anonymous communications i
play

Anonymous Communications (I) 01010010010101010101010101 - PowerPoint PPT Presentation

Sep 23, 2022 •336 likes •641 views

010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Anonymous Communications (I)

  1. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Anonymous Communications (I) 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 George Danezis Security Group, Computer Laboratory, University of Cambridge. George.Danezis@cl.cam.ac.uk

  2. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Objective 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● This is not just academic ● Objective: – Empower people to use . – Help implement anonymous comms. – Help design and analyze systems. ● Present where we are, and where we are going with the Mixminion remailer. ● Onion routing derivatives – next talk!

  3. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Outline 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● Introduction to anonymous comms. ● Basic principles. – Do not reinvent the wheel. ● Current research. – Do not reinvent the rocket either. ● History of remailers. ● What is to be done?

  4. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Introducing the problem 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● Real world: whistle blowers, human rights work, elections, e-cash, political speech, ... ● Anonymous communications: what is it? – Alice wants to talk to Bob without anyone, including Bob, knowing her identity (sender anonymity). – She wants Bob to reply without anyone knowing her identity (receiver anonymity). – The two can be combined to provide bi- directional anonymity.

  5. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Meet the adversary 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● We assume: – Eve can observe all the network links. – Mallory can modify, delete, inject messages as they travel on any network links. – Bob is working with them, not Alice. – Some trusted third parties are corrupt, and misbehave. ● Stage of clinical paranoia makes designers sleep well at night.

  6. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 How do we do this? 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● At the beginning there was David Chaum's (1981) mix . ● What is a mix: – Router that takes messages and send them out. – Mixes hide the correspondence between inputs and outputs – hence anonymity!

  7. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 How do we do this? 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● At the beginning there was David Chaum's (1981) mix . ● What is a mix: – Router that takes messages and send them out. – Mixes hide the correspondence between inputs and outputs – hence anonymity! Mix

  8. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 How to design a mix? 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● Messages in and out have to look different. – Bitwise unlinkability: use cryptography. ● Timing of arrivals and departures must not link messages. – Traffic analysis resistance: use batching strategies, and dummy traffic. ● Other attacks: flooding, DoS, network discovery, sting attacks, ... black magic!

  9. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 An insecure example 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● A simple construction: {B,M} k M Mix A B k ● Chaining mixes: {M2,{B,M} k2 } k1 {B,M} k2 ,J M Mix Mix A B k1 k2 More requirements: select honest routes, hide total number of hops, hide from corrupt mixes, Topology, ...

  10. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 How to reply anonymously? 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● Alice sends reply blocks to Bob, so that he can route messages back. {A,s1} k2 ,{M} s2 ,J 2 {M1,s2,{A,s1} k1 } k2 , M {{M} s2 } s1 ,J 2 ,J 1 Mix Mix A B k1 k2 ● More requirements: – Path length of reply blocks not leaked. – Intermediaries do not know their positions. – Replies must not be distinguishable from normal.

  11. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 After Chaum ... 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● Three main branches of anonymous comms: – Remailers – mixing email-like traffic. – Onion Routing – ISDN, JAP, Tor, ... (Roger's talk) – Provable schemes – elections (hardcore crypto) ● Non-mix based systems: – Simple proxies / Crowds (weak!) – Dining Cryptographers networks (very strong!) – Cool hacks: wireless, steganography, ...

  12. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Theoretical schemes 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● Schemes: – Babel – remailer – Sg-mixes – to combat (n-1) attacks – Moller's provable mix – Minx – Very efficient packet format. ● Analysis: – Measuring anonymity (information theory / covert channel analysis).

  13. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Theoretical schemes (cont) 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 – Mix strategies and dummy traffic. – Topologies (cascades, restricted routing, synchronous batching, ...) – Tagging attacks – original Chaum mix fails! – Simulation ● Analysis of attacks (we are good at it now): – Disclosure and statistical disclosure. – Traffic analysis – Network discovery attacks.

  14. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Stone age remailer: penet.fi 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● 1993 - penet.fi by Johan Helsingius ● Simple email proxy: – Strips identifying headers. – Substitues an nym address, to route back replies. – Correspondance is kept in a large file! ● 1996 – Legal attack – penet.fi loses. ● Impact on anonymity community.

  15. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Type I “cypherpunk” remailers 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● Appears on the cypherpunk list – At the time cypherpunks wrote code :-) ● Fixes the “one large file” problem. ● Uses PGP 2 for crypto (weak!) - tagging & no padding. ● Many remailers can be chained. ● Reply blocks can be used (more than once) to reply to messages. Still in use!

  16. 010100100101010101010101010101010101001001001011 010100100101110101001011100100101000010101100 100101010001010101010001001000011110 0010101011100110010101001011100 10010101010011101001011100101 Type II “Mixmaster” remailer 01010010010101010101010101 01001010010010111010100 1001010100010101010 00101010111001100 10010101010 ● Lance Cottrell (1995), Ulf Moller,Peter Palfrader, Len Sassaman++ ● Custom crypto to avoid tagging attacks and replays. ● Fixed size payload & split messages. ● No reply blocks . ● Overall secure and maintained.

Recommend

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine The Free Haven Project http://tor.eff.org/ April 12, CFP 2005 Talk Outline Motivation: Why anonymous communication? Myth 1: This is only for privacy

488 views • 33 slides
Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven Project Electronic Frontier Foundation http://tor.eff.org/ 17 September 2005 Talk Outline Motivation: Why anonymous communication? Myth 1:

703 views • 47 slides
Tor: Anonymous Communications for the EFF ... and you. Roger Dingledine The Tor Project

Tor: Anonymous Communications for the EFF ... and you. Roger Dingledine The Tor Project

Tor: Anonymous Communications for the EFF ... and you. Roger Dingledine The Tor Project https://torproject.org/ 1 Tor: Big Picture Freely available (Open Source), unencumbered. Comes with a spec and full documentation: German

810 views • 50 slides
Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free Haven Project http://tor.eff.org/ 1 Tor: Big Picture Freely available (Open Source), unencumbered. Comes with a spec and full documentation:

806 views • 56 slides
Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free Haven Project http://tor.eff.org/ 1 Tor: Big Picture Freely available (Open Source), unencumbered. Comes with a spec and full documentation:

704 views • 49 slides
Tor: Anonymous Communications for the US Dept of Defense ... and you. Roger Dingledine The Free

Tor: Anonymous Communications for the US Dept of Defense ... and you. Roger Dingledine The Free

Tor: Anonymous Communications for the US Dept of Defense ... and you. Roger Dingledine The Free Haven Project http://tor.eff.org/ 1 Tor: Big Picture Freely available (Open Source), unencumbered. Comes with a spec and full

1k views • 54 slides
Anonymous communications and systems A short introduction George Danezis Computer Security

Anonymous communications and systems A short introduction George Danezis Computer Security

Anonymous communications and systems A short introduction George Danezis Computer Security Group Computer Laboratory 1 Introducing Hiding Two strategies to safeguard assets: protect (guards, walls, safes,

613 views • 25 slides
Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction

Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction

Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction to Computer Security Day 23: Anonymizing the network Tor basics Stephen McCamant University of Minnesota, Computer Science & Engineering Tor

301 views • 7 slides
Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction

Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction

Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction to Computer Security Day 24: Anonymizing the network Tor basics Stephen McCamant University of Minnesota, Computer Science & Engineering Tor

391 views • 5 slides
Anonymous Communications. George Danezis (g.danezis@ucl.ac.uk) With help from: Luca Melis

Anonymous Communications. George Danezis (g.danezis@ucl.ac.uk) With help from: Luca Melis

Privacy Enhancing Technologies Anonymous Communications. George Danezis (g.danezis@ucl.ac.uk) With help from: Luca Melis (luca.melis.14@ucl.ac.uk) Steve Dodier-Lazaro (s.dodier-lazaro.12@ucl.ac.uk) Administration & Labs Enrol into the

819 views • 49 slides
Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work

Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work

Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work with Ben Kreuter, Tancrde Lepoint, Mariana Raykova ia.cr/2020/072 1 Definition Anonymous tokens are lightweight, single-use anonymous credentials.

657 views • 61 slides
Anonymous classes Polymorphism Anonymous classes motivation You probably have many buttons

Anonymous classes Polymorphism Anonymous classes motivation You probably have many buttons

Two cool ideas: Anonymous classes Polymorphism Anonymous classes motivation You probably have many buttons and/or menu items in your VectorGraphics project Three approaches for responding to the events from selecting those buttons /

406 views • 6 slides
12-STEP PROGRAMS Alcoholics Anonymous The Preamble Alcoholics Anonymous is a fellowship

12-STEP PROGRAMS Alcoholics Anonymous The Preamble Alcoholics Anonymous is a fellowship

12-STEP PROGRAMS Alcoholics Anonymous The Preamble Alcoholics Anonymous is a fellowship of men and women who share their experience, strength and hope with each other that they may solve their common problem and help others to recover

1.11k views • 76 slides
Cocaine Anonymous A Presentation to Professionals Presentation Contents Our Aims Today The

Cocaine Anonymous A Presentation to Professionals Presentation Contents Our Aims Today The

Cocaine Anonymous A Presentation to Professionals Presentation Contents Our Aims Today The CA Group Cocaine Anonymous Is The 12 Steps Cocaine Anonymous Is Not Spirituality History of Cocaine Anonymous Sponsorship

700 views • 37 slides
Remote Side-Channel Attacks on Anonymous Transactions In Zcash & Monero Florian Tramr and

Remote Side-Channel Attacks on Anonymous Transactions In Zcash & Monero Florian Tramr and

Remote Side-Channel Attacks on Anonymous Transactions In Zcash & Monero Florian Tramr and Dan Boneh and Kenny Paterson USENIX Security Symposium Meet Alice the Anonymous Activist Blogger PK A anonymous 2 Alices Lack of Privacy Send

395 views • 21 slides
Task Computability in Unreliable Anonymous Networks Nayuta Yanagisawa DeNA Co., Ltd. Petr

Task Computability in Unreliable Anonymous Networks Nayuta Yanagisawa DeNA Co., Ltd. Petr

Task Computability in Unreliable Anonymous Networks Nayuta Yanagisawa DeNA Co., Ltd. Petr Kuznetsov Telecom ParisTech I am here to talk about ... the computability issues of failure-prone anonymous broadcast models. Anonymous Model

660 views • 21 slides
THE SECULAR COMING OF AGE INSIDE ALCOHOLICS ANONYMOUS In the 1939 book, Alcoholics Anonymous ,

THE SECULAR COMING OF AGE INSIDE ALCOHOLICS ANONYMOUS In the 1939 book, Alcoholics Anonymous ,

THE SECULAR COMING OF AGE INSIDE ALCOHOLICS ANONYMOUS In the 1939 book, Alcoholics Anonymous , the concept, God as you understand Him including everyone. In 2017 not so much How Many Atheists are there? (last updated May 31,

400 views • 21 slides
Bayesian Inference and Traffic Analysis Carmela Troncoso George Danezis September-November

Bayesian Inference and Traffic Analysis Carmela Troncoso George Danezis September-November

Bayesian Inference and Traffic Analysis Carmela Troncoso George Danezis September-November 2008 Microsoft Research Cambridge/ KU Leuven(COSIC) Anonymous Communications T ell me who your friends are. .. => Anonymous

319 views • 29 slides
Disclaimer "C.A.", "Cocaine Anonymous, we're here and we're free and the C.A.

Disclaimer "C.A.", "Cocaine Anonymous, we're here and we're free and the C.A.

Disclaimer "C.A.", "Cocaine Anonymous, we're here and we're free and the C.A. Logo are registered trademarks of Cocaine Anonymous World Services, Inc. All rights reserved. Some of the items contained in this presentation are

439 views • 29 slides
Privacy Enhancing Technologies 2003 An Analysis of GNUnet and the Implications for Anonymous,

Privacy Enhancing Technologies 2003 An Analysis of GNUnet and the Implications for Anonymous,

Privacy Enhancing Technologies 2003 An Analysis of GNUnet and the Implications for Anonymous, Censorship-Resistant Networks Dennis Kgler Federal Office for Information Security, Germany Dennis.Kuegler@bsi.bund.de 1 Anonymous,

488 views • 16 slides
Facemask FACEBOOK + YIKYAK = FACEMASK TODD MAEGERLE AND CARSON LIPSCOMB An Anonymous Way to

Facemask FACEBOOK + YIKYAK = FACEMASK TODD MAEGERLE AND CARSON LIPSCOMB An Anonymous Way to

Facemask FACEBOOK + YIKYAK = FACEMASK TODD MAEGERLE AND CARSON LIPSCOMB An Anonymous Way to Communicate with people around you u Yik Yak u gathers posts by geolocation u anonymous An Anonymous Way to Communicate with people around you

205 views • 3 slides
Do dummies pay off? Limits of dummy traffic protection in anonymous communication systems Simon

Do dummies pay off? Limits of dummy traffic protection in anonymous communication systems Simon

Do dummies pay off? Limits of dummy traffic protection in anonymous communication systems Simon Oya , Carmela Troncoso and Fernando Prez-Gonzlez Introduction Anonymous channels hide correspondences (input/output). Dummies are a common

402 views • 18 slides
Cashmere: Resilient Anonymous Routing Li Zhuang (U.C. Berkeley) Feng Zhou (U.C. Berkeley)

Cashmere: Resilient Anonymous Routing Li Zhuang (U.C. Berkeley) Feng Zhou (U.C. Berkeley)

Cashmere: Resilient Anonymous Routing Li Zhuang (U.C. Berkeley) Feng Zhou (U.C. Berkeley) Ben Y. Zhao (U. C. Santa Barbara) Antony Rowstron (Microsoft Research UK) Andrzej Skalski Plan What is anonymous routing Traditional

383 views • 36 slides
Mixminion: A next-generation anonymous remailer George Danezis Roger Dingledine Nick Mathewson

Mixminion: A next-generation anonymous remailer George Danezis Roger Dingledine Nick Mathewson

Mixminion: A next-generation anonymous remailer George Danezis Roger Dingledine Nick Mathewson 1 Outline Background Related systems A few improvements over past work Secure single-use reply block mechanism 2 Anonymous,

544 views • 22 slides

More recommend