Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Quasi-Anonymous Channels Ira S. Moskowitz --- NRL Richard E. Newman --- UF Paul F. Syverson --- NRL Center for High Assurance Computer Systems Code 5540.

Published bySharlene Fletcher Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Quasi-Anonymous Channels Ira S. Moskowitz --- NRL Richard E. Newman --- UF Paul F. Syverson --- NRL Center for High Assurance Computer Systems Code 5540."— Presentation transcript:

1 1 Quasi-Anonymous Channels Ira S. Moskowitz --- NRL Richard E. Newman --- UF Paul F. Syverson --- NRL Center for High Assurance Computer Systems Code 5540 Naval Research Laboratory Washington, DC 20375 http://chacs.nrl.navy.mil http://chacs.nrl.navy.mil moskowitz@itd.nrl.navy.mil CNIS, Uniondale, NY Dec 2003

2 2 Anonymity Interest is in hiding who is sending what to whom. How does one measure anonymity? Is there perfect anonymity?

3 3 Covert Channels A communication channel that exists, contrary to system design, in a computer system or network Typically in the realm of MLS systems Classically measure threat by capacity

4 4 Quasi-Anonymous Channels Less than perfect anonymity = quasi-anonymity Quasi-anonymity allows covert channel = quasi-anonymous channel Quasi-anonymous channel is (1)Illegal communication channel in its own right (2)A way of measuring anonymity

5 5 BACKGROUND MIXes A MIX is a device intended to hide source/message/destination associations. A MIX can use crypto, delay, shuffling, padding, etc. to accomplish this. Others have studied ways to “beat the MIX” --active attacks to flush the MIX. --passive attacks may study probabilities. MIX may successfully hide what, but does it always hide who/whom?

6 6 Prior measures of anonymity AT&T Crowds-degree of anonymity, p foward message –Not MIX based Dresden: Anonymity (set of senders) Set size N, log(N) –Does not include observations by Eve Cambridge: effective size, assign probs to senders between – and log(N) –We show (later): maximal entropy (most noise) does not assure anonymity K.U. Leuven: normalize above We want something that measures before & after That is Shannon’s information theory

7 7 Our Scenario WPES 2003 MIX Firewalls separating 2 enclaves. Enclave 1 Enclave 2 Eve Alice & Clueless i Timed MIX, total flush per tick Eve: counts # message per tick – perfect sync, knows # Clueless i Clueless i are IID, p = probability that Clueless i does not send a message Alice is clueless w.r.t to Clueless i overt channel --- anonymous? covert channel MIX

8 8 NRL Covert Channel Analysis Lab John McDermott & Bruce Montrose Actual network set-up to exploit these quasi-anonymous channels First attempt: detect gross changes in traffic volume Future work may be a more fine-tuned detection of the mathematical channels discussed here

9 9 Toy Scenario – only Clueless 1 Alice can: not send a message (0), or send (0 c ) Only two input symbols to the (covert) channel What does Eve see? {0,1,2} 0 1 2 0 0c0c Alice Eve p p q q

10 10 Discrete Memoryless Channel 012 0pq0 0c0c 0pq XY anonymizing network X Y X is the random variable representing Alice, the transmitter to the cc X has a prob dist P(X=0) = x P(X=0 c ) = 1-x Y represents Eve prob dist derived from X and channel matrix

11 11 In general P(X = x i ) = p(x i ), similarly p(y k ) Entropy of X H(X) = – ∑ i p(x i )log[p(x i )] Conditional Entropy H(X|Y) = – ∑ k p(y k ) ∑ i p(x i |y k )log[p(x i |y k )] Mutual information I(X,Y) = H(X) – H(Y|X) = H(Y) – H(Y|X) (we use the latter) Capacity is the maximum over dist X of I For toy scenario C = max x { – ( pxlogpx +[qx+p(1–x)]log[qx+p(1–x)] +q(1–x)logq(1 – x) ) – h(p) } where h(p) = – { plogp + (1–p)log(1–p) }

12 12

13 13 General Scenario N Clueless i 0 1 N N+1 0 0c0c pNpN qNqN Np N-1 q Nq N-1 p qNqN pNpN......

14 14

15 15 Note Highest capacity when very low or very high clueless traffic Capacity (of p) bounded below by C(0.5) x=.5 thus even at maximal entropy, not anonymous Capacity monotonically decreases to 0 with N C(p) is a continuous function of p Alice’s optimal bias is function of p, and is always near 0.5

16 16 Comments 1.Lack of anonymity leads to comm. channel 2.Use this quasi-anonymous channel to measure the anonymity

17 17 Other MIX scenarios Exit only MIX firewall Instead of timed MIX could be: Threshold (Chaum) MIX, Pool MIX

18 18 Other quasi-anonymous channels Previous ex. was storage channel in a timed MIX Can also have timing channel (threshold MIX). Much more complicated: Threshold MIX, MIX flushes when K messages have arrived. If Alice is only sender, and can send message to MIX every t Symbols Alice can send noiselessly to Eve:Kt, Kt+1, Kt+2, … Other senders add noise, so capacity is less Desire a method of taking timing control away from Alice, without hurting performance Capacity is not always the correct measure--- might want just mutual info, or number of bits passed

19 19 When is capacity not good? COMPASS’94 Shannon’s alternate def of capacity for noiseless channel C = lim n→  sup { [ log |S n | ] / n } bits per t 1 bit, 1 tby the M th transmission 1 bit, 2tthere are 2 M different symbols 1 bit, 4 ttotal time = 1+2+4 + … 2 M-1 1 bit, 8 tso n = 2 M -1, S n = 2 M etc.C = lim M→  { M / (2 M -1) } = 0

20 20 NRL Pump 1993 Kang & Moskowitz –secure message passing from a Low user/process to a High user/process, while maximizing system performance and minimizing the covert channel capacity Pump (buffer) messages ACKs Statistically Modulated ACKs LOW SIDE LAN HIGH SIDE LAN

21 21 Use Pump theory for MIX Pump MIX Pump MIX would keep history of senders Can delay certain messages to keep a sender from manipulating flush time-would also give a fairness criterion

22 22 Conclusions Have illustrated how supposedly anonymous communication may leak info. through a quasi-anonymous channel Dual use to also measure anonymity Illustrated various anonymity architectures and possible quasi-anonymous solutions We are working on solution with Pump-type approach

Download ppt "1 Quasi-Anonymous Channels Ira S. Moskowitz --- NRL Richard E. Newman --- UF Paul F. Syverson --- NRL Center for High Assurance Computer Systems Code 5540."

Similar presentations

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.
Gillat Kol (IAS) joint work with Ran Raz (Weizmann + IAS) Interactive Channel Capacity.

Gillat Kol (IAS) joint work with Ran Raz (Weizmann + IAS) Interactive Channel Capacity.
CSC 350 - Dr. Gary Locklair Exam #4 … CSC 350 - Dr. Gary Locklair update date on slides 5, 6, 7.

CSC Dr. Gary Locklair Exam #4 … CSC Dr. Gary Locklair update date on slides 5, 6, 7.
Western Michigan University Covert Timing Channels Omar Darwish Instructor: Professor Elise de Doncker.

Western Michigan University Covert Timing Channels Omar Darwish Instructor: Professor Elise de Doncker.
Lab 2 COMMUNICATION TECHNOLOGY II. Capacity of a System The bit rate of a system increases with an increase in the number of signal levels we use to denote.

Lab 2 COMMUNICATION TECHNOLOGY II. Capacity of a System The bit rate of a system increases with an increase in the number of signal levels we use to denote.
Chapter 6 Information Theory

Chapter 6 Information Theory
Poorvi Vora/CTO/IPG/HP 01/03 1 The channel coding theorem and the security of binary randomization Poorvi Vora Hewlett-Packard Co.

Poorvi Vora/CTO/IPG/HP 01/03 1 The channel coding theorem and the security of binary randomization Poorvi Vora Hewlett-Packard Co.
ENGS4 2004 Lecture 8 ENGS 4 - Lecture 8 Technology of Cyberspace Winter 2004 Thayer School of Engineering Dartmouth College Instructor: George Cybenko,

ENGS Lecture 8 ENGS 4 - Lecture 8 Technology of Cyberspace Winter 2004 Thayer School of Engineering Dartmouth College Instructor: George Cybenko,
Mutual Information Mathematical Biology Seminar 23.5.2005.

Mutual Information Mathematical Biology Seminar
Fundamental limits in Information Theory Chapter 10 :

Fundamental limits in Information Theory Chapter 10 :
1 Chapter 5 A Measure of Information. 2 Outline 5.1 Axioms for the uncertainty measure 5.2 Two Interpretations of the uncertainty function 5.3 Properties.

1 Chapter 5 A Measure of Information. 2 Outline 5.1 Axioms for the uncertainty measure 5.2 Two Interpretations of the uncertainty function 5.3 Properties.
Lecture 2: Basic Information Theory Thinh Nguyen Oregon State University.

Lecture 2: Basic Information Theory Thinh Nguyen Oregon State University.
X= {x 0, x 1,….,x J-1 } Y= {y 0, y 1, ….,y K-1 } Channel Finite set of input (X= {x 0, x 1,….,x J-1 }), and output (Y= {y 0, y 1,….,y K-1 }) alphabet.

X= {x 0, x 1,….,x J-1 } Y= {y 0, y 1, ….,y K-1 } Channel Finite set of input (X= {x 0, x 1,….,x J-1 }), and output (Y= {y 0, y 1,….,y K-1 }) alphabet.
Recognition stimulus input Observer (information transmission channel) response Response: which category the stimulus belongs to ? What is the “information.

Recognition stimulus input Observer (information transmission channel) response Response: which category the stimulus belongs to ? What is the “information.
1 Statistical NLP: Lecture 5 Mathematical Foundations II: Information Theory.

1 Statistical NLP: Lecture 5 Mathematical Foundations II: Information Theory.
If we measured a distribution P, what is the tree- dependent distribution P t that best approximates P? Search Space: All possible trees Goal: From all.

If we measured a distribution P, what is the tree- dependent distribution P t that best approximates P? Search Space: All possible trees Goal: From all.
Basic Concepts in Information Theory

Basic Concepts in Information Theory
§1 Entropy and mutual information

§1 Entropy and mutual information
STATISTIC & INFORMATION THEORY (CSNB134)

STATISTIC & INFORMATION THEORY (CSNB134)
2. Mathematical Foundations

2. Mathematical Foundations

Similar presentations

Ads by Google