privacy and anonymity
play

Privacy and Anonymity 1 Privacy Privacy and society Basic - PDF document

Mar 30, 2024 •11 likes •171 views

CS 134 Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire (Image from geekologie.com) Relevant to corporations & government agencies Recently increased awareness However, general public

  1. CS 134 Privacy and Anonymity 1 Privacy ◆ Privacy and society • Basic individual right & desire • (Image from geekologie.com) • Relevant to corporations & government agencies • Recently increased awareness However, general public ’ s perception of privacy is fickle ◆ Privacy and technology in recent years • >> Information disclosed on the Internet • >> Handling and transfer of sensitive information • << Privacy and accountability 2 1

  2. Privacy on Public Networks ◆ Internet is designed as a public network • Machines on your LAN may see your traffic, network routers see all traffic that passes through them ◆ Routing information is public • IP packet headers identify source and destination • Even a passive observer can easily figure out who is talking to whom ◆ Encryption (e.g., SSL or IPSec) does not hide identities • Encryption hides payload, not routing information • Even IP-level encryption (tunnel-mode IPsec/ESP) reveals IP addresses of IPsec gateways 3 Applications of Anonymity (1) ◆ Privacy • Hide online transactions, Web browsing, etc. from intrusive governments, marketers, archival/search entities (e.g., Google) as well as from criminals and snoops. ◆ Untraceable electronic mail • Corporate whistle-blowers • Political dissidents in oppressive societies • Socially sensitive communications (online AA or STD meeting) • Confidential business negotiations ◆ Law enforcement and intelligence • Sting operations and honeypots • Secret communications on a public network – Informers, secret agents, etc. 4 2

  3. Applications of Anonymity (2) ◆ Digital cash • Electronic currency with properties of paper money (online purchases unlinkable to buyer ’ s identity) ◆ Anonymous electronic voting ◆ Censorship-resistant publishing ◆ Crypto-anarchy • “ Some people say `anarchy won't work ’ . That's not an argument against anarchy; that's an argument against work. ” – Bob Black J 5 Applications of Anonymity (3) ◆ Porn ◆ Libel ◆ Disinformation / Propaganda ◆ Sale of illegal substances ◆ Tax avoidance (via untraceable payments) ◆ Incitement to criminal activity (e.g., genocide, terrorism) 6 3

  4. What is Anonymity? ◆ Anonymity is the inability to identify someone within a set of subjects (size varies) • Different from PRIVACY – right to be left alone • Hide your activities among similar activities by others • One cannot be anonymous alone! – Big difference between anonymity and confidentiality ◆ Unlinkability of action and identity • For example, sender and his email are no more related after observing communication than they were before ◆ Unobservability (hard to achieve) • Observer cannot tell whether a certain action took place or not 7 Attacks on Anonymity ◆ Passive traffic analysis • Infer from network traffic who is talking to whom • To hide your traffic, must carry other people ’ s traffic! ◆ Active traffic analysis • Inject packets or put a timing signature on packet flow ◆ Compromise of network nodes (routers) • Not obvious which nodes have been compromised – Attacker may be passively logging traffic • It ’ s better not to trust any individual node – Assume that some fraction of nodes is good, don ’ t know which 8 4

  5. Chaum’s Mix ◆ Early proposal for anonymous email • David Chaum. “ Untraceable electronic mail, return addresses, and digital pseudonyms ” . Communications of the ACM, February 1981. Before spam, people thought anonymous email was a good idea J ◆ Public key crypto + trusted re-mailer (Mix) • Untrusted communication medium • Public keys used as persistent pseudonyms ◆ Modern anonymity systems use Mix as the basic building block 9 Basic Mix Design B {r 1 ,{r 0 ,M} pk(B) ,B} pk(mix) {r 0 ,M} pk(B) ,B A {r 5 ,M ’’ } pk(B) ,B C E {r 2 ,{r 3 ,M ’ } pk(E) ,E} pk(mix) {r 3 ,M ’ } pk(E) ,E D Mix Adversary knows all senders and {r 4 ,{r 5 ,M ’’ } pk(B) ,B} pk(mix) all receivers, but cannot link a sent message with a received message 10 5

  6. Sending and Replying (A and B know each other) M includes MIX’ and K 2 , where MIX’ might be different from MIX {r 1 ,{r 0 ,M} pk(B) ,B} pk(mix) {r 0 ,M} pk(B) ,B B MIX A A,{r 2 ,M’} K 2 {r 3 ,{r 2 ,M’} K 2 ,A} pk(mix’) MIX’ 11 Sending and Replying (A knows B, B doesn’t know A) M includes MIX’, {K 1 ,A} pk(mix ’ ) , and K 2 ; K 2 is a fresh public key, MIX’ might be different from MIX {r 0 ,M} pk(B) ,B {r 1 ,{r 0 ,M} pk(B) ,B} pk(mix) B MIX A A,{{r 2 ,M ’ } K 2 } K 1 {K 1 ,A} pk(mix ’ ) , {r 2 ,M ’ } K 2 MIX ’ 12 6

  7. Mix Cascade ◆ Messages are sent through a sequence of mixes • Can also form an arbitrary network of mixes ( “ mixnet ” ) ◆ Some mixes may be controlled by attacker, but even a single good mix guarantees some anonymity ◆ Pad and buffer traffic to foil correlation attacks 13 Disadvantages of Basic Mixnets ◆ Public-key encryption and decryption at each mix are computationally expensive ◆ Basic mixnets have high latency • Ok for email, but not for anonymous Web browsing ◆ Challenge: low-latency anonymity network • Use public-key cryptography to establish a “ circuit ” with pairwise symmetric keys between hops on the circuit • Then use symmetric decryption and re-encryption to move data messages along the established circuits • Each node behaves like a mix; anonymity is preserved even if some nodes are compromised 14 7

  8. Another Idea: Randomized Routing ◆ Hide message source by routing it randomly • Popular technique: Crowds, Freenet, Onion routing ◆ Routers don ’ t know for sure if the apparent source of a message is the true sender or another router 15 Onion Routing [Reed, Syverson, Goldschlag 1997] R R R 4 R R 3 R R 1 R R 2 Alice R Bob ◆ Sender chooses a random sequence of routers • Some routers are honest, some are not • Sender controls path length 16 8

  9. Route Establishment R 2 R 4 Alice R 3 Bob R 1 {M} pk(B) {B,k 4 } pk(R4) ,{ } k4 {R 4 ,k 3 } pk(R3) ,{ } k3 {R 3 ,k 2 } pk(R2) ,{ } k2 {R 2 ,k 1 } pk(R1) ,{ } k1 • Routing info for each link encrypted with router ’ s public key • Each router learns only the identity of the next router 17 Tor ◆ Second-generation onion routing network • http://tor.eff.org • Specifically designed for low-latency anonymous Internet communications (e.g., Web browsing) • Running since October 2003 ◆ Hundreds of nodes on all continents ◆ Approximately 300,000 users as of 2009 ◆ “ Easy-to-use ” client proxy • Freely available, can use it for anonymous browsing 18 9

  10. Tor Circuit Setup (1) ◆ Client proxy establishes a symmetric session key and circuit with Onion Router #1 19 Tor Circuit Setup (2) ◆ Client proxy extends the circuit by establishing a symmetric session key with Onion Router #2 • Tunnel through Onion Router #1 20 10

  11. Tor Circuit Setup (3) ◆ Client proxy extends the circuit by establishing a symmetric session key with Onion Router #3 • Tunnel through Onion Routers #1 and #2 21 Using a Tor Circuit ◆ Client applications connect and communicate over the established Tor circuit (also to multiple dst-s) • Packets are decrypted and re-encrypted at each link 22 11

  12. Tor Management Issues ◆ Many applications can share one circuit • Multiple TCP streams over one anonymous connection ◆ Tor router doesn ’ t need root privileges • Encourages people to set up their own routers • More participants = better anonymity for everyone ◆ Directory servers • Maintain lists of active onion routers, their locations, current public keys, etc. • Control how new routers join the network – “ Sybil attack ” : attacker creates a large number of routers • Directory servers ’ keys ship with Tor code --- PoV 23 Location Hidden Servers ◆ Goal: deploy a server on the Internet that anyone can connect to without knowing where it is or who runs it ◆ Accessible from anywhere ◆ Resistant to censorship ◆ Can survive a full-blown DoS attack ◆ Resistant to physical attack • Can ’ t find the physical server! 24 12

  13. Creating a Location Hidden Server Server creates circuits to “ introduction points ” Client obtains service descriptor and intro point address from directory Server gives intro points ’ descriptors and addresses to service lookup directory 25 Using a Location Hidden Server Client creates a circuit Rendezvous point If server chooses to talk to client, to a “ rendezvous point ” matches the circuits connect to rendezvous point from client & server Client sends address of the rendezvous point and any authorization, if needed, to server through intro point 26 13

Recommend

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity Being on-line without giving up everything about you Ensuring collected data doesnt reveal its users data Privacy in Structured Data:

766 views • 49 slides
Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity, t-Closeness CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1

647 views • 61 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy. College Bescherming Persoonsgegevens (CBP) What is privacy? Users must be able to determine for themselves when, how, to what extent and

798 views • 45 slides
K Anonymity Dagstuhl Workshop Federated Semantic 8 Data Management, June 2017 4 27.06.2017

K Anonymity Dagstuhl Workshop Federated Semantic 8 Data Management, June 2017 4 27.06.2017

27.06.2017 Schutz der Privatsphre (WS15/16) Introduction to Privacy (Part 1) You have zero privacy. Get over it. Scott McNealy, 1999 Privacy, k anonymity, and differential privacy Johann Christoph Freytag Humboldt-Universitt zu

457 views • 11 slides
Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Miller and Baileys ECE 422 Anonymity Anonymity: Concealing your identity In the context of the Internet, we

860 views • 61 slides
Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not given or known - Anonymity != Privacy != Security - Anonymity: they can see what you do, but not who you are - Privacy: they can see

379 views • 33 slides
Theorem-proving Privacy and Anonymity Yoshinobu KAWABE NTT Communication Science Laboratories

Theorem-proving Privacy and Anonymity Yoshinobu KAWABE NTT Communication Science Laboratories

Theorem-proving Privacy and Anonymity Yoshinobu KAWABE NTT Communication Science Laboratories NTT Corporation References Simulation-based proof method of privacy/anonymity Y. Kawabe, K. Mano, H. Sakurada and Y. Tsukada

303 views • 28 slides
CSE 127: Introduction to Security Lecture 17: Privacy and Anonymity Nadia Heninger and Deian

CSE 127: Introduction to Security Lecture 17: Privacy and Anonymity Nadia Heninger and Deian

CSE 127: Introduction to Security Lecture 17: Privacy and Anonymity Nadia Heninger and Deian Stefan UCSD Fall 2019 Lecture outline Foundations of privacy Historical and current crypto wars in the US Privacy-enhancing

611 views • 50 slides
protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data

protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data

k-ANONYMITY: A model for protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data privacy Related background work k-anonymity model Possible attacks against k-Anonymity Weaknesses of

575 views • 28 slides
Amplification by Shuffling: From Local to Central Differential Privacy via Anonymity Vitaly

Amplification by Shuffling: From Local to Central Differential Privacy via Anonymity Vitaly

Amplification by Shuffling: From Local to Central Differential Privacy via Anonymity Vitaly Feldman Ulfar Erlingsson Ilya Mironov Ananth Raghunathan Kunal Talwar Abhradeep Thakurta Local Differential Privacy (LDP) 1 1 For all ,

151 views • 11 slides
The Right to be forgotten (RTBF), Privacy, Anonymity and Access to Information Panellists:

The Right to be forgotten (RTBF), Privacy, Anonymity and Access to Information Panellists:

APrIGF 2016 theme: Merging Physical Space with Cyberspace Merged workshop #8 The Right to be forgotten (RTBF), Privacy, Anonymity and Access to Information Panellists: Kyungsin Park (OpenNet Korea) Monika Zalnieriute (University of

255 views • 3 slides
On k -anonymity and the curse of dimensionality Introduction An important method for privacy

On k -anonymity and the curse of dimensionality Introduction An important method for privacy

Charu C. Aggarwal T J Watson Research Center IBM Corporation Hawthorne, NY USA On k -anonymity and the curse of dimensionality Introduction An important method for privacy preserving data mining is that of anonymization . In

985 views • 34 slides
Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio

Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio

Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio Orlandi (Aarhus University) 1 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin

1.23k views • 90 slides
Statistical Databases Query Auditing Li Xiong CS573 Data Privacy and Anonymity Partial

Statistical Databases Query Auditing Li Xiong CS573 Data Privacy and Anonymity Partial

Statistical Databases Query Auditing Li Xiong CS573 Data Privacy and Anonymity Partial slides credit: Vitaly Shmatikov, Univ Texas at Austin Query Audit Problem Maintaining privacy of data Auditor Q 1 Q 2 Q n Database

305 views • 27 slides
Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1

Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1

Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1 Today's plan 0) Crash course on Tor 1) Anonymity attacks 2) Blocking-resistance 2 What is Tor? Online anonymity 1) open source software, 2)

663 views • 52 slides
Privacy Protection through Anonymity in Location-based Services Claudio Bettini Data, Knowledge,

Privacy Protection through Anonymity in Location-based Services Claudio Bettini Data, Knowledge,

Introduction A model for privacy in LBS The static case The dynamic case The multiple-issuer case Conclusions and Future Work Privacy Protection through Anonymity in Location-based Services Claudio Bettini Data, Knowledge, and Web

744 views • 55 slides
Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012

Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012

Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012 Outline Introduction VANETs: an overview VANET privacy - Anonymity - Location Privacy - VPKI Privacy Attacks Countermeasures

703 views • 42 slides
Privacy Definitions: Beyond Anonymity CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture

Privacy Definitions: Beyond Anonymity CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture

Privacy Definitions: Beyond Anonymity CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 5 : 590.03 Fall 12 1 Announcements Some new project ideas added Please meet with me at least once before you finalize your project

725 views • 53 slides
Privacy-preserving monitoring of an anonymity network Iain R. Learmonth 3rd February 2019 Tor

Privacy-preserving monitoring of an anonymity network Iain R. Learmonth 3rd February 2019 Tor

Privacy-preserving monitoring of an anonymity network Iain R. Learmonth 3rd February 2019 Tor Project whoami Iain R. Learmonth irl@torproject.org @irl@57n.org Tor Metrics Team Member Background in Internet Measurement Contributing to Tor

612 views • 35 slides
Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs

Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs

Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs Bryan Ford Stanford Yale ACM Workshop on Privacy in the Electronic Society 4 November 2013 New Anonymity Systems Have a

563 views • 27 slides
Enhancing Security and Privacy of Tors Ecosystem by using Trusted Execution Environments

Enhancing Security and Privacy of Tors Ecosystem by using Trusted Execution Environments

Enhancing Security and Privacy of Tors Ecosystem by using Trusted Execution Environments Seongmin Kim , Juhyeng Han, Jaehyeong Ha, Taesoo Kim *, Dongsu Han * 1 Tor anonymity network Tor: the most popular anonymity network for Internet

600 views • 36 slides
Privacy and Anonymity in Graph Data Michael Hay, Siddharth Srivastava, Philipp Weis May 2006

Privacy and Anonymity in Graph Data Michael Hay, Siddharth Srivastava, Philipp Weis May 2006

Introduction Experiments Model Techniques Privacy and Anonymity in Graph Data Michael Hay, Siddharth Srivastava, Philipp Weis May 2006 Michael Hay, Siddharth Srivastava, Philipp Weis Privacy and Anonymity in Graph Data Introduction

641 views • 36 slides

More recommend