a b
play

A B Verschlsselung schtzt nur Inhalte, nicht die Metadaten! Wer - PowerPoint PPT Presentation

Oct 25, 2023 •429 likes •764 views

Anonymitt? nberwachbare Kommunikation! A B Verschlsselung schtzt nur Inhalte, nicht die Metadaten! Wer mit wem? Wann? Was? 1-hop proxy (VPN, SSH Tunnel etc) Alice1 Bob1 Y Alice2 Z Bob2 Relay

  1. Anonymität? Ünüberwachbare Kommunikation! A B

  2. Verschlüsselung schützt nur Inhalte, nicht die Metadaten! ● Wer mit wem? ● Wann? ● Was?

  3. 1-hop proxy (VPN, SSH Tunnel etc) Alice1 Bob1 “Y” Alice2 ” Z “ Bob2 Relay “X” Bob3 Alice3

  4. Problem Vertrauenswürdigkeit und einfache Überwachbarkeit Alice1 Bob1 “Y” Evil Relay? Alice2 ” Z “ Bob2 Coerced Relay? Monitored Relay? “X” Bob3 Alice3

  5. Tor

  6. Tor Bob Alice R1 R3 R5 R4 R2

  7. Tor Bob Alice R1 R3 R5 R4 R2

  8. Tor Bob Alice R1 R3 R5 R4 R2

  9. Tor Bob Alice R1 R3 Bob2 R5 R4 R2

  10. Problem: (sufficiently) global passive adversaries Bob Alice R1 R3 R5 R4 R2

  11. ● “Not secure against end-to-end attacks: Tor does not claim to completely solve end-to-end timing or intersection attacks.“ (Tor Design Paper, 2004) ● A global passive adversary is the most commonly assumed threat when analyzing theoretical anonymity designs. But like all practical low- latency systems, Tor does not protect against such a strong adversary. “ (ebd.)

  12. “The results show that Tor faces even greater risks from traffic correlation than previous studies suggested. An adversary that provides no more bandwidth than some volunteers do today can deanonymize any given user within three months of regular Tor use with over 50% probability and within six months with over 80% probability.” (Users get routed: Traffic Correlation on Tor by Realistic Adversaries, 2013)

  13. Alternative: Broadcast-Architektur Alice1 Bob1 E(Bob2, “Z”) Alice2 Bob2 E(Bob2, “Z”) Bob3 E(Bob2, “Z”) Alice3 Beispiel Bitmessage

  14. Alternative: Mixnets Bob Alice R1 R3 (R5) (R4) R2

  15. Tor: Verbindungsaufbau Bob Alice R1 R3 (R5) (R4) R2

  16. Tor: Verbindungsaufbau Bob Alice R1 R3 (R5) (R4) R2

  17. Tor: Verbindungsaufbau Bob Alice R1 R3 (R5) (R4) R2

  18. Tor: Verbindungsaufbau Bob Alice R1 R3 (R5) (R4) R2

  19. Mixnets: nachrichtenbasiert statt paketbasiert ! Bob Alice R1 R3 (R5) (R4) R2

  20. Bob Alice R1 R3 (R5) (R4) R2

  21. Bob Alice R1 R3 (R5) (R4) R2

  22. Bob Alice R1 R3 (R5) (R4) R2

  23. Bob Alice R1 R3 (R5) (R4) R2

  24. Bob Alice R1 R3 (R5) (R4) R2

  25. Bob Alice R1 R3 (R5) (R4) R2

  26. Bob Alice R1 R3 (R5) (R4) R2

  28. Mix-Strategien ● Pool/Batching Mix – sammle x Nachrichten (“threshold mix”) – warte x Minuten (“timed mix”) (Mixmaster: timed + threshold: nur wenn x Nachrichten eingangen sind wird Queue nach Timeout geleert/versendet) ● Stop & Go Mixes: Delay der einzelnen Hops vom Nutzer vorgegeben

  29. ● 1 9 7 8 L i mi t a t i o n s o f E n d - t o - E n d E n c r y p t i o n i n S e c u r e C o mp u t e r N e t w o r k s ( K a r g e r ) ● 1 9 8 1 U n t r a c e a b l e e l e c t r o n i c ma i l , r e t u r n a d d r e s s e s a n d d i g i t a l p s e u d o n y ms ( D a v i d C h a u m) ● 1 9 8 5 N e t w o r k s Wi t h o u t U s e r O b s e r v a b i l i t y – D e s i g n O p t i o n s ( P f i t z ma n n ) ● 1 9 9 1 I S D N - M i x e s ( P f i t z ma n n ) ● [ 1 9 9 5 “ I n i t i a l w o r k o n O n i o n R o u t i n g b e g i n s ” ] ● 1 9 9 8 R e a l - T i me M I X e s ( P f i t z ma n n ) h t t p : / / f r e e h a v e n . n e t / a n o n b i b

  30. ● 1 9 9 2 a n o n . p e n e t . f i ( T y p 0 R e ma i l e r ) ( 5 0 0 , 0 0 0 N u t z e r , 8 0 0 0 N a c h r i c h t e n / T a g , ~ $ 1 0 0 0 / M o n a t ) 1 → → 1 9 9 5 : C h u r c h o f S c i e n t o l o g y , L o s A n g e l e s F B I F i n n l a n d ● 1 9 9 2 C y p h e r p u n k s - R e ma i l e r ( T y p 1 R e ma i l e r ) → → E i n f a c h e r R e ma i l e r , k e i n M i x i n g ( t i mi n g a n a l y s i s ) , k e i n P a d d i n g ( t r a f f i c a n a l y s i s ) ● 1 9 9 4 M i x ma s t e r ( T y p 2 ) ● 1 9 9 5 a n o n y mi z e r , c 2 . n e t n y ms e r v e r ● 2 0 0 2 M i x mi n i o n ( T y p 3 ) ● [ 2 0 0 4 T o r D e s i g n P a p e r ] 1 h t t p : / / f r e e h a v e n . n e t / a n o n b i b / c a c h e / r e ma i l e r - h i s t o r y . h t ml

  31. Probleme Mixnets ● Historisch: – Keine Zustellungsgarantie – Lange Nachrichtenlaufzeiten (Tage!) – Komplizierte UIs, fehlende Integration – Spam-/Abuse-Problematik ● Loopix Anonymity System (März 2017) – Stop & Go – aktive Angriffe erkennen durch “loops” – “message latency in the order of seconds”

  32. Katzenpost ● “echtes” Open Source Projekt – Spezifikation auf Github – Implementierung in Go – [ Integration in K9 Mail ] – Finanzierung durch EU! https://katzenpost.mixnetworks.org/

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Monero an anonymous altcoin Dionysis Zindros ATHECRYPT 2016 Overview Bitcoins problems

Monero an anonymous altcoin Dionysis Zindros ATHECRYPT 2016 Overview Bitcoins problems

Monero an anonymous altcoin Dionysis Zindros ATHECRYPT 2016 Overview Bitcoins problems Moneros solutions Fungibility Anonymity Unlinkability Untraceability Acknowledgments Bitcoin Genve, Universit

734 views • 52 slides
Tracking Prey in the Cyberfores t Bruce Potter gdead@shmoo.com Brian Wotring brian@shmoo.com

Tracking Prey in the Cyberfores t Bruce Potter gdead@shmoo.com Brian Wotring brian@shmoo.com

Tracking Prey in the Cyberfores t Bruce Potter gdead@shmoo.com Brian Wotring brian@shmoo.com July 29, 2004 Blackhat Briefings USA 2004 The Ground Rules Dont believe anything I say Daytime - Security consultant Beltway

759 views • 35 slides
Paradigms of Privacy Research & Privacy Engineering Seda Grses f.s.gurses@tudelft.nl TU

Paradigms of Privacy Research & Privacy Engineering Seda Grses f.s.gurses@tudelft.nl TU

Paradigms of Privacy Research & Privacy Engineering Seda Grses f.s.gurses@tudelft.nl TU Delft/ KU Leuven 18. June 2019 GDPR requires data protection by design and by default (Article 25) A complex law with many requirements. More

950 views • 58 slides
Mixminion: Design of a Type III Anonymous Remailer Protocol Roger Dingledine The Free Haven

Mixminion: Design of a Type III Anonymous Remailer Protocol Roger Dingledine The Free Haven

Mixminion: Design of a Type III Anonymous Remailer Protocol Roger Dingledine The Free Haven Project 1 Threat Model (what we aim to defend against) Global passive adversary can observe everything Owns half the nodes We are not

656 views • 41 slides
Bitcoin, Blockchain and Beyond... Satj tjsh Babu Chair, ISOC-TRV Chair, APRALO LO/ICANN

Bitcoin, Blockchain and Beyond... Satj tjsh Babu Chair, ISOC-TRV Chair, APRALO LO/ICANN

Bitcoin, Blockchain and Beyond... Satj tjsh Babu Chair, ISOC-TRV Chair, APRALO LO/ICANN Overview Whats a (Digital) Currency ? Bitcoin: Revolutjonary ? The Blockchain Ethereum and recent developments The Future 2/35

616 views • 35 slides
Concepts in Crypto Parker Higgins parker@eff.org @xor PGP: 4FF3 AA1B D29E 1638 32DE C765 9433

Concepts in Crypto Parker Higgins parker@eff.org @xor PGP: 4FF3 AA1B D29E 1638 32DE C765 9433

Concepts in Crypto Parker Higgins parker@eff.org @xor PGP: 4FF3 AA1B D29E 1638 32DE C765 9433 5F88 9A36 7709 Micah Lee micah@eff.org @micahflee PGP: 5C17 6163 61BD 9F92 422A C08B B4D2 5A1E 9999 9697 ELECTRONIC FRONTIER FOUNDATION

549 views • 24 slides
RC4: Non-Randomness in the index j and some results on its Cycles Chandratop Chakraborty, Pranab

RC4: Non-Randomness in the index j and some results on its Cycles Chandratop Chakraborty, Pranab

RC4: Non-Randomness in the index j and some results on its Cycles Chandratop Chakraborty, Pranab Chakraborty, Subhamoy Maitra PES University, Wipro Limited, Indian Statistical Institute [chandratop@protonmail.ch, kojagori@gmail.com,

536 views • 31 slides
Solutions pour la Scurit des rseaux Prof. Gildas Avoine UCL Belgium Introduction

Solutions pour la Scurit des rseaux Prof. Gildas Avoine UCL Belgium Introduction

cole Internationale de Printemps Systmes Rpartis : METIS2008 Architecture, Scurit & Fiabilit Rabat, 20-23 Mai 2008 Solutions pour la Scurit des rseaux Prof. Gildas Avoine UCL Belgium Introduction Confidentiality,

1.85k views • 135 slides
Programming Distributed Systems 13 Blockchains Christian Weilbach & Annette Bieniusa AG

Programming Distributed Systems 13 Blockchains Christian Weilbach & Annette Bieniusa AG

Programming Distributed Systems 13 Blockchains Christian Weilbach & Annette Bieniusa AG Softech FB Informatik TU Kaiserslautern Summer Term 2018 Christian Weilbach & Annette Bieniusa Programming Distributed Systems Summer Term 2018

870 views • 65 slides
) tra ffi c lights smart grid Honeypots in ICS Environments space station steel mill ( power

) tra ffi c lights smart grid Honeypots in ICS Environments space station steel mill ( power

) tra ffi c lights smart grid Honeypots in ICS Environments space station steel mill ( power plant supertanker death star gas pipeline sewage plant wind turbine ) cypherpunk chaotic neutral privacy activist researcher DI Daniel

656 views • 27 slides
Belfast CryptoParty Welcome Pete Maynard @pgmaynard October 14, 2014 Belfast CryptoParty

Belfast CryptoParty Welcome Pete Maynard @pgmaynard October 14, 2014 Belfast CryptoParty

Belfast CryptoParty Welcome Pete Maynard @pgmaynard October 14, 2014 Belfast CryptoParty #cryptofast Pete Maynard @pgmaynard 1 What is a CryptoParty? A CryptoParty is free, public and fun. Its a decentralized, global initiative to

760 views • 8 slides
Mixminion: A next-generation anonymous remailer George Danezis Roger Dingledine Nick Mathewson

Mixminion: A next-generation anonymous remailer George Danezis Roger Dingledine Nick Mathewson

Mixminion: A next-generation anonymous remailer George Danezis Roger Dingledine Nick Mathewson 1 Outline Background Related systems A few improvements over past work Secure single-use reply block mechanism 2 Anonymous,

544 views • 22 slides
P r i v a c y b y D e f a u l t . P G P / G P G P G P P r e t t

P r i v a c y b y D e f a u l t . P G P / G P G P G P P r e t t

p r e t t y E a s y p r i v a c y N U L L c o n 2 0 1 7 , G o a s v a @ p E p . f o u n d a t i o n h t t p s : / / p E p . f o u n d a t i o n t w i t t e r @ s v a

1.32k views • 85 slides
Distributed Ledger Technology: An introduction to interoperability Andrea Lisi, Paolo Mori

Distributed Ledger Technology: An introduction to interoperability Andrea Lisi, Paolo Mori

Distributed Ledger Technology: An introduction to interoperability Andrea Lisi, Paolo Mori Universit degli studi di Pisa 02/03/20 2009 2 2009 3 2009 Bitcoin is a P2P payment system where nodes share the ledger of money Transactions, the

655 views • 28 slides
The Signal Protocol @ VanLug BorisReitman.com Agenda OTR Double Ratchet X3DH

The Signal Protocol @ VanLug BorisReitman.com Agenda OTR Double Ratchet X3DH

The Signal Protocol @ VanLug BorisReitman.com Agenda OTR Double Ratchet X3DH Sesame Overview First the parties will use X3DH key agreement protocol to agree on a shared secret key. Then, the parties will use the Double

1.12k views • 96 slides
The Redesigned Naturalization Test Office of Citizenship 2 Overview of Presentation

The Redesigned Naturalization Test Office of Citizenship 2 Overview of Presentation

The Redesigned Naturalization Test Office of Citizenship 2 Overview of Presentation Historical Overview of the Redesigned (New) Test Legal Framework The Redesigned Naturalization Test Administration of the Redesigned Test

257 views • 22 slides
Digital Citizen Someone who uses technology safely and responsibly commonsense.org/education

Digital Citizen Someone who uses technology safely and responsibly commonsense.org/education

KEY VOCABULARY Digital Citizen Someone who uses technology safely and responsibly commonsense.org/education Shareable with attribution for noncommercial use. Remixing is permitted. INTRODUCTORY SONG DIGITAL CITIZENSHIP | GRADE 2 We the

929 views • 34 slides
Our Digital Citizenship Pledge commonsense.org/education Shareable with attribution for

Our Digital Citizenship Pledge commonsense.org/education Shareable with attribution for

DIGITAL CITIZENSHIP | GRADE 3 Our Digital Citizenship Pledge commonsense.org/education Shareable with attribution for noncommercial use. Remixing is permitted. Essential Question What makes a strong online community? commonsense.org/education

355 views • 11 slides
U.S. Department of Justice Civil Rights Division Overview OSC History Types of

U.S. Department of Justice Civil Rights Division Overview OSC History Types of

U.S. Department of Justice Civil Rights Division Overview OSC History Types of Discrimination E-Verify / No-Match Issues OSC Enforcement Resources Employer Hotline: 1-800-255-8155 Office of Special Counsel for

403 views • 39 slides
Black Immigrants and 2020 Census: #CheckBlackPlus Dorian Spence Director of Special Litigation

Black Immigrants and 2020 Census: #CheckBlackPlus Dorian Spence Director of Special Litigation

Black Immigrants and 2020 Census: #CheckBlackPlus Dorian Spence Director of Special Litigation Lawyers Committee for Civil Rights Nana Gyamfi Executive Director Black Alliance for Just Immigration (BAJI) Census Day April 1, 2020 Census

414 views • 16 slides
Prestigious Graduate Fellow ships Department of Energy Computational Science Graduate Fellowship

Prestigious Graduate Fellow ships Department of Energy Computational Science Graduate Fellowship

Prestigious Graduate Fellow ships Department of Energy Computational Science Graduate Fellowship (CSGF) www.krellinst.org/csgf Disciplines: Any Engineering/Science field using high performance computing to solve problems. Math/Computer

302 views • 7 slides
1 Audience focus needed 2 Letting Go: Sharing Historical Authority in a User generated world

1 Audience focus needed 2 Letting Go: Sharing Historical Authority in a User generated world

1 Audience focus needed 2 Letting Go: Sharing Historical Authority in a User generated world (2011) LSIE the National Science Foundation, of the National Academies (2009) IMLS (2009) 21 st century skills NPS publications Imperiled

517 views • 23 slides
Re-imagining General Education FooD for Thought: Social Justice in Your Classroom Making

Re-imagining General Education FooD for Thought: Social Justice in Your Classroom Making

Re-imagining General Education FooD for Thought: Social Justice in Your Classroom Making positive change in the world Connecting with students Discussing Real-world problems and multiple perspectives Creating classroom

387 views • 14 slides
What Is Citizenship? Legal definition Full membership in a political community Rights

What Is Citizenship? Legal definition Full membership in a political community Rights

What Is Citizenship? Legal definition Full membership in a political community Rights and obligations Social closure Why National Citizenship Matters Elections Welfare state benefits Public sector employment

765 views • 30 slides

More recommend