Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.

Slides:



Advertisements
Similar presentations
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Advertisements

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
A Survey of Key Management for Secure Group Communications Celia Li.
Secure Multiparty Computations on Bitcoin
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
6/3/2015topic1 Web Security Qiang Yang Simon Fraser University Thanks: Francis Lau (HKU)
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.
Anonymity on the Web: Onion routing and Crowds. 2 Outline  the problem of user privacy  basic concepts of anonymous communication  MIXes  Onion routing.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.
Privacy and Anonymity CS432 - Security in Computing Copyright © 2005, 2006 by Scott Orr and the Trustees of Indiana University.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.
Anonymity on the Internet Presented by Randy Unger.
Anonymous Communication -- a brief survey
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Security protocols and their verification Mark Ryan University of Birmingham Midlands Graduate School University of Birmingham April 2005 Steve Kremer.
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Anonymity – Crowds R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.
Lecture 14: Anonymity on the Web (cont) Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.
Using Cryptography for Network Security Common problems: –Authentication - A and B want to prove their identities to one another –Key-distribution - A.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Lecture 13 Page 1 Advanced Network Security Authentication and Authorization in Local Networks Advanced Network Security Peter Reiher August, 2014.
Presented by: Suparita Parakarn Kinzang Wangdi Research Report Presentation Computer Network Security.
Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?
Protocols for public-key management. Key management –two problems Distribution of public keys (for public- key cryptography) Distribution of secret keys.
Anonymity on Web Transaction Department of Computer Science Ball State University Research Methods - CS 689 Uday Adhikari 7 th Dec
COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.
Lecture 13: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.
Crowds: Anonymity for Web Transactions Michael Reiter and Avi Rubin 1998.
Increasing Anonymity in Crowds via Dummy Jondos By: Benjamin Winninger.
Ways to reduce the risks of Crowds and further study of web anonymity By: Manasi N Pradhan.
The Silk Road: An Online Marketplace
Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.
1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Netprog: Chat1 Chat Issues and Ideas for Service Design Refs: RFC 1459 (IRC)
1 Anonymous Communications CSE 5473: Network Security Lecture due to Prof. Dong Xuan Some material from Prof. Joan Feigenbaum.
1 SUBMITTED BY- PATEL KUMAR C.S.E(8 th - sem). SUBMITTED TO- Mr. DESHRAJ AHIRWAR.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
Anonymous Communication
Safety in Numbers: Crowds
Chat Refs: RFC 1459 (IRC).
Anonymous Communication
Anonymity (Privacy) Suppose you are surfing the Web.
Computer Security By: Muhammed Anwar.
Anonymous Communication
Increasing Anonymity via Dummy Jondos in a Crowd
Presentation transcript:

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity for Web Transactions Michael K. Reiter and Aviel D. Rubin AT&T Labs Research

How safe is web browsing? Web surfing is exposed to many types of monitoring and tracking, many of which may be undesirable Web surfing is exposed to many types of monitoring and tracking, many of which may be undesirable SSL and existing technologies do not address these issues SSL and existing technologies do not address these issues What can we do to prevent this sort of monitoring? What can we do to prevent this sort of monitoring?

Crowds Crowds seeks to obscure the actions of the individual within those of a group, by randomly forwarding requests from members between each other before sending them to their final destination. This gives us deniability!

Conceptually, is this a good solution? That really all depends… Joining a group makes you a co- conspirator Joining a group makes you a co- conspirator You could be held accountable for fulfilling someone else’s request You could be held accountable for fulfilling someone else’s request Crowds can be undermined by some types of content (which are becoming progressively more common) Crowds can be undermined by some types of content (which are becoming progressively more common)

Overview Each user is represented by a Jondo. Each user is represented by a Jondo. Jondos contact a blender to join a crowd. Jondos contact a blender to join a crowd. At the first request for a web page the users Jondo contacts another Jondo at random to begin constructing a path. At the first request for a web page the users Jondo contacts another Jondo at random to begin constructing a path. Each path has a path key, meaning encryption of requested content is only preformed at the end points of the jondo chain. Each path has a path key, meaning encryption of requested content is only preformed at the end points of the jondo chain.

Jondos Each jondo maintains a list of other active jondos Each jondo maintains a list of other active jondos Each jondo has a shared key which is known to all other jondos (by way of the blender) to allow for secure communication between jondos. Each jondo has a shared key which is known to all other jondos (by way of the blender) to allow for secure communication between jondos. Jondos perform limited page processing both to prevent certain attacks and remove dangerous content. Jondos perform limited page processing both to prevent certain attacks and remove dangerous content.

Blenders Authenticate jondos Authenticate jondos Maintain a list of active jondos and their shared keys Maintain a list of active jondos and their shared keys Schedule “join-commit” events Schedule “join-commit” events Blender failure will not entirely compromise the crowd, or disrupt communication between existing members. Blender failure will not entirely compromise the crowd, or disrupt communication between existing members.

Improves on Related Research… Anonymizer & LPWA (Proxies) Anonymizer & LPWA (Proxies) Mixnets Mixnets

Analysis Anonymity (Security), Performance & Scalability

General types of Anonymity Sender Anonymity Sender Anonymity Receiver Anonymity Receiver Anonymity Unlinkability of Sender and Reciver Unlinkability of Sender and Reciver To this the authors add: Degree of Anonymity Degree of Anonymity

Degrees of Anonymity Absolutely Privacy Absolutely Privacy Beyond Suspicion Beyond Suspicion Probable Innocence Probable Innocence Possible Innocence Possible Innocence Provably Exposed Provably Exposed Crowds Most Web Browsers

Attackers and Crowds Safety Attackers: Local Eavesdroppers Local Eavesdroppers End Servers End Servers Collaborating crowd members Collaborating crowd members

Local Eavesdropper Request initiation is obvious, however the destination is obscured. Request initiation is obvious, however the destination is obscured. This is only compromised in the event that the user is unlucky and is at the end of his particular chain This is only compromised in the event that the user is unlucky and is at the end of his particular chain The above event is unlikely as the probability is inversely proportional to crowd size. The above event is unlikely as the probability is inversely proportional to crowd size.

End Servers Because of the nature of the crowd and the manner in which messages are passed between members it is equally likely that any member initiated the request. Because of the nature of the crowd and the manner in which messages are passed between members it is equally likely that any member initiated the request.

Collaborating Jondos The goal of collaborating jondos is to determine the path back to the initiator of the request The goal of collaborating jondos is to determine the path back to the initiator of the request Assuming pF is > ½, n is the number of crowd members, c is the number of collaborators we have: Assuming pF is > ½, n is the number of crowd members, c is the number of collaborators we have: Which means that the path initiator has probable innocence

Timing Attacks These attacks arise out of the nature of web content, as an HTML page is parsed additional requests are generated from links on the page (images, jscript, etc). These attacks arise out of the nature of web content, as an HTML page is parsed additional requests are generated from links on the page (images, jscript, etc). By timing the gap between a page request and the subsequent requests of its linked content a corrupt jondo on the path can attempt to deduce the position of the initiator By timing the gap between a page request and the subsequent requests of its linked content a corrupt jondo on the path can attempt to deduce the position of the initiator This is avoided by the mechanism mentioned earlier. This is avoided by the mechanism mentioned earlier.

Path Reasoning Static vs. Dynamic Static vs. Dynamic Dynamic changes increase the odds of a collaborator being on your path Dynamic changes increase the odds of a collaborator being on your path A path will only be altered at a “join- commit” or because a node sends a “fail stop” A path will only be altered at a “join- commit” or because a node sends a “fail stop” A malicious jondo(s) executing a “fail stop” will not compromise the initiator A malicious jondo(s) executing a “fail stop” will not compromise the initiator

Crowd Control The blender should have limits on the number of jondos allowed to associated with a single username/IP The blender should have limits on the number of jondos allowed to associated with a single username/IP Two types of crowds should exist, large public crowds, and smaller personal crowds Two types of crowds should exist, large public crowds, and smaller personal crowds

Performance

Performance, cont’d

Performance Implications Paths are relatively fixed, hence slow links on a path can dramatically impact performance. Paths are relatively fixed, hence slow links on a path can dramatically impact performance. Path length, and therefore pF also factor heavily into the performance. Path length, and therefore pF also factor heavily into the performance.

Scale The upper bound on the number of times a jondo appears on a given path is O { 1/(1-pF)^2 [ 1 + (1 + (1/n)) ] } The upper bound on the number of times a jondo appears on a given path is O { 1/(1-pF)^2 [ 1 + (1 + (1/n)) ] } As a consequence of this result the load on any given jondo will remain constant as the number of crowd members increases As a consequence of this result the load on any given jondo will remain constant as the number of crowd members increases Throughput on the network increases as the number of crowd members increases Throughput on the network increases as the number of crowd members increases

Other Concerns Firewalls pose a special concern for Crowds users as they prevent jondos outside the wall from forming paths involving jondos within the wall. While a jondo inside a wall can create a path involving those outside his security is seriously compromised.

Questions? To clarify the “Wide Mouth Frog” protocol is also known as the “Otway- Rees Protocol” When Alice wants to talk to Bob she asks Troy, the trusted third party, to assist in the key exchange. The process is as follows: A - Identity or location of Alice B - Identity or location of Bob Ka - Key shared between Troy and Alice Kb - Key shared between Troy and Bob Sab - Secret shared between Alice and Bob for session communication Exchange: Alice -> Troy {B,Sab}Ka Troy -> Bob {A,Sab}Kb In this manner Alice uses Troy to securely share a secret with Bob.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.