mixtasy remailing on existing infrastructure
play

Mixtasy: Remailing on Existing Infrastructure Anonymized Email - PowerPoint PPT Presentation

Apr 09, 2023 •30 likes •220 views

Mixtasy: Remailing on Existing Infrastructure Anonymized Email Communication Easily Deployable Using SMTP & OpenPGP Masters thesis presentation @Young Researchers Day 2016 St Johann im Pongau (11.10.2016) by Johannes Burk 1st

  1. Mixtasy: Remailing on Existing Infrastructure Anonymized Email Communication Easily Deployable Using SMTP & OpenPGP Master’s thesis presentation @Young Researchers’ Day 2016 St Johann im Pongau (11.10.2016) by Johannes Burk 1st Reviewer: Dipl.-Inform. David Stezenbach 2nd Reviewer: Priv.-Doz. Mag. DI. DI. Dr.techn. Karl Michael Göschka

  2. Introduction ● Secure messaging is a big research area ● Plain email did not provide any security or privacy feature ○ But it’s still heavily used ● TLS and openPGP, S/MIME isn’t enough ○ Metadata still readable ● Eavesdroppers/Adversaries are everywhere (attention tinfoil hat carriers!) Slide: 2

  3. Objective ● Build a secure and privacy preserving asynchronous messaging prototype solution ● … With good adoption properties (design on top of existing infrastructure) Main Parts of the work ● Requirement Definition ● Technologies & Existing Work ● Design Considerations ● Protocol Specification (wire protocol) ● Protocol Implementation (tool, prototype) Slide: 3

  4. Requirements: Security and Privacy Security ● Confidentiality, integrity and authenticity ○ end-to-end ● Anonymity Preserving ○ conversation security feature must not break transport privacy Privacy ● Participation Anonymity & Global Adversary Resistance ● Unlinkability ● Sender Anonymity Slide: 4

  5. Requirements: Usability and Adoption Usability ● Keep Email Properties ○ asynchronicity ○ message drops/delays ● Easy Initialization Adoption ● Compatibility to existing Infrastructure ● No Additional Service ● Scalable Slide: 5

  6. Existing Work: Remailer ● Based on mix networks ● Different types (evolution caused) ○ Type 0: Pseudonymous/Nym remailer ■ Just for pseudonymization ○ Type 1: Cypherpunk ■ Encryption not mandatory ○ Type 2: Mixmaster ■ Outdated crypto (RSA-1024, (3DES), MD5, …) ○ Type 3: Mixminion ■ Doesn’t support SMTP Slide: 6

  7. Slide: 7 https://crypto.is/blog/remailers_weve_got

  8. The Idea of Mixtasy ● Secure and anonymous emailing ● Reuse existing technologies and infrastructure! Overview ● Mix Network design ● Data Format: Internet Message Format [RFC-5322] ● Encryption: openPGP [RFC-4880] ● Transport: SMTP [RFC-5321] ● Directory Service: openPGP Key Servers (no additional service!) ● Implementation: Postfix Filter Addon (adoption!) + client to send mails Slide: 8 https://crypto.is/blog/what_is_a_remailer

  9. Design Considerations I ● Encryption: confidentiality & prevent tracking by content ○ layered encryption between sender and mixes/receiver ● Mixing Algorithm: blur the trace of a message (anonymity) ○ Timed dynamic-pool mix ● Message Size: prevent tracking by size (anonymity) ○ Uniformed; repadding at each mix Slide: 9

  10. Design Considerations II ● Replay Attack prevention (anonymity) ○ Cache message hashes ● Tagging attack prevention (anonymity) ○ Message data verification ● Dummy Traffic: complicate blending attacks & reduce message delays ○ inject dummy messages ● Abuse & Spam protection ○ cost based spam protection Slide: 10

  11. Mixtasy Design: Receiver’s Provider supports Mixtasy Slide: 11

  12. Message Format ● Original Message ○ As composed by the sender ● Final Mix Message ○ Wraps an original message ● Intermediate Mix Message ○ Contains another intermediate or a final mix message Slide: 12

  13. OpenPGP Message Format Example Slide: 13

  14. Slide: 14

  15. Decryption and re-padding Slide: 15

  16. Keys ● Long-term OpenPGP key (trust establishment) ● Short-term sub-keys (encryption) ● Distribution over public PGP key server ● Discovery via search for “mixtasy@” Slide: 16

  17. Available Prototype on GitHub ● Written in Python, makes use of GnuPG ● CLI Client to create mails ○ Including: Mix discovery and key retrieval, Path selection, constructing single part messages, sending via SMTP ● Postfix Filter to operate a mix node ○ Including: Strip of encryption layer, Verification check, Re-padding to fixed message size ● Not implemented yet: ○ multi part and dummy messages, mixing algorithm, replay attack prevention Slide: 17

  18. Conclusion ● Remailer protocol design and prototype created ○ Mostly specified by composing existing technologies ○ Deployable by upgrading existing MTAs ○ Receiver just needs OpenPGP software ● Future work ○ Implement full specification ○ Detailed evaluation/auditing ○ Research on dynamically change timed dynamic-pool mix parameters ○ Extend the protocol by an anonymous reply feature Slide: 18

  19. Download Slides and Master’s Thesis, Try out or Contribute ● http://mixtasy.net/ ● https://github.com/jojoob/mixtasy/ Slide: 19

Recommend

Existing Infrastructure and Modernization of the Electric Grid March 22, 2016 Agenda

Existing Infrastructure and Modernization of the Electric Grid March 22, 2016 Agenda

New Energy Industry Task Force Existing Infrastructure and Modernization of the Electric Grid March 22, 2016 Agenda Existing Infrastructure Fossil generation and transmission Renewable generation Modernization of the grid

654 views • 34 slides
Server Upgrades 6/25/19 Agenda Existing Server Infrastructure Reasons for upgrading

Server Upgrades 6/25/19 Agenda Existing Server Infrastructure Reasons for upgrading

Revised 6/25/2019 Server Upgrades 6/25/19 Agenda Existing Server Infrastructure Reasons for upgrading Options & Budget Best Solution Server Upgrades 1 1 6/25/2019 Existing Server Infrastructure Server 1: Purchased

277 views • 10 slides
^ c TsL. aa oa^ [ '} | Q )() l^'ntO I oa " _mj aa ^f-^51 Bn JHn ^^r' ITI ,^v

^ c TsL. aa oa^ [ '} | Q )() l^'ntO I oa " _mj aa ^f-^51 Bn JHn ^^r' ITI ,^v

FAIRMS^T ^T^~ lmL ^ c TsL. aa oa^ [ '} | Q )() l^'ntO I oa " _mj aa ^f-^51 Bn JHn ^^r' ITI ,^v Comprehensive Plan Steering Committee March 12, 2019 Agenda City Infrastructure & Services Existing infrastructure

362 views • 10 slides
Re-allocation at consent expiry September 2017 What the RMA says about existing infrastructure

Re-allocation at consent expiry September 2017 What the RMA says about existing infrastructure

Re-allocation at consent expiry September 2017 What the RMA says about existing infrastructure When considering an application [for renewal of resource consent] a consent authority must have regard to the value of the investment of the

169 views • 4 slides
Driveway Profile Discussion Karl Oberjohn Infrastructure Committee 9/10/2018 Can existing

Driveway Profile Discussion Karl Oberjohn Infrastructure Committee 9/10/2018 Can existing

Lower Jackson Road Driveway Profile Discussion Karl Oberjohn Infrastructure Committee 9/10/2018 Can existing sidewalk be preserved? Benefits Maintain a grass strip between sidewalk and street Save money by only replacing damaged

317 views • 15 slides
Program Roadways and Infrastructure June 20, 2019 Roadways and Infrastructure Needs Address

Program Roadways and Infrastructure June 20, 2019 Roadways and Infrastructure Needs Address

2019 Bond Program Roadways and Infrastructure June 20, 2019 Roadways and Infrastructure Needs Address existing transportation infrastructure deficiencies such as: Capacity Congestion Safety Address future capacity needs based

568 views • 34 slides
infrastructure in existing residential buildings? e-MOTICON FINAL EVENT March 26, 2019 Milan,

infrastructure in existing residential buildings? e-MOTICON FINAL EVENT March 26, 2019 Milan,

How to implement charging infrastructure in existing residential buildings? e-MOTICON FINAL EVENT March 26, 2019 Milan, Palazzo Lombardia Christian STEGER-VONMETZ About us We are a federal company owned by the Austrian Federal Ministry of

158 views • 13 slides
Oman Broadband Company Harnessing existing Utility infrastructure for a competitive and rapidly

Oman Broadband Company Harnessing existing Utility infrastructure for a competitive and rapidly

Oman Broadband Company Harnessing existing Utility infrastructure for a competitive and rapidly deployed NBN 9 th of June 2014 Introduction of the speaker Stewart White Regulatory Specialist Stewart is a regulatory lawyer by background with

319 views • 31 slides
Page 1 Rock storage pad Page 3 Reed AEP Longitudinal Section Page 4 Existing Infrastructure at

Page 1 Rock storage pad Page 3 Reed AEP Longitudinal Section Page 4 Existing Infrastructure at

Page 1 Rock storage pad Page 3 Reed AEP Longitudinal Section Page 4 Existing Infrastructure at Reed AEP Construction Camp Page 5 Reed AEP Site looking north, southern reach of Reed Lake approximately 3km in background (August 2012) Page 6

478 views • 24 slides
Technologies for Evaluating Risks to Existing Berth Infrastructure from Larger Vessels 2019

Technologies for Evaluating Risks to Existing Berth Infrastructure from Larger Vessels 2019

Technologies for Evaluating Risks to Existing Berth Infrastructure from Larger Vessels 2019 Facilities Engineering Seminar 1 Risks Posed by Larger Vessels 1. Navigation 2. Passing other docks 3. Maneuvering at berth 4. Berthing 5. Mooring

383 views • 23 slides
Existing data infrastructure and new information technologies to build sustainable data for

Existing data infrastructure and new information technologies to build sustainable data for

Existing data infrastructure and new information technologies to build sustainable data for sustainable development The case in Israel International Seminar on World Statistics: " Sustainable Data for Sustainable Development Xi'an, China,

369 views • 12 slides
Opportunities for Adding Storage at Existing or New Generation Sites Neil Millar, Executive

Opportunities for Adding Storage at Existing or New Generation Sites Neil Millar, Executive

Opportunities for Adding Storage at Existing or New Generation Sites Neil Millar, Executive Director, Infrastructure Development Joanne Bradley, Lead Queue Management Specialist, Infrastructure Contracts & Management ISO PUBLIC ISO PUBLIC

479 views • 21 slides
University College London 1 Introduction Interdependency of Infrastructure Many studies on

University College London 1 Introduction Interdependency of Infrastructure Many studies on

Infrastructure interdependency at Operation level Samane Faramehr Taku Fujiyama University College London 1 Introduction Interdependency of Infrastructure Many studies on existing and obvious interdependencies (e.g. electricity power

295 views • 25 slides
Minehead Seafront - Analysis Existing Constraints Part of Jubilee Gardens is in the

Minehead Seafront - Analysis Existing Constraints Part of Jubilee Gardens is in the

Minehead Seafront - Analysis Existing Constraints Part of Jubilee Gardens is in the Wellington Square Conservation Area. Area east of Jubilee Gardens contains Wessex Water infrastructure and manholes which must stay. Existing clock

124 views • 9 slides
Tourism Infrastructure Committee September 2015 Agenda MGM Resorts Entertainment Overview

Tourism Infrastructure Committee September 2015 Agenda MGM Resorts Entertainment Overview

Presentation to the Southern Nevada Tourism Infrastructure Committee September 2015 Agenda MGM Resorts Entertainment Overview Festivals Existing Arenas New Venues Future Growth, Impact and Infrastructure Needs Q&A 2

422 views • 38 slides
Assessment of transport infrastructure means (EIBURS_100113) Stef Proost - KULeuven (B) Andre de

Assessment of transport infrastructure means (EIBURS_100113) Stef Proost - KULeuven (B) Andre de

Assessment of transport infrastructure means (EIBURS_100113) Stef Proost - KULeuven (B) Andre de Palma ENS Cachan (F) Research questions a) is pricing of existing transport infrastructure efficient and is it an alternative to manage the

314 views • 12 slides
Hybridization of Existing Wind/Solar PV Plants Mr. Ajit Pandit Director, Idam Infrastructure

Hybridization of Existing Wind/Solar PV Plants Mr. Ajit Pandit Director, Idam Infrastructure

Hybridization of Existing Wind/Solar PV Plants Mr. Ajit Pandit Director, Idam Infrastructure Advisory Pvt. Ltd. (22 nd September, 2016) 1 Agenda Need for development of Wind-Solar Hybrids Development of framework for Wind-Solar Hybrids

2.15k views • 24 slides
SDR Engineering Consultants, Inc. April 24, 2019 OUTLINE Fiber-Reinforced Polymers

SDR Engineering Consultants, Inc. April 24, 2019 OUTLINE Fiber-Reinforced Polymers

Facilities Engineering Seminar April 24-26, 2019 Jacksonville, FL Panel I: Tech Forum: Using Tech to Extend Infrastructure ENHANCING LIVE LOAD-CARRYING CAPACITY OF EXISTING INFRASTRUCTURE FOR EXTENDED LIFE SPAN Mohsen Shahawy, PhD, PE

755 views • 36 slides
The Problem IP Spoofing CS 239 Existing Internet protocols and Advanced Topics in Network

The Problem IP Spoofing CS 239 Existing Internet protocols and Advanced Topics in Network

The Problem IP Spoofing CS 239 Existing Internet protocols and Advanced Topics in Network infrastructure allow forgery of some IP Security packet header fields Peter Reiher In particular, the source address field can often be

400 views • 3 slides
Integration 101 Integration of new Field Service Management systems with existing infrastructure

Integration 101 Integration of new Field Service Management systems with existing infrastructure

Integration 101 Integration of new Field Service Management systems with existing infrastructure This slide contains ClickSoftware proprietary and Confidential Information This slide contains ClickSoftware proprietary and Confidential Information

635 views • 18 slides
Decision on conditional approval to extend existing reliability must-run contracts for 2020 Neil

Decision on conditional approval to extend existing reliability must-run contracts for 2020 Neil

Decision on conditional approval to extend existing reliability must-run contracts for 2020 Neil Millar Executive Director Infrastructure Development Board of Governors Meeting General Session September 18, 2019 Management requests

163 views • 4 slides
An Example of Repair/Reinforcement Design for an Existing RC-girder Bridge Under Salt Damage

An Example of Repair/Reinforcement Design for an Existing RC-girder Bridge Under Salt Damage

1/23 US-Japan Workshop on Life Cycle Assessment of Sustainable Infrastructure Materials Sapporo, Japan, October 21-22, 2009 An Example of Repair/Reinforcement Design for an Existing RC-girder Bridge Under Salt Damage Conditions in a Cold

395 views • 24 slides
Existing Building Commissioning Existing Building Commissioning (or Retro-Commissioning) (or

Existing Building Commissioning Existing Building Commissioning (or Retro-Commissioning) (or

SOUTHEAST REGION Existing Building Commissioning Existing Building Commissioning (or Retro-Commissioning) (or Retro-Commissioning) SERBCA Annual Meeting Covington, KY December 6, 2013 Session Learning Objectives o Definition of Existing

495 views • 48 slides
LPC-1.0 200 Park Avenue, NY NY 10166 RESIDENTIAL LOBBY OFFICE TENANT RETAIL TENANT EXISTING

LPC-1.0 200 Park Avenue, NY NY 10166 RESIDENTIAL LOBBY OFFICE TENANT RETAIL TENANT EXISTING

EXISTING DOORS (NO CHANGE) 6'-10" 40'-1" 39'-8" 37'-3" 17'-9" DASHED LINE INDICATES EXISTING CANOPY EXISTING SIDEWALK & CURB (NO CHANGE) EXISTING SIDEWALK & CURB (NO CHANGE) (NO CHANGE) PLAN DRAWING -

569 views • 3 slides

More recommend