crowds anonymity for web transactions
play

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter - PowerPoint PPT Presentation

Jan 14, 2024 •122 likes •326 views

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter & Aviel D. Rubin of AT&T Labs (August, 1997) Presenter: Craig Bergstrom Overview The Problem At Hand How Crowds Works Levels and Types of Anonymity &

  1. Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter & Aviel D. Rubin of AT&T Labs (August, 1997) Presenter: Craig Bergstrom

  2. Overview • The Problem At Hand • How Crowds Works • Levels and Types of Anonymity & Types of Attackers • Analysis of Well How Crowds Resists Attacks • Comparison to Related Work & Evaluation

  3. The Problem • It is easy to trace user’s actions and interactions with the world wide web. The Solution • Have all users on of the network blend into a ‘crowd’ , so that it is difficult to ascertain who is talking to whom.

  4. How Crowd Works Web Client - Every member of the crowd runs a web proxy (jondoe). - Every jondoe makes a randomly Blender determined list of jondoes its’ web proxies (over an encrypted links). -During a join commit (e.g. once per day), the crowd randomly establishes the path that each member will use to connect to remote web servers. -It is difficult to ascertain which member of a crowd is actually making Crowd web requests because no single party Remote Web Server knows the entire path that any member uses to establish external connections.

  5. How Crowd Works - Every member of the crowd runs a web proxy (jondoe). Web Client - Every jondoe makes a randomly Blender determined list of jondoes its’ web proxies (over an encrypted links). -During a join commit (e.g. once per day), the crowd randomly establishes the path that each member will use to connect to remote web servers. -It is difficult to ascertain which member of a crowd is actually making Crowd web requests because no single party Remote Web Server knows the entire path that any member uses to establish external connections.

  6. How Crowd Works - Every member of the crowd runs a web proxy (jondoe). Web Client - Every jondoe makes a randomly Blender determined list of jondoes its’ web proxies (over an encrypted links). -During a join commit (e.g. once per day), the crowd randomly establishes the path that each member will use to connect to remote web servers. -It is difficult to ascertain which member of a crowd is actually making Crowd web requests because no single party Remote Web Server knows the entire path that any member uses to establish external connections.

  7. How Crowd Works - Every member of the crowd runs a web proxy (jondoe). Web Client - Every jondoe makes a randomly Blender determined list of jondoes its’ web proxies (over an encrypted links). -During a join commit (e.g. once per day), the crowd randomly establishes the path that each member will use to connect to remote web servers. -It is difficult to ascertain which member of a crowd is actually making Crowd web requests because no single party Remote Web Server knows the entire path that any member uses to establish external connections.

  8. Degrees of Anonymity • Absolute Privacy : The attacker cannot perceive the presence of communication

  9. Degrees of Anonymity • Beyond Suspicion : Though the attacker can see evidence of a sent message, the sender appears no more likely to be the originator of that message than any other potential sender in the system.

  10. Degrees of Anonymity • Probable Innocence : from the attacker’s point of view, the sender appears no more likely to be the originator than to not be the originator.

  11. Degrees of Anonymity • Possible Innocence : There is a nontrivial probability that the real sender is someone else.

  12. Degrees of Anonymity • Exposed : The attacker is aware of who the sender is.

  13. Degrees of Anonymity • Provably Exposed : The attacker can prove to others who the sender is.

  14. Types of Attackers • Local Eavesdropper : An attacker who can observe all (and only) communication to and from a user’s machine • Collaborating Crowd Members : other members of the crowd network that can pool their information and even deviate from the prescribed protocol • End Server : the web server to which the web transaction is directed.

  15. Sender vs. Receiver Anonymity • Sender Anonymity : The identity of the party who sent a message is hidden. • Receiver Anonymity : The identity of the receiver of a message is hidden. • Unlinkability of Sender & Receiver : Though the sender and receiver can be identified as communicating, they cannot be identified as communicating with each other.

  16. What Crowds Achieves • Crowd provides good protection of the sender’s anonymity against end servers and collaborating members, but not against a local eavesdropper. • Crowd provides good protection of the receiver’s anonymity against local eavesdroppers and collaborating members if the crowd is ‘large enough’. • Crowds does not attempt to provide unlinkability of sender and receiver, nor does it protect senders against local eavesdroppers.

  17. Comparison To Proxies & Mixes • Crowds provides a much higher degree of anonymity against a much wider range of attacks than a standard proxy. • Mixes provide sender & receiver unlinkability against a global eavesdropper. • Crowds is naturally scalable unlike mixes.

  18. Known Problems • Crowds is known to be vulnerable to Denial-Of-Service attacks. • Joining the crowd may take quite some time (join commits) • Web connections protected by SSL may be subject to timing attacks by cooperating jondos. • Firewalls may cause problems (especially for corporate users)

  19. Evaluation • Crowds provides well-defined and fairly high levels an anonymity against a wide range of attacks. • The centralized component, Blender, could be a bottleneck to scalability, provide a method for an attacker to disrupt service, and may allow attackers to find out the identity of participating parties if compromised. • A highly decentralized version with no notion of user accounts may provide more anonymity than a version that uses a blender. • Their implementation in Perl is highly portable though highly inefficient.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous = Nameless, unidentifiable pseudonymous = Fake name, still traceable Tracing Bitcoin transactions Normal redeem script: Provide public key pk and proof

438 views • 33 slides
Anonymous Communication Martijn Terpstra & Max Tijssen Introduction 1. Definition of

Anonymous Communication Martijn Terpstra & Max Tijssen Introduction 1. Definition of

Anonymous Communication Martijn Terpstra & Max Tijssen Introduction 1. Definition of anonymity 2. Reasons 3. Problems 4. Legal issues and implications 5. PETs 6. Crowds 7. I2P Definition of anonymity The state or quality

607 views • 36 slides
Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity, t-Closeness CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1

647 views • 61 slides
but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

Not all is lost for anonymity but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 ETH Zurich 1 Sender Anonymity

551 views • 44 slides
Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how often, and how much data is

764 views • 54 slides
The Wisdom of Crowds: attacks and optimal constructions George Danezis 1 Claudia Diaz 2 asper 2

The Wisdom of Crowds: attacks and optimal constructions George Danezis 1 Claudia Diaz 2 asper 2

Outline Anonymous Peer-to-Peer Routing via Crowds The Always Down-or-Up Scheme (ESORICS 08) Optimality of Crowds The Wisdom of Crowds: attacks and optimal constructions George Danezis 1 Claudia Diaz 2 asper 2 Emilia K Carmela Troncoso 2 1

357 views • 15 slides
Anonymity Application Example: e-Cash 1 Conventional Everyday Cash Counterfeit-able Slow

Anonymity Application Example: e-Cash 1 Conventional Everyday Cash Counterfeit-able Slow

Anonymity Application Example: e-Cash 1 Conventional Everyday Cash Counterfeit-able Slow Costly Vulnerable Bad for Remote Transactions DIRTY! 1 Credit Cards, Bank Cards, Checks, other cards: Easy Fraud Little Privacy

351 views • 11 slides
Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not given or known - Anonymity != Privacy != Security - Anonymity: they can see what you do, but not who you are - Privacy: they can see

379 views • 33 slides
Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Miller and Baileys ECE 422 Anonymity Anonymity: Concealing your identity In the context of the Internet, we

860 views • 61 slides
11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity Being on-line without giving up everything about you Ensuring collected data doesnt reveal its users data Privacy in Structured Data:

766 views • 49 slides
Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008

Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008

Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008 Bitcoin is only pseudonymous Public Key Address 133GT5661q8RuSKrrv8q2Pb4RwS 146KL5461d8KuSPxvv8q2Nd6K2q Posted on the ... Blockchain Alice

821 views • 40 slides
Nested Transactions Nested Transactions Flat transactions The rules for committing of

Nested Transactions Nested Transactions Flat transactions The rules for committing of

Nested Transactions Nested Transactions Flat transactions The rules for committing of nested transactions Nested Transactions A transaction commits or aborts only after its child transactions have completed; Structured in

808 views • 11 slides
Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti

Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti

Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti Dina Katabi & Katya Puchala State of the art: Onio Onion Rout n Routing over P2P ing over P2P n Routing over P2P ing over P2P Bob Onion

705 views • 43 slides
Rumor Riding: Anonymizing Unstructured Peer-to-Peer Systems Narrated by Christo Wilson Table of

Rumor Riding: Anonymizing Unstructured Peer-to-Peer Systems Narrated by Christo Wilson Table of

Rumor Riding: Anonymizing Unstructured Peer-to-Peer Systems Narrated by Christo Wilson Table of Contents Table of Contents Problem Scenario Existing Anonymity Schemes Existing Anonymity Schemes T or Crowds Rumor Riding

239 views • 19 slides
Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh |

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh |

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh | Shinyoung Cho | Phillipa Gill Stony Brook University 1 Anonymity on the Internet Tor Network 2 Anonymity on the Internet Does not know the source

261 views • 15 slides
Inside the Household Dr Abigail Adams Spring 2016 Dr Abigail Adams The Economics of The Family

Inside the Household Dr Abigail Adams Spring 2016 Dr Abigail Adams The Economics of The Family

Introduction Unitary Inside the Household Dr Abigail Adams Spring 2016 Dr Abigail Adams The Economics of The Family - Week 2 Introduction Unitary Inside the Household Dr Abigail Adams The Economics of The Family - Week 2 Introduction

598 views • 36 slides
Indirect Detection of WIMPs Joakim Edsj Stockholm University Sweden edsjo@physto.se 2004

Indirect Detection of WIMPs Joakim Edsj Stockholm University Sweden edsjo@physto.se 2004

Indirect Detection of WIMPs Joakim Edsj Stockholm University Sweden edsjo@physto.se 2004 Paris, June 19, 2004 Outline WIMP candidates will focus on the neutralino in the MSSM Ways to search indirectly for WIMPs Direct

820 views • 30 slides
Constraining Dark Matter Properties From A Gamma-Ray Detection S ergio Palomares-Rui z Centro de

Constraining Dark Matter Properties From A Gamma-Ray Detection S ergio Palomares-Rui z Centro de

Constraining Dark Matter Properties From A Gamma-Ray Detection S ergio Palomares-Rui z Centro de Fsica Terica de Partculas Instituto Superior Tcnico, Lisbon TeV Particle Astrophysics 2010 Paris, July 21, 2010 Constraining DM properties

415 views • 24 slides
Academic Advising Department of Electrical and Computer Engineering Take one folder: CpE

Academic Advising Department of Electrical and Computer Engineering Take one folder: CpE

Electrical & Computer Engineering at Fall 2016 Academic Advising Department of Electrical and Computer Engineering Take one folder: CpE Computer Engineers EE Electrical Engineers P ull out P owerP oint handout Electrical

432 views • 39 slides
SURVEY RESULTS BETH PRITZL Director of Research and Technology Fox Cities Regional Partnership

SURVEY RESULTS BETH PRITZL Director of Research and Technology Fox Cities Regional Partnership

SURVEY RESULTS BETH PRITZL Director of Research and Technology Fox Cities Regional Partnership THANK YOU FOR SUPPORTING! THANK YOU FOR RESPONDING! THANK YOU FOR RESPONDING! SURVEY RESULTS REGARDING 2016 SURVEY RESULTS REGARDING 2016 SURVEY

536 views • 17 slides
Closed-End Fund Advisors Diversification, Income, & Tactical Management Introduction to

Closed-End Fund Advisors Diversification, Income, & Tactical Management Introduction to

Closed-End Fund Advisors Diversification, Income, & Tactical Management Introduction to Closed-End Funds / VCU MBA Capital Markets Class November 18, 2010 Todays Goal To give you an overview on closed- end funds and how to

397 views • 28 slides
I W C T 2 0 1 7 C O M B I N AT O R I A L T E S T I N G ( C T ) CT tries to select test

I W C T 2 0 1 7 C O M B I N AT O R I A L T E S T I N G ( C T ) CT tries to select test

U S I N G T I M E D B A S E - C H O I C E C O V E R A G E C R I T E R I O N F O R T E S T I N G I N D U S T R I A L C O N T R O L S O F T WA R E H E N N I N G B E R G S T R M A N D E D U A R D E N O I U I W C T 2 0 1 7 C O M B I N

188 views • 18 slides
Experiments on Siegel modular forms of genus 2 (Not only on the Paramodular Conjecture) Nathan

Experiments on Siegel modular forms of genus 2 (Not only on the Paramodular Conjecture) Nathan

Experiments on Siegel modular forms of genus 2 (Not only on the Paramodular Conjecture) Nathan Ryan Modular Forms and Curves of Low Genus: Computational Aspects ICERM October 1st, 2015 Nathan Ryan Experiments on Siegel modular forms of genus

536 views • 36 slides

More recommend