n Other tools « Computer “cleaners” Anonymizing proxies ‣ « Privacy suites Mix Networks and similar web ‣ « Personal firewalls anonymity tools Anonymous email ‣ CSE545 - Advanced Network Security - Professor McDaniel Page

  8. User view ... • Problem Statement ‣ I want to surf the Internet and view content. ‣ … I am concerned that the Websites are going to track me … ‣ … or the government or Insurance agency or some other organization is going to associate me with some community. • This is a reality: many users may be wary of freely surfing sensitive content ‣ Especially when societal stigma involved (e.g., looking for information on AIDS) • Incognito (Chrome): disable caching, history, persistent cookies, etc. ‣ Does this lead to anonymous browsing? CSE545 - Advanced Network Security - Professor McDaniel Page

  9. Anonymous email • Anonymous remailers allow people to send email anonymously • Similar to anonymous web proxies ‣ Send mail to remailer, which strips out any identifying information (very controversial) ‣ Johan (Julf) Helsingius ~ Penet • Some can be chained and work like mixes http://anon.efga.org/~rlist CSE545 - Advanced Network Security - Professor McDaniel Page

  10. Filters • Cookie Cutters ‣ Block cookies, allow for more fine-grained cookie control, etc. ‣ Some also filter ads, referrer header, and browser chatter ‣ http://www.junkbusters.com/ • Child Protection Software ‣ Block the transmission of certain information via email, chat rooms, or web forms when child is using computer ‣ Limit who a child can email or chat with ‣ http://www.getnetwise.org/ CSE545 - Advanced Network Security - Professor McDaniel Page

  11. Filters (cont.) • Pop-up blockers ‣ Filters more to reduce annoying, rather than protect privacy ‣ Works in similar ways to cookie cutters ‣ Built into newer browsers (Safari) ‣ New York Times - delay content adds • Web-Bug detectors (not filters) ‣ Highlights invisible .gifs used to track user http://www.bugnosis.org CSE545 - Advanced Network Security - Professor McDaniel Page

  12. Proxy solutions Anonymizer Client Server • Acts as a proxy for users • Hides information from end servers • Sees all web traffic • Adds ads to pages (free service; subscription service also available) http://www.anonymizer.com CSE545 - Advanced Network Security - Professor McDaniel Page

  13. Proxy solutions Request Anonymizer Client Server • Acts as a proxy for users • Hides information from end servers • Sees all web traffic • Adds ads to pages (free service; subscription service also available) http://www.anonymizer.com CSE545 - Advanced Network Security - Professor McDaniel Page

  14. Proxy solutions Request Request Anonymizer Client Server • Acts as a proxy for users • Hides information from end servers • Sees all web traffic • Adds ads to pages (free service; subscription service also available) http://www.anonymizer.com CSE545 - Advanced Network Security - Professor McDaniel Page

  15. Proxy solutions Request Request Anonymizer Reply Client Server • Acts as a proxy for users • Hides information from end servers • Sees all web traffic • Adds ads to pages (free service; subscription service also available) http://www.anonymizer.com CSE545 - Advanced Network Security - Professor McDaniel Page

  16. Proxy solutions Request Request Anonymizer Reply Reply Client Server • Acts as a proxy for users • Hides information from end servers • Sees all web traffic • Adds ads to pages (free service; subscription service also available) http://www.anonymizer.com CSE545 - Advanced Network Security - Professor McDaniel Page

  17. Mixes [Chaum81] • Assume a fully connected A network of nodes F B • Peers want to communicate with each but don’t want people to know that they are talking E C • Alternately: the sender might D not want the receiver to know who she is • Assumption : nobody can perform traffic analysis • Suppose E wants to send to B CSE545 - Advanced Network Security - Professor McDaniel Page 13

  18. Simplified Mix 1. E picks a random order of a subset of nodes in the graph. Arbitrarily, she chooses FAC to send message m . 2. E creates a message: E ( E ( E ( E ( P | msg ) , K + B ) | B, k + C ) | C, k + A ) | A, k + F ) where P is some random padding and sends it to F . 3. F uses their private key to decrypt the message and recovers: E ( E ( E ( P | msg ) , K + B ) | B, k + C ) | C, k + A ) | A F strips o ff the trailing A and sends the remainder to C 4. Repeat until B receives E ( P | msg ) , K + B , which unwraps the message and returns it. CSE545 - Advanced Network Security - Professor McDaniel Page 14

  19. Simplified Mix A E ( E ( E ( P | msg ) , K + B ) | B, k + C ) | C, k + A ) F B E ( E ( P | msg ) , K + B ) | B, k + C ) E ( E ( E ( E ( P | msg ) , K + B ) | B, k + C ) | C, k + A ) | A, k + F ) E ( P | msg ) , K + B ) E C D CSE545 - Advanced Network Security - Professor McDaniel Page 15

  20. (Simplified) Return Address?? 1. Include a one time key k o and the following in the original message: E ( E ( E ( E ( P | E ) , K + E ) | E, k + D ) | D, k + A ) | A, k + F ) | F, k 0 2. Encrypt the message to be returned, m r using k o , then send to F : E ( E ( E ( E ( P | E ) , K + E ) | E, k + D ) | D, k + A ) | A, k + F ) | F , E ( m r , k o ) 3. Now follow the reverse routing back to E. This is an imperfect solution, can you guess why? CSE545 - Advanced Network Security - Professor McDaniel Page 16

  21. Tor and Friends • Circuit-based version of mix-like routing. ‣ They use things like SSL/TLS to secure peer communication ‣ Build onion circuits that support anonymized communication. • Challenges: ‣ Doing this fast ‣ Ensure that traffic analysis is very hard ‣ Prevent compromised notes from manipulating the mix to expose the communicating parties ‣ Do key security association management CSE545 - Advanced Network Security - Professor McDaniel Page 17

  22. Crowds • Users join a Crowd of other users • Web requests from the crowd cannot be linked to any individual • Protection from ‣ end servers ‣ other crowd members ‣ system administrators ‣ eavesdroppers • First system to hide data shadow on the web without trusting a central authority CSE545 - Advanced Network Security - Professor McDaniel Page

  23. Crowds Crowd members Web servers 3 1 6 5 5 1 2 6 3 2 4 4 CSE545 - Advanced Network Security - Professor McDaniel Page

  24. Crowds Crowd members Web servers 3 1 6 5 5 1 2 6 3 2 4 4 CSE545 - Advanced Network Security - Professor McDaniel Page

  25. Crowds Crowd members Web servers 3 1 6 5 5 1 2 6 3 2 4 4 CSE545 - Advanced Network Security - Professor McDaniel Page

  26. Crowds Crowd members Web servers 3 1 6 5 5 1 2 6 3 2 4 4 CSE545 - Advanced Network Security - Professor McDaniel Page

  27. Crowds Crowd members Web servers 3 1 6 5 5 1 2 6 3 2 4 4 CSE545 - Advanced Network Security - Professor McDaniel Page

Recommend

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity, t-Closeness CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1

647 views • 61 slides
but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

Not all is lost for anonymity but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 ETH Zurich 1 Sender Anonymity

551 views • 44 slides
Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how often, and how much data is

764 views • 54 slides
Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous = Nameless, unidentifiable pseudonymous = Fake name, still traceable Tracing Bitcoin transactions Normal redeem script: Provide public key pk and proof

438 views • 33 slides
Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not given or known - Anonymity != Privacy != Security - Anonymity: they can see what you do, but not who you are - Privacy: they can see

379 views • 33 slides
Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Miller and Baileys ECE 422 Anonymity Anonymity: Concealing your identity In the context of the Internet, we

860 views • 61 slides
11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity Being on-line without giving up everything about you Ensuring collected data doesnt reveal its users data Privacy in Structured Data:

766 views • 49 slides
Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008

Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008

Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008 Bitcoin is only pseudonymous Public Key Address 133GT5661q8RuSKrrv8q2Pb4RwS 146KL5461d8KuSPxvv8q2Nd6K2q Posted on the ... Blockchain Alice

821 views • 40 slides
Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti

Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti

Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti Dina Katabi & Katya Puchala State of the art: Onio Onion Rout n Routing over P2P ing over P2P n Routing over P2P ing over P2P Bob Onion

705 views • 43 slides
Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh |

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh |

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh | Shinyoung Cho | Phillipa Gill Stony Brook University 1 Anonymity on the Internet Tor Network 2 Anonymity on the Internet Does not know the source

261 views • 15 slides
Identity and Identity and anonymity anonymity Engineering & Public Policy Lorrie Faith

Identity and Identity and anonymity anonymity Engineering & Public Policy Lorrie Faith

CyLab Identity and Identity and anonymity anonymity Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818:

467 views • 46 slides
for anonymity, but quite a lot is. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket

for anonymity, but quite a lot is. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket

Anonymity Trilemma not all is lost for anonymity, but quite a lot is. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 Universitaet zu Luebeck Anonymous Communication (AC) Networks

449 views • 21 slides
Free Software, Free Internet, Anonymity & Tor Andrew Lewman andrew@torproject.org 24 Feb

Free Software, Free Internet, Anonymity & Tor Andrew Lewman andrew@torproject.org 24 Feb

Free Software, Free Internet, Anonymity & Tor Andrew Lewman andrew@torproject.org 24 Feb 2011 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how

926 views • 51 slides
Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March

Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March

Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March 30, 2006 Outline Anonymity 1 Anonymity with identity escrow 2 Marshall and Molina-Jiminez protocol 3 Our protocol 4 Verification in

567 views • 20 slides
Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter & Aviel D. Rubin of

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter & Aviel D. Rubin of

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter & Aviel D. Rubin of AT&T Labs (August, 1997) Presenter: Craig Bergstrom Overview The Problem At Hand How Crowds Works Levels and Types of Anonymity &

326 views • 19 slides
Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs

Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs

Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs Bryan Ford Stanford Yale ACM Workshop on Privacy in the Electronic Society 4 November 2013 New Anonymity Systems Have a

563 views • 27 slides
W hy is anonymity so hard? Roger D ingledine T he Free Haven Project 1 M any people need

W hy is anonymity so hard? Roger D ingledine T he Free Haven Project 1 M any people need

W hy is anonymity so hard? Roger D ingledine T he Free Haven Project 1 M any people need anonymity Polit ical dissident s in oppressive count ries Government s want t o do operat ions secret ly. Corporat ions are vulnerable t o t

838 views • 38 slides
Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio

Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio

Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio Orlandi (Aarhus University) 1 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin

1.23k views • 90 slides
Anonymity Networks for Crypto Geeks, the Department of Defense, and you. Nick Mathewson

Anonymity Networks for Crypto Geeks, the Department of Defense, and you. Nick Mathewson

Anonymity Networks for Crypto Geeks, the Department of Defense, and you. Nick Mathewson <nickm@freehaven.net> The Free Haven Project MIT SIPB talk; 2 Feb 2006 This talk is about anonymity. Technical Social 1. What is it? 2. Why does

1.02k views • 71 slides
Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The

Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The

Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The Free Haven Project 1 Overview We design and deploy anonymity systems. Version 1: You guys are studying this in academia, and we're

684 views • 25 slides
Theorem-proving Privacy and Anonymity Yoshinobu KAWABE NTT Communication Science Laboratories

Theorem-proving Privacy and Anonymity Yoshinobu KAWABE NTT Communication Science Laboratories

Theorem-proving Privacy and Anonymity Yoshinobu KAWABE NTT Communication Science Laboratories NTT Corporation References Simulation-based proof method of privacy/anonymity Y. Kawabe, K. Mano, H. Sakurada and Y. Tsukada

303 views • 28 slides
Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul Syverson U.S. Naval Research Laboratory syverson@itd.nrl.navy.mil http://www.syverson.org 1 Course Outline Lecture 1: Usage examples, basic notions of anonymity, types

918 views • 88 slides
Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research Laboratory syverson@itd.nrl.navy.mil http://www.syverson.org 1 Course Outline Lecture 1: Usage examples, basic notions of anonymity, types

611 views • 48 slides

More recommend