anonymous communication
play

Anonymous Communication Martijn Terpstra & Max Tijssen - PowerPoint PPT Presentation

Anonymous Communication Martijn Terpstra & Max Tijssen Introduction 1. Definition of anonymity 2. Reasons 3. Problems 4. Legal issues and implications 5. PETs 6. Crowds 7. I2P Definition of anonymity The state or quality


  1. Anonymous Communication Martijn Terpstra & Max Tijssen

  2. Introduction 1. Definition of anonymity 2. Reasons 3. Problems 4. Legal issues and implications 5. PETs 6. Crowds 7. I2P

  3. Definition of anonymity ● The state or quality of being anonymous (Dictonary.com). ● Level of anonymity

  4. Definition of anonymity ● Anonymity vs pseudonymity ● K - anonymity (Harvard) ● Untraceability ● Unlinkability

  5. Uses of AC

  6. Uses of AC - Privacy protection - Bypassing oppressive regimes - Whistleblowers (Wikileaks, Snowden)

  7. Uses of AC - Ability to discuss taboo subjects - Cybercrime (Silk Road)

  8. Issues with AC ● Law enforcement ● Legitimate aims of service providers ● Lack of repercussions for the users

  9. Legal issues and implications ● Certain rights have to be constrained in a society ● Untraceable and unreadable communication ● Produces legal issues and solutions

  10. Art 8. Convention of Fundamental Rights of the European Union Article 8 – Right to respect for private and family life 1. Everyone has the right to respect for his private and family life, his home and his correspondence. 2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.

  11. Whistleblower laws ● Recommendation CM/Rec(2014)7 on the protection of whistleblowers ● Council of europe. Not european union! Up to members how and if to implement. 12. The national framework should foster an environment that encourages reporting or disclosure in an open manner. Individuals should feel safe to freely raise public interest concerns. 18. Whistleblowers should be entitled to have the confidentiality of their identity maintained, subject to fair trial guarantees.

  12. Implementation whistleblower legislation ● Dutch (Adviespunt klokkenluiders) ○ Anonymous whistleblowing strongly discouraged. Information received from such a source has lower chance of being acted on. ● UK ○ Not (or less likely) protected by Public Interest Disclosure Act ● Portugal ○ Anonymity waived if a suspected person is charged.

  13. Data Retention Directive Article 3 Obligation to retain data 1. By way of derogation from Articles 5, 6 and 9 of Directive 2002/58/EC, Member States shall adopt measures to ensure that the data specified in Article 5 of this Directive are retained in accordance with the provisions thereof, to the extent that those data are generated or processed by providers of publicly available electronic communications services or of a public communica- tions network within their jurisdiction in the process of supply- ing the communications services concerned.

  14. Data Retention Directive 1. Member States shall ensure that the following categories of data are retained under this Directive: (a) data necessary to trace and identify the source of a communication (b) data necessary to identify the destination of a communication (f) data necessary to identify the location of mobile communi- cation equipment: 2. No data revealing the content of the communication may be retained pursuant to this Directive.

  15. Legislation changes How to deal with anonymity? ● French law (proposed but not enacted) ○ Force people to register with their true identity ● US ○ U.S. Supreme Court Justice Scalia :“The very purpose of anonymity is to facilitate wrong by eliminating accountability”[Framkin 1995]. ● UK ○ Banning Tor is neither acceptable nor technically feasible ● Sweden ○ Service providers only responsible if messages are clearly illegal.

  16. PETs Server based Peer to Peer TOR GNUnet Crowds I2P ShadowWalker Freenet NetCamo

  17. Crowds - Users are grouped into crowds - Provides k-anonymity

  18. Crowds - A user is represented as a Jondo - Jondos contact a server called a Blender - Once a Blender has formed a crowd of random users, the Blender informs the Jondo's of the crowd they are in

  19. Crowds - A Jondo will then send his request to a random user in the crowd (possibly himself) - Any Jondo receiving a request will randomly either send it to yet another Jondo or send it to its destination - Encryption of messages between Jondos with a key shared by only those two Jondos

  20. Crowds - The endpoint does not know the origin of a request - Malicious users could do a denial of service attack

  21. I2P - Invisible Internet Project - Layered encryption - Garlic routing

  22. I2P - Mostly focused on hidden services - Both sender and receiver are anonymous

  23. I2P - Unidirectional tunnels - Each node build an inbound and outbound tunnel

  24. Tunnels - All tunnels are unidirectional - Each party builds 2 tunnels, one inbound, one outbound - Tunnel creators may use any peers in the network in any order (and even any number of times) in a single tunnel

  25. I2P

  26. I2P - Communication through garlic messages - Multiple garlic cloves can be combined into a single garlic message - Each garlic cloves comes with its own delivery instructions

  27. Tunnel creation - List of peers is made based on speed and capacity, updated regularly - Client picks top tier peers randomly for tunnel creation

  28. Servers - Identified by cryptographic keys - No DNS

  29. NetDB - NetDb is distributed via the floodfill algorithm - Floodfill routers - RouterInfos - LeaseSets

  30. RouterInfo - The router's identity - The contact addresses - When this was published - A set of arbitrary text options - The signature of the above, generated by the identity's DSA signing key

  31. LeaseSet - documenting a group of tunnel entry points (leases) for a particular client destination. - The tunnel gateway router (by specifying its identity) - The tunnel ID on that router to send messages with (a 4 byte number) - When that tunnel will expire.

  32. I2P compared to tor - I2P is designed for hidden services - Unidirectional tunnels - No clear distinction between client and server - Less popular (k-anonymity), not much research compared to tor

  33. Conclusion AC has many uses, both legitimate and illegitimate. Produces and helps with legal issues. Many different PETs, all with their own advantage and disadvantages.

  34. TOR refresher - Uses layered encryption to pass through several nodes before reaching destination - With enough nodes (3) between start and end no single node knows both the start and end.

  35. TOR refresher - Prevent man in the middle sniffing - Hides identity - Uses own protocol: use of tor is obvious to third party - End point vulnerability - (Perhaps explanation of current technical attacks)

Recommend


More recommend