Anonymity on the Internet Presented by Randy Unger.

Slides:

Advertisements

Similar presentations

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Advertisements

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.

Confidentiality using Symmetric Encryption traditionally symmetric encryption is used to provide message confidentiality consider typical scenario –workstations.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.

I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.

Analysis of Onion Routing Presented in by Jayanthkumar Kannan On 10/8/03.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.

1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

Anonymity Cs5090: Advanced Computer Networks, fall 2004 Department of Computer Science Michigan Tech University Byung Choi.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

Switching Techniques Student: Blidaru Catalina Elena.

Freenet: A Distributed Anonymous Information Storage and Retrieval System Presentation by Theodore Mao CS294-4: Peer-to-peer Systems August 27, 2003.

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Presentation Title Subtitle Author Copyright © 2002 OPNET Technologies, Inc. TM Introduction to IP and Routing.

Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment Peter Scott Based on paper by S. E. Schechter, R. A. Greenstadt,

Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.

SOS: Security Overlay Service Angelos D. Keromytis, Vishal Misra, Daniel Rubenstein- Columbia University ACM SIGCOMM 2002 CONFERENCE, PITTSBURGH PA, AUG.

PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.

Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.

Anonymity – Crowds R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.

Computer Networks with Internet Technology William Stallings

R. Newman Anonymity - Background. Defining anonymity Defining anonymity Need for anonymity Need for anonymity Defining privacy Defining privacy Threats.

1 Countering DoS Through Filtering Omar Bashir Communications Enabling Technologies

V0.0CPSC415 Biometrics and Cryptography1 Placement of Encryption Function Lecture 3.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 4 Switching Concepts.

1 SOS: Secure Overlay Services A. D. Keromytis V. Misra D. Runbenstein Columbia University.

Pertemuan #9 Security in Practice Kuliah Pengaman Jaringan.

Lecture 13: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.

Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.

6° of Darkness or Using Webs of Trust to Solve the Problem of Global Indexes.

Crowds: Anonymity for Web Transactions Michael Reiter and Avi Rubin 1998.

Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing.

Presentation for CDA6938 Network Security, Spring 2006 Timing Analysis of Keystrokes and Timing Attacks on SSH Authors: Dawn Xiaodong Song, David Wagner,

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Comparison of Network Attacks COSC 356 Kyler Rhoades.

Anonymous Internet Protocols

Anonymous Communication

CONTRA Camouflage of Network Traffic to Resist Attack (Intrusion Tolerance Using Masking, Redundancy and Dispersion) DARPA OASIS PI Meeting – Hilton Head.

Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017

CHAPTER 3 Architectures for Distributed Systems

Introduction to Computers

Switching Techniques In large networks there might be multiple paths linking sender and receiver. Information may be switched as it travels through various.

CS 457 – Lecture 12 Routing Spring 2012.

0x1A Great Papers in Computer Security

Mobile ad hoc networking: imperatives and challenges

Free-route Mixes vs. Cascades

Presentation by Theodore Mao CS294-4: Peer-to-peer Systems

Timing Analysis of Keystrokes And Timing Attacks on SSH

Anonymous Communication

Anonymous Communication

Increasing Anonymity via Dummy Jondos in a Crowd

Anonymity – Generalizing Mixes

Presentation transcript:

Anonymity on the Internet Presented by Randy Unger

Types of Anonymity Pseudonymity – Susceptible to subpoenas Sender – Receiver / observer can’t identify sender Receiver – Observer can’t identify receiver Sender-receiver – Observer can’t identify that communication has been sent

Uses of Anonymity Positive Free speech for political claims as well as non-political comments engage in whistle-blowing conduct commercial transactions freedom from detection, retribution, and embarrassment New York Times Co. vs. Sullivan, 1964 "an author's decision to remain anonymous...is an aspect of the freedom of speech protected by the First Amendment"

Uses of Anonymity Negative Spam DoS - Illegal activity – anonymous bribery, copyright infringement, harassment, financial scams, disclosure of trade secrets

Assumptions Weak attacker – Eavesdrops on first and last hop – Can introduce messages here Strong attacker – Eavesdrops on all links – Can introduce messages anywhere Attacker has finite time, computing power Multiple users

Types of Attackers Local eavesdropper – Observes inbound and outbound messages on user’s computer Administrator – Operator or group of operators of anonymizing systems attempting to foil their own system Remote attack – Observation at the remote end by eavesdropper or attack by the remote host

Attacks Timing Attack, Volume Attack – Watches shape of traffic instead of content Flooding Attack – With batch size n, attacker sends n-1 messages Usage Pattern Attack – Consistent usage patterns leads to predictability

Levels of Anonymity Absolute Privacy Beyond Suspicion Probable Innocence Possible Innocence ExposedProvably Exposed Beyond Suspicion Attacker can see evidence of a sent message, but the sender appears no more likely to be the originator than any other potential sender in the system Probable Innocence The sender is more likely the originator than any other potential sender, but there is equal likelihood the sender is not the originator Possible Innocence The sender appears more likely to be the originator than to not be the originator, but there’s still a non-trivial probability that the originator is someone else

Capabilities Latency, Bandwidth, Anonymity – Pick 2 Human element – Repetitive usage patterns make attacks easier – Pizza effect

Proxy Anonymizers Use trusted centralized servers Anonymous r ers - Helsingius Anonymizer.com Hides IP address - NAT Users not anonymous to proxy server Susceptible to traffic analysis

Mixes Source routing chosen by user Shuffles order of packets Mix cascade consists of several mixes under separate operators Encrypted for each mix in the path Processes packets in batches Used to counter traffic analysis

Mixes A1, C1(A3, C3(A2, C2(S, M, r2), r3), r1) A3, C3(A2, C2(S, M, r2), r3) A2, C2(S, M, r2) S, M Mix 1 Mix 4 Mix 3 Mix Ai = Next Hop Address Ci = Message encrypted with public key of Mix i S = Destination Host address M = Original message

Mixes Fine for non real-time ( ) Not sufficient for VoIP, video, web Mix waits to accumulate inputs to process as a batch (especially slow for low traffic)

Enhancements Messages all the same length Buffers messages until several can be sent at once Dummy messages inserted – Between mixes – Between mixes and user Balance end to end throughput with anonymity – Duration to wait for mixes to accumulate traffic – Percentage of dummy traffic

P5P5 Decentralized – Harder to attack Allows choice of tradeoff between anonymity / throughput Encrypted with public key of each node in route Nodes change packet order Fixed message size Users have broadcast map and route map Noise packets counter statistical traffic analysis

User A User B User A can send an anonymous message to User B via group */0, 1/1, 111/3, etc User A can route messages between 00/2 and 01/2 Broadcast hierarchy independent of network topology 01/2 is a subset of */0 – more efficient but less anonymous Hash of User’s public key provides choice of groups.

P5P5 Within a channel, P 5 functions as a mix cascade Between channels, P 5 provides greater anonymity per bandwidth – For 8192 users, 1.5 Mbps provides 200Kbps with 40% loss Resistant to Timing/Volume and DoS attacks Susceptible to Flood Attack (Mob Attack) – User’s channel is flooded, prompting him to reveal more of his mask to gain efficiency, thereby reducing his anonymity

Conclusion Costly to be anonymous – Tradeoff with throughput Can not be completely anonymous anyway – No protection from monitoring usage patterns Aside from this, practical anonymity can be achieved