cse 127 introduction to security
play

CSE 127: Introduction to Security Lecture 17: Privacy and Anonymity - PowerPoint PPT Presentation

Aug 15, 2023 •95 likes •611 views

CSE 127: Introduction to Security Lecture 17: Privacy and Anonymity Nadia Heninger and Deian Stefan UCSD Fall 2019 Lecture outline Foundations of privacy Historical and current crypto wars in the US Privacy-enhancing

  1. CSE 127: Introduction to Security Lecture 17: Privacy and Anonymity Nadia Heninger and Deian Stefan UCSD Fall 2019

  2. Lecture outline • Foundations of privacy • Historical and current “crypto wars” in the US • Privacy-enhancing technologies • PGP and modern encrypted messaging • Tor and anonymous communication • Privacy-respecting browsers (Tor, Firefox, Brave)

  3. What is privacy and why do we care? Various definitions of privacy: • Secrecy • Anonymity • Solitude Human rights and values: • Human dignity • Mental health • Intimacy/relationships Political and democratic values: • Liberty of action • Moral autonomy

  4. The “crypto wars”: a historical look • Crypto wars 1.0 • Late 1970s, • US government threatened legal sanctions on researchers who published papers about cryptography. • Threats to retroactively classify cryptography research. • Crypto wars 2.0 • 1990s • Main isssues: Export control and key escrow • Several legal challenges • Crypto wars 3.0 • Now • Snowden • Apple v. FBI • ...? • Calls for “balance”

  5. Reminder: US export controls on cryptography • Pre-1994: Encryption software requires individual export license as a munition. • 1994: US State Department amends ITAR regulations to allow export of approved software to approved countries without individual licenses. 40-bit symmetric cryptography was understood to be approved. • 1995: Netscape develops initial SSL protocol. Includes weakened “export” cipher suites. • 1996: Bernstein v. United States; California judge rules ITAR regulations are unconstitutional because “code is speech” • 1996: Cryptography regulation moved to Department of Commerce. • 1999: TLS 1.0 standardized. Includes weakened “export” cipher suites. • 2000: Department of Commerce loosens regulations on mass-market and open source software.

  6. Third-Party Service Providers ATT m m Alice Bob Communications/network service providers ( I SPs, Google, Facebook, etc.) can generally see all traffic or communications they handle.

  7. Legal Requests to Service Providers ATT m m 2703(d) m Alice Bob FBI Under the Stored Communications Act (1986), the US government can compel service providers to turn over customer communications. Only requires a subpoena for “ storage ” or communications held longer than 180 days.

  9. End-to-end encryption and service providers Enc k ( m ) , Enc pubBob ( k ) E n ATT c ( k m ) E n , c p u b B ( o b ) k Alice Bob If a message is end-to-end encrypted, the service provider may not have the plaintext.

  10. End-to-end encryption and service providers Enc k ( m ) , Enc pubBob ( k ) E n ATT c ( k m ) E n , c p u b B ( o b ) k t n a r r a w h c r a e s m Alice Bob FBI Law enforcement can always serve the customer with a search warrant for the decrypted communications.

  11. End-to-end encryption and service providers “Key escrow” or “backdoored encryption” Enc k ( m ) , Enc pubBob ( k ) E n ATT c ( k m ) E n , c p Enc pubFBI ( k ) u b ( B Enc pubFBI ( k ) o b ) k Enc k ( m ) subpoena Alice Bob FBI The US government has been asking service providers to design ways to overcome encryption for decades. Most reasonable proposals work something like this.

  12. Pretty Good Privacy (PGP) • Written by Phil Zimmermann in 1991 • Response to US Senate bill requiring crypto backdoors (didn ’ t pass) • Public key email encryption “ for the masses ” • Signatures, public key encryption, or sign+encrypt • Key management • Public keyservers • Web of trust: users sign other users ’ keys • Grand jury investigated Zimmermann 1993 – 1996 • No indictment issued, but was a subject for violating export controls • Fundamental insight: Knowledge about cryptography is public. I n theory citizens can circumvent government-mandated key escrow by implementing cryptography themselves.

  14. https://xkcd.com/364/ “Never bring tequila to a key-signing party.”

  15. PGP in the modern era • PGP was built before modern cryptographic protocol design was properly understood. • Numerous vulnerabilities • Outdated cipher choices • Doesn’t authenticate encryption with a MAC or authenticated encryption mode • Commercialized in the 90s, most recently developed by Symantec • GnuPGP and libgcrypt open source and quite widely used • 2005 paper on usability issues: “Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0” by Whitten and Tygar • Most experts unable to use PGP properly

  16. https://xkcd.com/1181/ “If you want to be extra safe, check that there’s a big block of jumbled characters at the bottom.”

  17. Message Encryption since PGP • For messaging, Signal, WhatsApp, or iMessage offer modern end-to-end encryption. • Modern protocols typically: • Use Di ffi e-Hellman to negotiate ephemeral keys • Use long-term authentication keys with out-of-band fi ngerprint veri fi cation • Offer “ forward secrecy”: • In theory, protects against key compromise at time t revealing plaintext of previous messages • If sender or recipient store plaintext, this is more likely point of compromise • Offer “deniability”: • Message recipient can verify message integrity without a third party being able to “cryptographically prove” that sender sent the message. • Cryptographically interesting, but likely legally irrelevant.

  18. Crypto Wars 2.0 In the current debates about government-mandated weakening of cryptography, there are two scenarios of interest: • Message encryption. • This is what we’ve talked about so far in lecture. • Storage encryption. • For example, unlocking iPhones. • This is what the Apple v. FBI case was about. In Apple v. FBI, the question was whether the government could compel Apple to break their own encryption mechanism with the All Writs Act. The government backed down and reportedly used a specialty consulting firm to unlock the phone.

  19. J f' J "SUBJECT DEVICE") pursuant to a warrant of this Court by providing 1 reasonable technical assistance to assist law enforcement agents in 2 obtaining access to the data on the SUBJECT DEVICE. 3 2. Apple's reasonable technical assistance shall accomplish 4 (1) it will bypass or the following three important functions: 5 disable the auto-erase function whether or not it has been enabled; 6 (2) it will enable the FBI to submit passcodes to the SUBJECT DEVICE 7 8 for testing electronically via the physical device port, Bluetooth, 9 Wi-Fi, or other protocol available on the SUBJECT DEVICE; and (3) it 10 will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully 11 introduce any additional delay between passcode attempts beyond what 12 13 is incurred by Apple hardware. 3. Apple's reasonable technical assistance may include, but is 14 not limited to: providing the FBI with a signed iPhone Software 15 file, recovery bundle, or other Software Image File ("SIF") that can 16 17 be loaded onto the SUBJECT DEVICE. The SIF will load and run from 18 Random Access Memory ("RAM") and will not modify the iOS on the 19 actual phone, the user data partition or system partition on the device's flash memory. The SIF will be coded by Apple with a unique 20 21 identifier of the phone so that the SIF would only load and execute 22 on the SUBJECT DEVICE. The SIF will be loaded via Device Firmware 23 Upgrade ("DFU") mode, recovery mode, or other applicable mode available to the FBI. Once active on the SUBJECT DEVICE, the SIF 24 will accomplish the three functions specified in paragraph 2. The 25 26 SIF will be loaded on the SUBJECT DEVICE at either a government 27 facility, or alternatively, at an Apple facility; if the latter, 28 , Apple shall provide the government with remote access to the SUBJECT 2

  20. Anonymity Michael Hayden, former NSA director: “We kill people based on metadata." • Long history of anonymous communication in US democracy • e.g. Revolutionary war anonymous political pamphlets Technical question: Is anonymous communication still feasible on the internet?

  21. “Anonymity” via tunneling or proxies proxy From: Anonymous e c i l A : m o r F Alice Bob A proxy can rewrite metadata. Examples: • Early “anonymous remailers” forwarded email. • VPN services allow users to tunnel tra ffi c

  22. “Anonymity” via tunneling or proxies proxy From: Anonymous e c i l A : m o r 2703(d) F Alice Alice Bob FBI One-hop proxies have a single point of failure, must see both sides of communication.

  23. Attempt to fix: Anonymous bulletin boards Post message encrypted to recipient in public; recipient tries to decrypt all messages. Bulletin board host still has metadata from visitors.

  24. Tor: Anonymous communication for TCP sessions Desired properties: • Network attacker watching client tra ffi c can ’ t see destination. • Destination server does not see client IP address. • Network nodes can ’ t link client and server. • Fast enough to support TCP streams and network applications. Current state: A nonpro fi t organization, active academic research, deployed around the world. Not perfect, but a building block.

  29. Tor also allows “anonymous” servers

  30. Tor also allows “anonymous” servers

  31. Tor also allows “anonymous” servers

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security Introducing Spring Security View layer security Whats coming in Spring Security 3 E-mail: craig@habuma.com Blog: http://www.springloaded.info

452 views • 19 slides
INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

ADVANCED COMPUTER SECURITY INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT IS SECURITY? A systems security policies describe What the system is supposed to do Store and provide access

479 views • 16 slides
Introduction to the Introduction to the Work of the Security Council Work of the Security

Introduction to the Introduction to the Work of the Security Council Work of the Security

Introduction to the Introduction to the Work of the Security Council Work of the Security Council Security Council Practices and Charter Research Branch Security Council Affairs Division Department of Political Affairs United Nations August

490 views • 28 slides
Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn

Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn

ITS335 Intro. to Security Concepts Threats, Attacks, Assets Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 2

965 views • 34 slides
Introduction to the Introduction to the Work of the Security Council Work of the Security

Introduction to the Introduction to the Work of the Security Council Work of the Security

Introduction to the Introduction to the Work of the Security Council Work of the Security Council Security Council Affairs Division Department of Political Affairs United Nations August 2013 Outline What is the Security Council?

189 views • 16 slides
Chapter7. Security 7.1 Introduction 7.2 Overview of security techniques 7.3 Cryptographic

Chapter7. Security 7.1 Introduction 7.2 Overview of security techniques 7.3 Cryptographic

Chapter7. Security 7.1 Introduction 7.2 Overview of security techniques 7.3 Cryptographic algorithms 7.4 Digital signatures 7.5 Cryptography pragmatics 7.1. Introduction Why need security mechanisms in DS? Share of resources

364 views • 24 slides
Confidentiality and disclosure Mohamed Sayed Saidngar@yahoo.com Introduction - Introduction to

Confidentiality and disclosure Mohamed Sayed Saidngar@yahoo.com Introduction - Introduction to

Confidentiality and disclosure Mohamed Sayed Saidngar@yahoo.com Introduction - Introduction to data security. - Security requirements. - Types of security threats. - Security risks. - Technologies and security solutions. Introduction

411 views • 37 slides
Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics WWW HTTP: Hyper Text Transfer Protocol HTTP Security HTML Protocol HTML Security

1.09k views • 74 slides
Advanced Systems Security: Introduction to OS Security Trent Jaeger Systems and Internet

Advanced Systems Security: Introduction to OS Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Introduction to OS Security Trent

770 views • 28 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them? Lecture 1 Page 1 CS 236 Online Why Is Security Necessary? Because people arent always nice Because a lot of

415 views • 25 slides
Preparing for the Unthinkable Cyber Security Chicago 2018 Agenda Introduction Security

Preparing for the Unthinkable Cyber Security Chicago 2018 Agenda Introduction Security

Preparing for the Unthinkable Cyber Security Chicago 2018 Agenda Introduction Security Landscape Meraki Security Demo Security Landscape The Growing Importance of Security MALWARE HAS RISEN BY MORE THAN 10X IN THE LAST YEAR 70% M ALW AR E

604 views • 35 slides
Com puter Security Last tim e Introduction Threat analysis Threats Introduction

Com puter Security Last tim e Introduction Threat analysis Threats Introduction

Com puter Security Last tim e Introduction Threat analysis Threats Introduction to access control Policy matrix Specification Design Implementation Operation and Maintenance Security in the Course Lectures

784 views • 40 slides
Software Defjned Networking Security Outline Introduction What is SDN? SDN attack

Software Defjned Networking Security Outline Introduction What is SDN? SDN attack

Software Defjned Networking Security Outline Introduction What is SDN? SDN attack surface Recent vulnerabilities Security response Defensive technologies Next steps Introduction Security nerd, recovering

790 views • 39 slides
Introduction to Security Attacks Services Mechanisms CSS441: Security and Cryptography

Introduction to Security Attacks Services Mechanisms CSS441: Security and Cryptography

CSS441 Introduction Concepts Architecture Introduction to Security Attacks Services Mechanisms CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20

678 views • 23 slides
ReAssert: Suggesting Repairs for Broken Unit Tests Brett Daniel Tihomir Gvero Danny Dig Vilas

ReAssert: Suggesting Repairs for Broken Unit Tests Brett Daniel Tihomir Gvero Danny Dig Vilas

ReAssert: Suggesting Repairs for Broken Unit Tests Brett Daniel Tihomir Gvero Danny Dig Vilas Jagannath Darko Marinov IBM Research Almaden. San Jose, CA. August 10, 2010 Google. Mountain View, CA. August 11, 2010 Passing Unit Tests

702 views • 58 slides
Functional abstraction Readings: HtDP , sections 21-24. Language level: Intermediate Student With

Functional abstraction Readings: HtDP , sections 21-24. Language level: Intermediate Student With

Functional abstraction Readings: HtDP , sections 21-24. Language level: Intermediate Student With Lambda Topics: Anonymous functions Syntax & semantics Example: Transforming strings Abstracting: Map Abstracting: Foldr Abstracting: Foldl

502 views • 27 slides
The presentation will start shortly COVID-19 Health Care Provider Briefing Middlesex and London

The presentation will start shortly COVID-19 Health Care Provider Briefing Middlesex and London

The presentation will start shortly COVID-19 Health Care Provider Briefing Middlesex and London Region September 29, 2020 Welcome Presenter: Dr. Alex Summers Associate Medical Officer of Health Middlesex-London Health Unit @alexsummers4

816 views • 20 slides
TESTING MONOTONICITY* ODED GOLDREICH , SHAFI GOLDWASSER , ERIC LEHMAN, DANA RON , ALEX

TESTING MONOTONICITY* ODED GOLDREICH , SHAFI GOLDWASSER , ERIC LEHMAN, DANA RON , ALEX

Combinatorica 20 (3) (2000) 301337 COMBINATORICA Bolyai Society Springer-Verlag TESTING MONOTONICITY* ODED GOLDREICH , SHAFI GOLDWASSER , ERIC LEHMAN, DANA RON , ALEX SAMORODNITSKY Received March 29, 1999 We present a

577 views • 37 slides
Security Risks to Third-Party Genetic Genealogy Services Peter Ney , Luis Ceze, Tadayoshi Kohno

Security Risks to Third-Party Genetic Genealogy Services Peter Ney , Luis Ceze, Tadayoshi Kohno

Security Risks to Third-Party Genetic Genealogy Services Peter Ney , Luis Ceze, Tadayoshi Kohno Direct-to-Consumer (DTC) Genetic Testing and Analysis DTC Testing Company Genetic Interpretation 23andMe Health, Ethnicity, Relative Prediction,

620 views • 34 slides
The Tor Project, Inc. Our mission is to be the global resource for technology, advocacy, research

The Tor Project, Inc. Our mission is to be the global resource for technology, advocacy, research

The Tor Project, Inc. Our mission is to be the global resource for technology, advocacy, research and education in the ongoing pursuit of freedom of speech, privacy rights online, and censorship circumvention. 1 Alice makes a session key with

741 views • 37 slides
Swiss cheese security or the real challenges faced by internet facing companies About me

Swiss cheese security or the real challenges faced by internet facing companies About me

Swiss cheese security or the real challenges faced by internet facing companies About me Almost 20 years in information security / hacking OWASP Project leader Latest research interests: Large scale RSA crypto survey

691 views • 49 slides
Whistle-Blowing 1 Whistleblowing Disclosure, using other than approved organizational

Whistle-Blowing 1 Whistleblowing Disclosure, using other than approved organizational

Whistle-Blowing 1 Whistleblowing Disclosure, using other than approved organizational channels, of wrongdoing to someone in a position to take action. disclosure: information intentionally conveyed channels: chain of command,

429 views • 12 slides

More recommend