Effectiveness of Blending Attacks on Mixes Meng Tang.

Slides:

Advertisements

Similar presentations

A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.

Advertisements

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

On Privacy and Anonymity in Knowledge Externalization Yuen-Yan Chan and Chi-Hong Leung The Chinese University of Hong Kong

Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Reusable Anonymous Return Channels

Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany.

1 Security Challenges of Location-Aware Mobile Business Emin Islam Tatlı, Dirk Stegemann Theoretical Computer Science, University of Mannheim February.

Privacy Protection In Grid Computing System Presented by Jiaying Shi.

1 A Distortion-based Metric for Location Privacy Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA - November 9, 2009 Reza Shokri.

Location-Aware Onion Routing Aaron Johnson U.S. Naval Research Laboratory IEEE Symposium on Security and Privacy May 19, 2015.

Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.

Anonymity Cs5090: Advanced Computer Networks, fall 2004 Department of Computer Science Michigan Tech University Byung Choi.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.

Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

Claudia Diaz (K.U.Leuven)1 Privacy and anonymity Claudia Diaz Katholieke Universiteit Leuven Dept. Electrical Engineering – ESAT/COSIC UPC Seminar, Barcelona,

A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, : Adv. Network Security.

Who am I? Mats Ohlin Swedish Defence Materiel Administration (FMV) IT Security area –International Standardisation: ISO/IEC JTC 1/SC 27/WG 3 (Security.

Traffic Analysis Prevention Chris Conger CIS6935 – Cryptographic Protocols 11/16/2004.

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.

Anonymity on the Internet Presented by Randy Unger.

Anonymous Communication -- a brief survey

R. Newman Anonymity - Background. Defining anonymity Defining anonymity Need for anonymity Need for anonymity Defining privacy Defining privacy Threats.

Mixminion: Design of a Type III Anonymous R er Protocol George Danezis Roger Dingledine Nick Mathewson Presented By Michael LeMay.

GameSec 2010 November 22, Berlin Mathias Humbert, Mohammad Hossein Manshaei, Julien Freudiger and Jean-Pierre Hubaux EPFL - Laboratory for Computer communications.

Lecture 13: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.

Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.

Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.

Effects of adding Arbitrary Physical Nodes to a Mobile Ad-Hoc Network Utilizing an Anonymity System By Ian Cavitt.

Anonymous Health Information Exchange (HIE) Transfer with Credibility Check against Fraud through Chaum Mixes and Crowds. By: Aaron Silcott.

The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.

Making the Neutral Traffic Matrix More Meaningful Joseph Choi.

Victor Farbman and Maxim Trosman Under guidance of Amichai Shulman.

Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing.

Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg.

Making the Neutral Traffic Matrix More Meaningful Joseph Choi.

Game Theoretic Model of Censorship Resistance Andrei Serjantov University of Cambridge Computer Laboratory.

ANONYMOUS STORAGE AND RETRIEVAL OF INFORMATION Olufemi Odegbile.

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Modified Onion Routing and its Proof of Concept By: Gyanranjan Hazarika.

Network Architectures and Services, Georg Carle Faculty of Informatics Technische Universität München, Germany Privacy-Implications of Performance-Based.

Systems Architecture Receiver Anonymity Matthias Füssel, Dennis Schneider June 5, 2007.

Anonymous Communication

Defending Against DDoS

Protocols for Anonymous Communication

Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017

The quieter you become, the more you are able to hear By: Ben Knapic

Reliable MIX Cascade Networks Through Reputation

Towards Measuring Anonymity

The University of Adelaide, School of Computer Science

Untraceable Electronic Mail, Return addresses, and Digital Pseudonyms

Defending Against DDoS

Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity and Identity Management – A Consolidated Proposal for Terminology Authors: Andreas.

An Introduction to Privacy and Anonymous Communication

0x1A Great Papers in Computer Security

Modern Anonymous Communications

Enhancing chaum mixes with randomness

Cost to defeat the N-1 Attack

Enhancing of chaum mixes with random probabilistic functions

Anonymous Communication

Modeling Entropy in Onion Routing Networks

Botnet Detection by Monitoring Group Activities in DNS Traffic

Anonymous Communication

Anonymity – Generalizing Mixes

Contributors: Connor McCoy

Presentation transcript:

Effectiveness of Blending Attacks on Mixes Meng Tang

Project Topics  Steps of a blending attack  Attack model  Attack effectiveness  Anonymity set size, chance of success, etc.  Factors affecting the attack  Ways to defend

blending attack  Block incoming traffic Mix good target

blending attack  Block incoming traffic  Flush legitimate messages Mix bad target good bad

blending attack  Block incoming traffic  Flush legitimate messages  Insert target message Mix bad target good bad

blending attack  Block incoming traffic  Flush legitimate messages  Insert target message  Flush target message Mix bad target good bad

blending attack  Pool flushing  Flush the memory of the mix  Target flushing  Flush the target message

From the attacker’s point of view…  What is important  Number of non-spurious messages left in mix  Determines anonymity set size  Mix batching strategy and parameter  Determines difficulty to flush a message, affects time consumption  What is irrelevant  Spurious messages  Purely for the purpose to flush a mix  Timed/threshold  Attacker can make a threshold (pool) mix behave like a timed (pool) mix

Transform a threshold pool mix into a timed pool mix  Threshold pool mix  Pool size: N (possibly 0)  Threshold: h  Attacker  Inserts spurious message at a constant rate f  Mix behaves like a timed pool mix  Pool size: N  T=h/f

Description of mixes

Attack on timed mix

Attack on timed pool mix

Attack on binomial mix

Simplifying assumption

Analysis – anonymity set size

Analysis – effectiveness evaluation

Analysis – message delay

Analysis – exact/certain attack

Example

Mixes that utilize dummy message

Example

Traffic overhead

references  [1] Andreas Pfitzmann, Michael Waidner, “Networks Without User Observability”, in Computers and Security, 1987, pp  [2] Brian N. Levine, Michael K. Reiter, Chenxi Wang, Matthew Wright, “Timing Attacks in Low-Latency Mix Systems”, in Financial Cryptography, 2004, pp  [3] Claudia Diaz, Andrei Serjantov, “Generalising Mixes”, in Privacy Enhacing Technologies  [4] David Chaum, “Untraceable electronic mail, return addresses, and digital pseudonyms”, in Communications of the ACM, 1981  [5] David M. Goldschlag, Michael G. Reed, Paul F. Syverson, “Hiding Routing Information”, in Proceedings of the First International Workshop on Information Hiding, 1996, pp  [6] George Danezis, “Designing and attacking anonymous communication systems”, (UCAM-CL-TR-594)  [7] Luke O'Connor, “On Blending Attacks For Mixes with Memory Extended Version”, in 7th International Workshop, 2005, pp  [8] Oliver Berthold, Andreas Pfitzmann, Ronny Standtke, “The disadvantages of free MIX routes and how to overcome them”, in Proceedings of Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability, pp  [9] Parvathinathan Venkitasubramaniam, Venkat Anantharam, “On the Anonymity of Chaum Mixes”, in Proceedings 2008 IEEE international symposium on information theory, 2008, pp  [10] Claudia Diaz, Bart Preneel, “Reasoning about the Anonymity Provided by Pool Mixes that Generate Dummy Traffic”, in Information Hiding: 6th International Workshop, 2004, pp  [11] George Danezis, Len Sassaman, “Heartbeat Traffic to Counter (n-1) attacks”, in Proceedings of the 2003 ACM workshop on Privacy in the electronic society, 2003, pp