Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Unbearable Futility of Data Privacy in Content-Centric Networking

Published byRosamond Hudson Modified over 6 years ago

Similar presentations

Presentation on theme: "The Unbearable Futility of Data Privacy in Content-Centric Networking"— Presentation transcript:

1 The Unbearable Futility of Data Privacy in Content-Centric Networking
Cesar Ghali, Gene Tsudik, Christopher A. Wood University of California Irvine ACM WPES 2016, to appear WPES 2016

2 Outline IP privacy recap CCN privacy recap What wrong? Can we fix it?
Should we fix it? WPES 2016

3 RESPONSE: <data>
IP Privacy Turns this… C S GET /a/b/c RESPONSE: <data> WPES 2016

4 RESPONSE: <data>
IP Privacy Into this… (with IPSec or TLS) secure channel C S GET /a/b/c RESPONSE: <data> What’s revealed? Source and destination addresses and port # Timing Packet sizes WPES 2016

5 Content: <data>
CCN Privacy Turns this… C P Interest: /a/b/c Content: <data> WPES 2016

6 Content: <data>
CCN Privacy Into this… C P Interest: /a/b/c Content: <data> encrypted content? What’s revealed? Consumer and producer locations Timing Packet sizes Interest name Producer identity Properties of the (application) data WPES 2016

7 CCN privacy < IP privacy
Privacy Parity CCN privacy < IP privacy What’s the “delta”? Interests for same content can be correlated Interest names reveal information about content Content carries explicit names + Location of content not (always) apparent BTW: Anonymity<>privacy Anonymity is out of scope here WPES 2016

8 Privacy Attacks Correlation: learn when two requests correspond to same content Identification: learn when specific content was requested Leakage: learn anything from a request or response WPES 2016

9 Adversaries Eavesdropper: a passive interceptor
On-path HbC: router that forwards interest and content packets Distributed: at least two on-path: one near producer, one near consumer Active & Scary: as above, also generates its own probes WPES 2016

10 Main Questions What properties must responses have to prevent privacy attacks? What about requests? What about both? WPES 2016

11 Weak & Strong Privacy Weak: Adv can not learn anything from a request or response, but can correlate packets Strong: Adv can not learn, identify, or correlate WPES 2016

12 Weak Privacy Requirements
Responses must be protected via IND-secure encryption Why? To prevent information leakage in the simplest of ways Requests must be transformed by a deterministic cryptographic PRF that is not length preserving Why? Length can be used to distinguish requests from one another and the “network” representation must appear random to Adv Why deterministic? How to route otherwise? Also: how to preserve the interest collapsing feature? WPES 2016

13 Hash Functions Are Not Enough
Source: Cisco URI dataset WPES 2016

14 Hash Functions Are Not Enough
Prefix leaks information about the suffix! WPES 2016

15 Design Patterns Shared Secret? Strategy
So… many consumers share the same secret? Shared Secret? Strategy Yes Consumer and producer: derive ephemeral shared key from secret, use it to encrypt request and response No Consumer: generate random key, encrypt request with producer’s public key Producer: decrypt random key, use it to encrypt response But what about caches? WPES 2016

16 Strong Privacy Requirement
Requests and responses must be protected with IND-CCA or semantically-secure encryption Why? To prevent correlation attacks Design Pattern Create a session (as in TLS) and use it to transfer requests and responses WPES 2016

17 Outcomes? Any realistic form of data privacy complicates CCN request-response m.o. It’s no longer a simple request-response! In most circumstances, privacy inhibits caching How important is caching in CCN? For proper data privacy, CCN would become not very different from IP+TLS So what are we doing here? WPES 2016

18 remain forever elusive
Open Question Will CCN privacy remain forever elusive or at least inferior to IPsec? WPES 2016

19 Questions? Thanks! WPES 2016

Download ppt "The Unbearable Futility of Data Privacy in Content-Centric Networking"

Similar presentations

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Protecting Cyber-TA Contributors: Risks and Challenges Vitaly Shmatikov The University of Texas at Austin.

Protecting Cyber-TA Contributors: Risks and Challenges Vitaly Shmatikov The University of Texas at Austin.
IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.

IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.

R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.
IPsec: IKE, Internet Key Exchange IPsec does not use Public Key Infrastructure and exchanging keys before an IPsec connection is established is a problem.

IPsec: IKE, Internet Key Exchange IPsec does not use Public Key Infrastructure and exchanging keys before an IPsec connection is established is a problem.
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
Presented By: Vasantha Lakshmi Gutha Graduate student (CS) Course: CENG 5931 University of Houston-Clear Lake Spring 2011.

Presented By: Vasantha Lakshmi Gutha Graduate student (CS) Course: CENG 5931 University of Houston-Clear Lake Spring 2011.
Anonymity on the Internet Presented by Randy Unger.

Anonymity on the Internet Presented by Randy Unger.
1 Network Security Lecture 8 IP Sec Waleed Ejaz

1 Network Security Lecture 8 IP Sec Waleed Ejaz
Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS 4362 - CIS 5357 Network Security.

Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS CIS 5357 Network Security.
Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.

Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.
Preserving Location Privacy in Wireless LANs Jiang, Wang and Hu MobiSys 2007 Presenter: Bibudh Lahiri.

Preserving Location Privacy in Wireless LANs Jiang, Wang and Hu MobiSys 2007 Presenter: Bibudh Lahiri.
Ahmed Osama Research Assistant. Presentation Outline Winc- Nile University- Privacy Preserving Over Network Coding 2  Introduction  Network coding 

Ahmed Osama Research Assistant. Presentation Outline Winc- Nile University- Privacy Preserving Over Network Coding 2  Introduction  Network coding 
Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.

Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.

Similar presentations

Ads by Google