Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, 2006 6392-017: Adv. Network Security.

Published byMervyn Johnston Modified over 9 years ago

Similar presentations

Presentation on theme: "A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, 2006 6392-017: Adv. Network Security."— Presentation transcript:

1 A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, 2006 6392-017: Adv. Network Security

2 Overview Act I: Hordes –Applying a tool elsewhere Act 2: The “Predecessor Attack” –How it works –Proof –Analysis –Simulation Act 3: (then) Future Directions

3 A New Application Brian Levine & Clay Shields –Multicast & Networking Properties of Multicast –many receivers –tree structure –subscription model Status is unknown to routers and hosts Bad for maintenance –efficient for streaming

4 One Issue w/ Crowds Crowds –Network costs are high –TCP over multiple hops is bad for streams I W R Z XY

5 Hordes Crowds 4 outgoing –(requests, ACKs) Multicast 4 incoming streams –Everyone joins multiple trees –Don’t know who’s on each tree –Don’t know who’s listening

6 Act I Lessons Understanding Prior Work –Find problems & try to solve them Apply New Tools –Rather, old tools, but new to the area

7 Act II: Another Issue w/ Crowds What does 5.3.2 say? What does it not say?

8 Adding New Members If paths are maintained indefinitely, any member joining the group would be immediately identifiable as the initiator. Because of this, group joins occur in batches (e.g., once every hour). Each time new members are allowed in, new paths are created for all members.

9 W B Z Intuitive notion of passive attacks A E Y X T D C A

10 Attacking Crowds Paths change Attacker sees session-identifying info –Responder’s IP address –Cookie, login name, specific content Z I R Y X A

11 Attacking Crowds Paths change Attacker sees session-identifying info –Responder’s IP address –Cookie, login name, specific content Z I R Y X A

12 Log the node before the attacker –n Crowds nodes Attacking Crowds I 123L … When in this position prob=1 that initiator is predecessor. When in any of these positions, prob=1/n for any node as predecessor. node count I 41 X18 Y24 Z17

13 Question What are the contributions of WALS02?

14 Attacking in General Attack applies to any protocol for anonymity, provided that: –Paths* of proxies change –Uniformly random selection of paths –There exists a position of attackers: see the initiator send messages in the session determine the session information

15 Goal: Quantify time required for attack to succeed Notation – n is the number of Crowds nodes – c is the number of attackers nodes (c < n ) Observations – Probability of selecting an attacker for a given position: (c / n ) Crowds Analysis n - nodes c - attackers

16 Crowds Analysis ABIXYZ …… T rounds (path reformations) 1/2 E(I) No. of times each node is seen by the attackers

17 Crowds Analysis Chernoff bounds –Q: How big does T have to be? –A: The attacker must be in the first position on the initiator’s path several times c/n chance n/c expectation –O(n/c log n) times to get a high probability (n-2)/n n - nodes c - attackers

18 Initiator-chosen paths −Instead of flipping a coin, the Initiator chooses the entire path and builds an onion. I  X  Y  Z  R −Layered encryption of data using the public key of each proxy in the path. Onion Routing (GRS96) data{R,data} Kz+ {Z,{R,data} Kz+ } Ky+ {Y,{Z,{R,data} Kz+ } Ky+ } Kx+ Sending the onion I  X: {Y,{Z,{R,data} Kz+ } Ky+ } Kx+ X  Y: {Z,{R,data} Kz+ } Ky+ Y  Z: {R,data} Kz+ Z  R: data

19 Onion Routing A1DeltaA2 3:12:203:12:30 3:12:373:12:47 3:12:493:12:59 I A1 R A2 X 17 ms 12 ms Y

20 Mix-Nets (Ch81+) Same as Onion Routing Added –Dummy messages –Batching –Message reordering Stops Timing attacks

21 Insufficient to have just one node Timing analysis allows two attackers to link I and R The exponent is intuitively related to the number of positions on the path needed to mark an entry. O( (n/c) 2 log n) path resets Attacking Onion Routing I A1 R A2 XY n - nodes c - attackers

22 Attacking Mix-Nets Mixing –Reordering messages –Dummy messages –Delay Stops timing attacks –O.R. attack no longer works –Need the entire path to trace the message To attack Mix-nets, if the path is L nodes long, then L attackers have to appear in sequence. –In each round, chances are (c/n) L. O( (n/c) L log n) path resets n - nodes c - attackers

23 Summary of Predecessor Attacks Attack effects all systems of anonymous communications. Apparent trade-off between performance and security. ProtocolRounds Crowds, Hordes O(n/c log n) Onion Routing O((n/c) 2 log n) Mix-Nets O((n/c) L log n) DC-Ring O(n log n) DC-Full Requires c=n-1 attackers n - nodes c - attackers

24 Act II Lessons Answer open questions –Is it efficient enough for X application? –What are the tradeoffs here? Generalize solutions (or attacks) –Where else does this apply? –Can it be modified to apply to a group? With what costs/issues?

25 Act III: The next step What did WALS02 leave unanswered?

26 Questions (II) Consequences for users? –You’re not secure forever How tight are these bounds? Are there defenses?

27 Assumptions that can be broken We assumed that all nodes are chosen for each spot on the path with equal probability –What if nodes are chosen with a bias?

Download ppt "A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, 2006 6392-017: Adv. Network Security."

Similar presentations

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Ranveer Chandra , Kenneth P. Birman Department of Computer Science

Ranveer Chandra , Kenneth P. Birman Department of Computer Science
MANETs Routing Dr. Raad S. Al-Qassas Department of Computer Science PSUT

MANETs Routing Dr. Raad S. Al-Qassas Department of Computer Science PSUT
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
Small-world Overlay P2P Network

Small-world Overlay P2P Network
Slicing the Onion: Anonymous Routing without PKI Saurabh Shrivastava CS 259

Slicing the Onion: Anonymous Routing without PKI Saurabh Shrivastava CS 259
ZIGZAG A Peer-to-Peer Architecture for Media Streaming By Duc A. Tran, Kien A. Hua and Tai T. Do Appear on “Journal On Selected Areas in Communications,

ZIGZAG A Peer-to-Peer Architecture for Media Streaming By Duc A. Tran, Kien A. Hua and Tai T. Do Appear on “Journal On Selected Areas in Communications,
1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:

1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:
15-441: Computer Networking Lecture 26: Networking Future.

15-441: Computer Networking Lecture 26: Networking Future.
Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Tirgul 8 Universal Hashing Remarks on Programming Exercise 1 Solution to question 2 in theoretical homework 2.

Tirgul 8 Universal Hashing Remarks on Programming Exercise 1 Solution to question 2 in theoretical homework 2.
Slide Set 15: IP Multicast. In this set What is multicasting ? Issues related to IP Multicast Section 4.4.

Slide Set 15: IP Multicast. In this set What is multicasting ? Issues related to IP Multicast Section 4.4.
Analysis of Onion Routing Presented in 294-4 by Jayanthkumar Kannan On 10/8/03.

Analysis of Onion Routing Presented in by Jayanthkumar Kannan On 10/8/03.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly Designed by Yao Zhao.

Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly Designed by Yao Zhao.
IPv6 Mobility David Bush. Correspondent Node Operation DEF: Correspondent node is any node that is trying to communicate with a mobile node. This node.

IPv6 Mobility David Bush. Correspondent Node Operation DEF: Correspondent node is any node that is trying to communicate with a mobile node. This node.
Self Organization and Energy Efficient TDMA MAC Protocol by Wake Up For Wireless Sensor Networks Zhihui Chen; Ashfaq Khokhar ECE/CS Dept., University of.

Self Organization and Energy Efficient TDMA MAC Protocol by Wake Up For Wireless Sensor Networks Zhihui Chen; Ashfaq Khokhar ECE/CS Dept., University of.
Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.

Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.

Similar presentations

Ads by Google