Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing.

Published byLetitia Long Modified over 9 years ago

Similar presentations

Presentation on theme: "Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing."— Presentation transcript:

1 Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing Technologies Workshop 2003

2 Mix networks with restricted routes PET 2003 Summary ● 'Brief' introduction to mixes and mix networks – Basic building blocks and networks ● Abstracting mix networks as mixes – Assessing the anonymity they provide ● Properties – Resistance to traffic analysis, volumes of traffic... ● What about restricted routes?

3 Mix networks with restricted routes PET 2003 Basic building block: The MIX ● Hiding correspondence between inputs and outputs. ● An adversary's view: bitwise unlinkability + mixing Mix node Inputs Outputs Mix node Inputs Outputs

4 Mix networks with restricted routes PET 2003 Distributing trust: Cascade ● If the mix is corrupt then there is no anonymity. ● Solution cascade of mixes (Berthold): ● If one mix is honest then we still have maximal anonymity. ● But: Latency is increased. Inputs Outputs Mix 1 Mix 2Mix 3 Mix 4

5 Mix networks with restricted routes PET 2003 Distributing load: Mix Networks ● To decrease the latency, and distribute the load while still distributing trust. (Chaum) ● Original design: all mixes can talk to all others. ● Client needs to choose a route through the network. (sub-optimal anonymity)

6 Mix networks with restricted routes PET 2003 Mix network with restricted routes ● For some reason mixes can only talk to a few neighbors (topology, padding, bandwidth,...) ● Route selection requires more information. ● How does this compares to fully connected mix networks? ● Other properties: DoS, trust,...

7 Mix networks with restricted routes PET 2003 Mix networks as abstract mixes ● What we would like the adversary to see is only the inputs and outputs. Perfect Mixing... ● But in practice other info is also available: – Topology – First and last mix – Traffic characteristics on each link.

8 Mix networks with restricted routes PET 2003 Traffic Confirmation vs. Traffic Analysis ● Traffic confirmation (Syverson et al.): – Attacks that do not use the additional info leaked by the network. – Topology affects them but we will not discuss further... ● Traffic analysis: – Attacks that make use of the additional information. (Topology, route length, traffic characteristics,...) ● 'Traffic analysis of restricted routes networks'.

9 Mix networks with restricted routes PET 2003 Properties Required ● Anonymity defined in information theoretic terms (Serjantov, Danezis). – Route selection knowledge cannot reduce anonymity. – Uniform anonymity is provided. – The traffic observed should not give much additional information to attacker. – Resistance to intersection attacks (in network). ● Other: Resistance to corrupt nodes, active attacks, DoS.

10 Mix networks with restricted routes PET 2003 Modeling Mix Networks ● We model mix networks using Graph Theory. ● The Route selection process is approximated by a random walk on the topology graph. – We require this to lead to the stationary prob. Dist. from any starting node (uniformity) ● The 'Traffic Matrix' describes the actual probabilities assigned to a message given the observed traffic in the network. – A random walk on this matrix should lead to the same distribution as the above.

11 Mix networks with restricted routes PET 2003 Assessing the route length ● Key result: if the network has 'good mixing properties' only O(logN) steps are required. – The mixing is uniform in O(logN) ● Good mixing properties: – Topology is an Expander Graph. – Constant degree D graphs (each node only knows few neighbors) have such properties. – Gory detail: Exact number of rounds depends on the spectral gap between the first and second eigenvalue of graph.

12 Mix networks with restricted routes PET 2003 How much traffic is required? ● The aim is to make: 'traffic matrix' = topology matrix ● We can require it to only deviate by a small percentage on all links. – Assuming that the route selection was done using the topology matrix calculate after how much traffic they converge. – The choice of next link at each node is described by the multinomial dist: Calculate the volume requited to get the expectation (depends on mixing strategy).

13 Mix networks with restricted routes PET 2003 Resistance to Intersection Attacks ● Intersection attacks on the mixes (Berthold). – Replay attacks or streams of messages using the same path. ● Key result: needs K>O(bp/(1-p) ) rounds to confirm that a messages takes a path. – Where b is the batch size and p the prob of taking the link tested. – Result only valid for threshold mix. ● The smaller the number of links (as in restricted routes) the larged min(p) -> the larger K.

14 Mix networks with restricted routes PET 2003 Advantages of Restricted Routes ● Quick mixing: in O(logN) steps. ● Better resistance to intersection attacks. ● Scale well: Only O(N) amount of traffic is required in the network at any time to make it secure against traffic analysis. ● Analysis of fully connected mix networks: – TM is not equal to route selection matrix in general. – Resistance to intersection attacks is poor. – Does not automatically mean they are broken!

15 Mix networks with restricted routes PET 2003 Conclusions & Further directions ● A better understanding of general mix networks. ● Further work should look at resistance to corrupt nodes, denial of service attacks and active attacks. ● Results are dependent on a good expander graph topology. Who creates it? How is it managed? ● Resistance to intersection and TA attacks lead us to the topic of cover traffic. ● Less general restricted route topologies with more provable properties...

16 Mix networks with restricted routes PET 2003 Questions? ● Contact details: http://www.cl.cam.ac.uk/~gd216 George.Danezis@cl.cam.ac.uk

Download ppt "Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing."

Similar presentations

Provable Unlinkability Against Traffic Analysis Ron Berman Joint work with Amos Fiat and Amnon Ta-Shma School of Computer Science, Tel-Aviv University.

Provable Unlinkability Against Traffic Analysis Ron Berman Joint work with Amos Fiat and Amnon Ta-Shma School of Computer Science, Tel-Aviv University.
A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.

A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.
A Formal Analysis of Onion Routing 10/26/2007 Aaron Johnson (Yale) with Joan Feigenbaum (Yale) Paul Syverson (NRL)

A Formal Analysis of Onion Routing 10/26/2007 Aaron Johnson (Yale) with Joan Feigenbaum (Yale) Paul Syverson (NRL)
Definition of the Anonymity of Mix Network Runs Andrei Serjantov University of Cambridge Computer Laboratory.

Definition of the Anonymity of Mix Network Runs Andrei Serjantov University of Cambridge Computer Laboratory.
Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.
Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.

Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.
Wavelength Assignment in Optical Network Design Team 6: Lisa Zhang (Mentor) Brendan Farrell, Yi Huang, Mark Iwen, Ting Wang, Jintong Zheng Progress Report.

Wavelength Assignment in Optical Network Design Team 6: Lisa Zhang (Mentor) Brendan Farrell, Yi Huang, Mark Iwen, Ting Wang, Jintong Zheng Progress Report.
Quantifying Location Privacy: The Case of Sporadic Location Exposure Reza Shokri George Theodorakopoulos George Danezis Jean-Pierre Hubaux Jean-Yves Le.

Quantifying Location Privacy: The Case of Sporadic Location Exposure Reza Shokri George Theodorakopoulos George Danezis Jean-Pierre Hubaux Jean-Yves Le.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
Scale Free Networks Robin Coope April 4 2003 Abert-László Barabási, Linked (Perseus, Cambridge, 2002). Réka Albert and AL Barabási,Statistical Mechanics.

Scale Free Networks Robin Coope April Abert-László Barabási, Linked (Perseus, Cambridge, 2002). Réka Albert and AL Barabási,Statistical Mechanics.
1 Epidemic Spreading in Real Networks: an Eigenvalue Viewpoint Yang Wang Deepayan Chakrabarti Chenxi Wang Christos Faloutsos.

1 Epidemic Spreading in Real Networks: an Eigenvalue Viewpoint Yang Wang Deepayan Chakrabarti Chenxi Wang Christos Faloutsos.
Estimating the Global PageRank of Web Communities Paper by Jason V. Davis & Inderjit S. Dhillon Dept. of Computer Sciences University of Texas at Austin.

Estimating the Global PageRank of Web Communities Paper by Jason V. Davis & Inderjit S. Dhillon Dept. of Computer Sciences University of Texas at Austin.
1 Lecture 23: Interconnection Networks Topics: communication latency, centralized and decentralized switches (Appendix E)

1 Lecture 23: Interconnection Networks Topics: communication latency, centralized and decentralized switches (Appendix E)
2001 Winter CS215 Course Project Simulation Comparison of Routing Algorithms for Multicast with Bandwidth Reservation Zhihong Duan

2001 Winter CS215 Course Project Simulation Comparison of Routing Algorithms for Multicast with Bandwidth Reservation Zhihong Duan
Detecting Network Intrusions via Sampling : A Game Theoretic Approach Presented By: Matt Vidal Murali Kodialam T.V. Lakshman July 22, 2003 Bell Labs, Lucent.

Detecting Network Intrusions via Sampling : A Game Theoretic Approach Presented By: Matt Vidal Murali Kodialam T.V. Lakshman July 22, 2003 Bell Labs, Lucent.
Analysis of Onion Routing Presented in 294-4 by Jayanthkumar Kannan On 10/8/03.

Analysis of Onion Routing Presented in by Jayanthkumar Kannan On 10/8/03.
EXPANDER GRAPHS Properties & Applications. Things to cover ! Definitions Properties Combinatorial, Spectral properties Constructions “Explicit” constructions.

EXPANDER GRAPHS Properties & Applications. Things to cover ! Definitions Properties Combinatorial, Spectral properties Constructions “Explicit” constructions.
On the Effectiveness of Route- Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets Kihong Park and Heejo Lee Network Systems.

On the Effectiveness of Route- Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets Kihong Park and Heejo Lee Network Systems.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Similar presentations

Ads by Google