Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University.

Published byPercival Curtis Modified over 9 years ago

Similar presentations

Presentation on theme: "Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University."— Presentation transcript:

1 Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University

2 Need for Anonymity Nofunistan Meet Tuesday at 7 PM in the park for pizza and beer! Hahaha! Got you! No fun for you!!!

3 Need for Anonymity Funland Meet Tuesday at 7 PM in the park for pizza and beer! Nofunistan

4 Need for Anonymity

5 Hahaha! Got you! No fun for you!!! Funland Meet Tuesday at 7 PM in the park for pizza and beer! Nofunistan

6 Need for Anonymity They Know What You're Shopping For 'You're looking at the premium package, right?' Companies today are increasingly tying people's real-life identities to their online browsing habits.

7 Anonymity in Action Funland Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer You win this time! Nofunistan

8 Attacks Against Anonymity

9 The Intersection Attack Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer X X X X X

10 The Intersection Attack Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer X X X X X X X X X X Meet Friday at 7 PM in the park for pizza and beer! U

11 The Intersection Attack Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer X X X X X X X X X X Meet Friday at 7 PM in the park for pizza and beer! X X X X X X X Meet Monday at 7 PM in the park for pizza and beer! But I got you this time! = UU

12 Buddies Overview Buddies Goal: Prevent intersection attacks given a global, active adversary

13 Buddies Overview Buddies Goal: Prevent intersection attacks given a global, active adversary Insight: Indistinguishable behavior among a k-set of users or “buddies” – a buddy set

14 Buddies Overview Buddies Goal: Prevent intersection attacks given a global, active adversary Insight: Indistinguishable behavior among a k-set of users or “buddies” – a buddy set Similar concept to k-anonymity Our contributions First design to resist intersection attacks in practical anonymity system Two metrics to measure anonymity: possinymity and indinymity Implemented in Dissent

15 Organization Motivation The Buddies Insight Buddies Design Buddies in Practice Conclusions

16 Possinymity Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer X X X X X X X X X No message, no change in status Message, change in status Too few users, no message No protection from statistical disclosure I’ll get you yet! Possinymity is the set of users who possibly own a pseudonym!

17 Limitations of Possinymity

18 Statistical Disclosure Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer Meet Friday at 7 PM in the park for pizza and beer! Meet Monday at 7 PM in the park for pizza and beer! No message, no change in status Message, change in status Too few users, no message No protection from statistical disclosure One week later…A few moments later… Ahh… I think it’s you!

19 Example Statistical Disclosure Adversary Not very anonymous Seems anonymous Measured possinymity Effective anonymity

20 A Greater Challenge Possinymity provides plausible deniability May be sufficient as a legal defense May be insufficient in Nofunistan Conclusion: Anonymity sets alone are not sufficient for buddies Next step: Indistinguishability!

21 Indinymity Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer Meet Friday at 7 PM in the park for pizza and beer! Meet Monday at 7 PM in the park for pizza and beer! One member goes offline, others follow – buddy set All buddies in a set must be online for any to post One week later…A few moments later… I have my doubts…

22 Organization Motivation The Buddies Insight Buddies Design Buddies in Practice Conclusions

23 Buddies Bird’s Eye View Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer Meet Friday at 7 PM in the park for pizza and beer! Meet Monday at 7 PM in the park for pizza and beer! Knows online state of all members Implements a global passive adversary Filters online buddies in sets with offline users Policy Oracle

24 Buddies Design Summary

25 Putting It Together Anonymizer Registration – Attempt to be Sybil resistant Pseudonyms Linkable communication from a single user Distributed independently

26 Putting It Together Anonymizer Scheduling – Anonymizer announces which pseudonym(s) will post

27 Putting It Together Anonymizer Scheduling – Anonymizer announces which pseudonym(s) will post

28 Putting It Together Anonymizer Users post a ciphertext for each pseudonym Pseudonym Owner posts nothing or a real message Others post cover traffic User ciphertexts Pseudonyms

29 Putting It Together Policy Oracle Anonymizer User ciphertexts Anonymizer shares online state with Policy Oracle Policy Oracle tells Anonymizer which members’ ciphertext to ignore on a per-pseudonym basis Pseudonyms

30 Putting It Together Policy Oracle Anonymizer User ciphertexts Anonymizer reveals cleartext from remaining posts Not every scheduled pseudonym posts Owner may be offline, filtered, or have nothing to say Pseudonyms I like fish sticks! All hail Boring Bob! Meet Monday at 7 PM in the park for pizza and beer!

31 Policy Oracle – Challenges Forming buddy sets Before we start? When a user goes offline After a user has been offline for a while Organizing buddy sets By user sign-on time User historical online / offline time Random Setting buddy set size

32 Static Buddy Sets 111122223333 Static policies assign buddy sets before first transmission (T0) Unable to adjust to unpredictable nature of users … Time User Ciphertexts 111122223333 Owner T0 T1 T2 Cleartext output 111122223333 111122223333 Ti

33 Dynamic Buddy Sets 111111111111 Dynamic policy places all buddies into a single set Makes sets as client behavior changes Able to provide better utility as an owner is more likely to be kept online … Time User Ciphertexts 111221112111 Owner T0 T1 T2 Cleartext output 311221112112 333223112112 Ti 111221112112 333223112112

34 Organization Motivation The Buddies Insight Buddies Design Buddies in Practice Conclusions

35 Buddies in Practice Anonymizer – Dissent Scalable Group Anonymous Communication Dissent – Corrigan-Gibbs CCS’10 Scalable Dissent – Wolinsky OSDI’12 Policy Oracle Simulator – Python Extension to Dissent – C++

36 Experimental Dataset Unreliable users Reliable Users Dataset info: EFnet IRC #football channel 1 Month continuous monitoring 1207 total users, 300 users online most of the time sorted by online time

37 Buddy set size Maintains decent anonymity Indinymity in Practice

38 Good anonymity Great anonymity Poor anonymity

39 Indinymity in Practice Nearly perfect Not so useful Decent

40 Organization Motivation The Buddies Insight Buddies Design Buddies in Practice Conclusions

41 Related Work K-Anonymity in Mix-Nets – Hopper ’06 K-Anonymity for cover traffic in Tarzan – Freedman ‘02 K-Anonymity for cover traffic in Aqua – Le Blond ‘13 Anonym-O-Meter in Java Anonymous Proxy (JAP) Buddies provides users control over intersection attacks through availability / anonymity trade-offs

42 Conclusions Buddies can resist the intersection attack! Two new metrics for measuring anonymity Implemented in Dissent Research into different buddy set policies necessary: A short-term policy for quick, efficient web browsing A long-term policy for short, infrequent posts Optimizing usability and anonymity oppose each other

43 Thanks, questions? Find out more at http://dedis.cs.yale.edu/dissent http://dedis.cs.yale.edu/dissent

44 Adversary

45 Creating Nyms Each user provides a public key Anonymizer re-encrypts keys and publishes User produces re-encrypted private key Anonymizer produces a nym (key-pair), randomly selects a re-encrypted key, encrypts the private key and distributes the key-pair Owner can decrypt and claim, anonymously

46 The Anonymizer Expectations Resistant traffic analysis and timing attacks Anytrust – protocol runs across a set of servers, a user need only trust that one server is honest without knowing which one Not Tor – not resistant to traffic analysis / timing attacks MIXes – Yes, if users transmit empty messages DC-nets / Dissent – YES!

47 NofunistanFunland Anonymizer

48 Anonymity in Action NofunistanFunland Meet Tuesday at 7 PM in the park for pizza and beer! Anonymizer You win this time!

Download ppt "Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University."

Similar presentations

Cipher Techniques to Protect Anonymized Mobility Traces from Privacy Attacks Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip and Nageswara S. V. Rao.

Cipher Techniques to Protect Anonymized Mobility Traces from Privacy Attacks Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip and Nageswara S. V. Rao.
Conscript Your Friends into Larger Anonymity Sets with JavaScript ACM Workshop on Privacy in the Electronic Society 4 November 2013 Henry Corrigan-Gibbs.

Conscript Your Friends into Larger Anonymity Sets with JavaScript ACM Workshop on Privacy in the Electronic Society 4 November 2013 Henry Corrigan-Gibbs.
Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *

Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *
Scalable Anonymous Group Communication in the Anytrust Model David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University,

Scalable Anonymous Group Communication in the Anytrust Model David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University,
Dissent in Numbers: Making Strong Anonymity Scale David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University, 2 US Naval.

Dissent in Numbers: Making Strong Anonymity Scale David Wolinsky 1, Henry Corrigan-Gibbs 1, Bryan Ford 1, and Aaron Johnson 2 1 Yale University, 2 US Naval.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
 Cyber Ecosystem & Data Security Subhro Kar CSCE 824, Spring 2013 University of South Carolina, Columbia.

 Cyber Ecosystem & Data Security Subhro Kar CSCE 824, Spring 2013 University of South Carolina, Columbia.
Authors Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, Abraham Flaxman Presented by: Jonathan di Costanzo & Muhammad Atif Qureshi 1.

Authors Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, Abraham Flaxman Presented by: Jonathan di Costanzo & Muhammad Atif Qureshi 1.
Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Visualizing Privacy II.

Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Visualizing Privacy II.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis.

Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis.
Reusable Anonymous Return Channels

Reusable Anonymous Return Channels
Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch

Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:

1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:
Explorations in Anonymous Communication Andrew Bortz with Luis von Ahn Nick Hopper Aladdin Center, Carnegie Mellon University, 8/19/2003.

Explorations in Anonymous Communication Andrew Bortz with Luis von Ahn Nick Hopper Aladdin Center, Carnegie Mellon University, 8/19/2003.
Parallel Mixing Philippe Golle, PARC Ari Juels, RSA Labs.

Parallel Mixing Philippe Golle, PARC Ari Juels, RSA Labs.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

Similar presentations

Ads by Google