anonymity and censorship resistance
play

Anonymity and Censorship Resistance Entry node Middle node Exit - PowerPoint PPT Presentation

Aug 17, 2023 •198 likes •575 views

Anonymity and Censorship Resistance Entry node Middle node Exit node Tor user Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Network Encrypted tunnel Web server Unencrypted

  1. Anonymity and Censorship Resistance Entry node Middle node Exit node Tor user Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Node Tor Network Encrypted tunnel Web server Unencrypted TCP Steven J. Murdoch http://www.cl.cam.ac.uk/users/sjm217/

  2. What is being blocked, and why • Out of the 40 countries studied by the OpenNet Initiative in 2006, 26 censored the Internet in some way • The types of material censored varied depending on country, e.g.: • Human Rights (blocked in China) • Religion (blocked in Saudi Arabia, UAE, Iran, Bahrain) • Pornography (blocked in Saudi Arabia, UAE, Iran, Bahrain, Singapore, Burma, . . . ) • Other issues censored include: military and militant websites; sex education, alcohol/drugs, music; gay and lesbian websites; news

  3. What is being blocked, and why • Out of the 40 countries studied by the OpenNet Initiative in 2006, 26 censored the Internet in some way • The types of material censored varied depending on country, e.g.: • Human Rights (blocked in China) • Religion (blocked in Saudi Arabia, UAE, Iran, Bahrain) • Pornography (blocked in Saudi Arabia, UAE, Iran, Bahrain, Singapore, Burma, . . . ) • Other issues censored include: military and militant websites; sex education, alcohol/drugs, music; gay and lesbian websites; news

  4. What is being blocked, and why • Out of the 40 countries studied by the OpenNet Initiative in 2006, 26 censored the Internet in some way • The types of material censored varied depending on country, e.g.: • Human Rights (blocked in China) • Religion (blocked in Saudi Arabia, UAE, Iran, Bahrain) • Pornography (blocked in Saudi Arabia, UAE, Iran, Bahrain, Singapore, Burma, . . . ) • Other issues censored include: military and militant websites; sex education, alcohol/drugs, music; gay and lesbian websites; news

  5. Blocking with technology • When a country’s government controls international connectivity, they can block requests for banned websites • There are a number of different approaches (DNS blocking, IP address blocking, etc.) • Software may be produced in-country, but often is an adapted commercial product • These companies not only make the software, but provide a continuously updated list of websites to be blocked

  6. 4. www.example.org is 192.0.2.166 3. Lookup response: www.example.org is 192.0.2.166 4 3 2 1 Router 6. Here is www.example.org/page.html 5. Get web page: www.example.org/page.html at 192.0.2.166 WEB BROWSER 2. DNS lookup for www.example.org 6 1. User requests www.example.org/page.html NORMAL WEB BROWSING (no proxy) Web Server DNS Server DNS Server User INTERNET ISP 5 Normal web browsing Diagram: Jane Gowan normal_no proxy.indd 1 3/19/07 8:56:55 PM

  7. DNS TAMPERING 2 ISP INTERNET User DNS Server DNS Server Web Server WEB BROWSER 1. User requests www.example.org/page.html 2. DNS response: www.example.org does not exist Router 1 DNS tampering Diagram: Jane Gowan DNS_tampering.indd 1 3/19/07 8:56:18 PM

  8. 5. Get web page: www.example.org/page.html at 192.0.2.166 4. www.example.org is 192.0.2.166 5 4 3 2 1 Router 7. Browser concludes that www.example.org is inaccessible 6. Router drops all packets to 192.0.2.166 WEB BROWSER 3. Lookup response: www.example.org is 192.0.2.166 7 2. DNS lookup for www.example.org 1. User requests www.example.org/page.html IP BLOCKING Web Server DNS Server DNS Server User INTERNET ISP 6 IP blocking Diagram: Jane Gowan IP blocking.indd 1 3/19/07 8:56:32 PM

  9. Tradeoffs in blocking systems • DNS blocking • Easy and cheap to implement • Blocks at domain name granularity – overblocks protocols, webpages • Trivial to bypass • IP blocking • Easy and cheap to implement • Blocks at IP address (perhaps port) – overblocks virtual hosting • Proxy blocking • Expensive to implement • Blocks at webpage level – low overblocking • Hybrid blocking – IP based redirection to proxy • Tricky to get right, but cheap • Has some vulnerabilities • Blocks at webpage level – low overblocking

  10. Even if a site is accessible, it may be removed from search engine results Searching for “Tiananmen Square” on Google.com and Google.cn

  11. Limitations of blocking • Censorship systems block legitimate content and fail to block banned content • It is fairly easy for readers and publishers to circumvent the technical measures • Building and maintaining censorship systems is expensive • Blocking one type of content encourages other types to be blocked • Often the process of censorship is not transparent Photograph: David Gaya

  12. Blocking through laws, fear, and intimidation • ISPs may be forced to block sites themselves, or implement self-regulation • People can be intimidated into not testing rules through fear of detection and retribution • These may be through laws, social pressure or extra-legal punishment • All these approaches may be used at the same time, and complement each other

  13. Censorship resistance systems • Software to resist censorship should • Hide where user is visiting (to prevent blocking) • Hide who the user is (to protect them from intimidation) • These properties should be maintained even if the censorship resistance system is partially compromised

  14. There are many other reasons why people might want privacy • Ordinary people • To avoid personal information being sold to marketers • Protect themselves when researching sensitive topics • Militaries and law enforcement • To carry out intelligence gathering • Protect undercover field agents • Offer anonymous tip lines • Journalists • To protect sources, such as whistle blowers • Human rights workers • To publicise abuses and protect themselves from surveillance • Blogging about controversial subjects • Businesses • To observe their competition and build anonymous collaborations

  15. Anonymous communication • People have to hide in a crowd of other people (“anonymity loves company”) • The goal of the system is to make all users look as similar as possible, to give a bigger crowd • Hide who is communicating with whom • Layered encryption and random delays hide correlation between input traffic and output traffic For D C A K pub Mix K priv For C B D K pub

  16. Remailers A For Mix 3 For C C Mix 1 K pub 3 K pub 1 K priv 1 Mix 3 K priv 3 B D For Mix 2 Mix 2 For D K priv 2 K pub 2 K pub 3

  17. Threshold mix • In each round, the “threshold mix” accepts a fixed number of messages • Once the number of messages reaches the “batch size” the mix flushes and sends them all, in a random order • Other strategies are possible, but Mix this is the type of mix we will examine in the exercise • After observing one round, the attacker knows the set of senders and receivers, but not who sent each message

  18. Threshold mix • In each round, the “threshold mix” accepts a fixed number of messages • Once the number of messages reaches the “batch size” the mix flushes and sends them all, in a random order • Other strategies are possible, but Mix this is the type of mix we will examine in the exercise • After observing one round, the attacker knows the set of senders and receivers, but not who sent each message

  19. Threshold mix • In each round, the “threshold mix” accepts a fixed number of messages • Once the number of messages reaches the “batch size” the mix flushes and sends them all, in a random order • Other strategies are possible, but Mix this is the type of mix we will examine in the exercise • After observing one round, the attacker knows the set of senders and receivers, but not who sent each message

  20. Threshold mix • In each round, the “threshold mix” accepts a fixed number of messages • Once the number of messages reaches the “batch size” the mix flushes and sends them all, in a random order • Other strategies are possible, but Mix this is the type of mix we will examine in the exercise • After observing one round, the attacker knows the set of senders and receivers, but not who sent each message

  21. Threshold mix • In each round, the “threshold mix” accepts a fixed number of messages • Once the number of messages reaches the “batch size” the mix flushes and sends them all, in a random order • Other strategies are possible, but Mix this is the type of mix we will examine in the exercise • After observing one round, the attacker knows the set of senders and receivers, but not who sent each message

  22. Threshold mix • In each round, the “threshold mix” accepts a fixed number of messages • Once the number of messages reaches the “batch size” the mix flushes and sends them all, in a random order • Other strategies are possible, but Mix this is the type of mix we will examine in the exercise • After observing one round, the attacker knows the set of senders and receivers, but not who sent each message

  23. Traffic Analysis • By observing traffic over many rounds, the adversary can count each recipient’s share of 7% the messages received 2% • Some users will receive more messages than 9% others Mix • These users may be of 3% interest, so the target of further investigation • e.g. Bob’s share is: messages received by Bob messages received in total ... over all rounds 100%

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Tools for Censorship Resistance Rachel Greenstadt greenie@eecs.harvard.edu CIH2K5 March 2005

Tools for Censorship Resistance Rachel Greenstadt greenie@eecs.harvard.edu CIH2K5 March 2005

Tools for Censorship Resistance Rachel Greenstadt greenie@eecs.harvard.edu CIH2K5 March 2005 Tools for Censorship Resistance p.1/36 Overview Approaches to Censorship Circumvention methods Case study: China Censorship in a free

628 views • 36 slides
CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS

CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS

CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS Network operators : Block traffic in their own networks/countries Off-path attackers : Inject TCP RST packets (next week) Routing-capable adversaries

517 views • 23 slides
CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS

CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS

CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS Network operators : Block traffic in their own networks/countries Off-path attackers : Inject TCP RST packets (next week) Routing-capable adversaries

654 views • 44 slides
Communication Privacy and Censorship Resistance Vitaly Shmatikov Privacy on Public Networks

Communication Privacy and Censorship Resistance Vitaly Shmatikov Privacy on Public Networks

Communication Privacy and Censorship Resistance Vitaly Shmatikov Privacy on Public Networks Internet is designed as a public network Routing information is public IP packet headers identify source and destination Even a passive

680 views • 65 slides
Security & Privacy in P2P Networks Niels Olof Bouvin 1 Overview Aspects of security*

Security & Privacy in P2P Networks Niels Olof Bouvin 1 Overview Aspects of security*

Security & Privacy in P2P Networks Niels Olof Bouvin 1 Overview Aspects of security* Venues of attack Techniques for anonymity & censorship resistance Securing a DHT *This is not the interesting part to talk about during the exam 2

964 views • 62 slides
Securing the Tor Network Mike Perry Black Hat USA 2007 Defcon 2007 What is Tor? Volunteer

Securing the Tor Network Mike Perry Black Hat USA 2007 Defcon 2007 What is Tor? Volunteer

Securing the Tor Network Mike Perry Black Hat USA 2007 Defcon 2007 What is Tor? Volunteer run relay network designed for privacy, anonymity, and censorship resistance. Tor relays TCP connections (streams) Multiplexed on

225 views • 20 slides
Regulation of Online Media: A Comparison Assumptions about censorship? What is censorship?

Regulation of Online Media: A Comparison Assumptions about censorship? What is censorship?

Regulation of Online Media: A Comparison Assumptions about censorship? What is censorship? History of Censorship Arguments for censorship Arguments against censorship What do we mean by media? AUSTRALIA Statutory Regulation Recent

566 views • 37 slides
Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin

Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin

Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin and L Cranor Ranjit Randhawa Department of Computer Science Virginia Tech Outline Overview of Publius Anonymity tools Publius in

414 views • 13 slides
Censorship and Self-Censorship in Research on the Iraq War By Michael Spagat Department of

Censorship and Self-Censorship in Research on the Iraq War By Michael Spagat Department of

Censorship and Self-Censorship in Research on the Iraq War By Michael Spagat Department of Economics Royal Holloway, University of London Presentation given at the International Studies Association 57 th annual convention, Atlanta, GA, March

504 views • 24 slides
Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity, t-Closeness CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1

647 views • 61 slides
but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

Not all is lost for anonymity but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 ETH Zurich 1 Sender Anonymity

551 views • 44 slides
Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1

Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1

Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1 Today's plan 0) Crash course on Tor 1) Anonymity attacks 2) Blocking-resistance 2 What is Tor? Online anonymity 1) open source software, 2)

663 views • 52 slides
Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how often, and how much data is

764 views • 54 slides
Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous = Nameless, unidentifiable pseudonymous = Fake name, still traceable Tracing Bitcoin transactions Normal redeem script: Provide public key pk and proof

438 views • 33 slides
Design of a blocking-resistant anonymity system Roger Dingledine, Nick Mathewson The Tor Project

Design of a blocking-resistant anonymity system Roger Dingledine, Nick Mathewson The Tor Project

Design of a blocking-resistant anonymity system Roger Dingledine, Nick Mathewson The Tor Project 1 Outline Crash course on Tor Goals for blocking resistance Assumptions (threat model) What Tor offers now Current proxy

1.07k views • 70 slides
Your state is not mine: a closer look at evading stateful internet censorship Zhongjie Wang, Yue

Your state is not mine: a closer look at evading stateful internet censorship Zhongjie Wang, Yue

Your state is not mine: a closer look at evading stateful internet censorship Zhongjie Wang, Yue Cao, Zhiyun Qian, Chengyu Song, Srikanth V Krishnamurthy University of California, Riverside Background The Great Fire Wall (GFW) A

322 views • 28 slides
Networking Exercise Currently: 10.42.X.X pfSense: 10.42.X.1 Linux Server: 10.42.X.3

Networking Exercise Currently: 10.42.X.X pfSense: 10.42.X.1 Linux Server: 10.42.X.3

Networking Exercise Currently: 10.42.X.X pfSense: 10.42.X.1 Linux Server: 10.42.X.3 Ubuntu ClientA: 10.42.X.2 10.42.X.110 Ubuntu ClientB: 10.42.X.2 10.42.X.111 Windows Server: 10.42.X.4 Windows ClientA:

498 views • 39 slides
Characterizing Global Web Censorship: Why is it so hard? Phillipa Gill The Citizen Lab/Stony

Characterizing Global Web Censorship: Why is it so hard? Phillipa Gill The Citizen Lab/Stony

Workshop on Active Internet Measurements CAIDA Feb. 8, 2012 Characterizing Global Web Censorship: Why is it so hard? Phillipa Gill The Citizen Lab/Stony Brook University Work done in collaboration with: Masashi Crete Nishihata, Jakub Dalek,

411 views • 39 slides
Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Software and Web Security 2 More attacks on Clients: More attacks on Clients: Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth reality y y Welcome user29. (IP address: (IP address:

691 views • 50 slides
No Cloud Allowed Denying Service to DDOS Protection Services Presented by: Allison Nixon

No Cloud Allowed Denying Service to DDOS Protection Services Presented by: Allison Nixon

No Cloud Allowed Denying Service to DDOS Protection Services Presented by: Allison Nixon Allison.Nixon@integralis.com Pentesting, Incident Response PaulDotCom host Cloud Based DDOS Protection How it works Fundamental flaws

875 views • 25 slides
Modeling, prediction and diagnosis for network security Alfred Hero University of Michigan 1.

Modeling, prediction and diagnosis for network security Alfred Hero University of Michigan 1.

Modeling, prediction and diagnosis for network security Alfred Hero University of Michigan 1. Network monitoring and tomography 2. Science of security: opportunities 3. Concluding remarks Alfred Hero NSF-IARPA SOS Workshop Nov 2008 1.

432 views • 18 slides
GIVING WITH ONE HAND AND TAKING AWAY WITH THE OTHER Carlndia Brito Santos Fernandes Marina Silva

GIVING WITH ONE HAND AND TAKING AWAY WITH THE OTHER Carlndia Brito Santos Fernandes Marina Silva

GIVING WITH ONE HAND AND TAKING AWAY WITH THE OTHER Carlndia Brito Santos Fernandes Marina Silva da Cunha Marcos Roberto Vasconcelos State University of Maring (UEM) Article accepted for publication at Estudios Econmicos V.37, n.73

616 views • 12 slides
W arehousing and Querying Trajectory Data Stream s W ith Error Estim ation Elio Masciari I

W arehousing and Querying Trajectory Data Stream s W ith Error Estim ation Elio Masciari I

W arehousing and Querying Trajectory Data Stream s W ith Error Estim ation Elio Masciari I CAR-CNR DOLAP MAUI 2 Novem ber 2 0 1 2 Trajectory Data Prime Numbers Encoding for Paths Warehousing Steps Experimental Evaluation

262 views • 14 slides

More recommend