how to bootstrap anonymous communication
play

How to Bootstrap Anonymous Communication Sune K. Jakobsen 1 Claudio - PowerPoint PPT Presentation

Mar 14, 2024 •207 likes •561 views

How to Bootstrap Anonymous Communication Sune K. Jakobsen 1 Claudio Orlandi 2 1 Queen Mary, University of London 2 Aarhus University January 16, 2016 How can you get anonymity? Contact a journalist or publisher, and tell them you want to be

  1. How to Bootstrap Anonymous Communication Sune K. Jakobsen 1 Claudio Orlandi 2 1 Queen Mary, University of London 2 Aarhus University January 16, 2016

  2. How can you get anonymity? Contact a journalist or publisher, and tell them you want to be anonymous.

  3. How can you get anonymity? Contact a journalist or publisher, and tell them you want to be anonymous. Use Tor network. Here your message will go through 3 different servers, before it is sent to the recipient.

  4. How can you get anonymity? Contact a journalist or publisher, and tell them you want to be anonymous. Use Tor network. Here your message will go through 3 different servers, before it is sent to the recipient. Use SecureDrop. A hidden service on Tor that media can host.

  5. How can you get anonymity? Contact a journalist or publisher, and tell them you want to be anonymous. Use Tor network. Here your message will go through 3 different servers, before it is sent to the recipient. Use SecureDrop. A hidden service on Tor that media can host. Other suggestions: Vuvuzela, Riposte, Dissent, cMix/Privategrity.

  6. What if no one can help you? If anonymous communication is banned, these method are not going to work anymore.

  7. What if no one can help you? If anonymous communication is banned, these method are not going to work anymore. What can you do if no one will help you?

  8. What if no one can help you? If anonymous communication is banned, these method are not going to work anymore. What can you do if no one will help you? Cryptogenography: Without assumption on the computational power of the adversary, many people can each reveal 3 . 1 bits while keeping 5 % ’s doubt about who is leaking.

  9. What if no one can help you? If anonymous communication is banned, these method are not going to work anymore. What can you do if no one will help you? Cryptogenography: Without assumption on the computational power of the adversary, many people can each reveal 3 . 1 bits while keeping 5 % ’s doubt about who is leaking. What can we do if the adversary has bounded computational power?

  10. Problem One person, Lea, has some information x she wants to reveal to a journalist Joe.

  11. Problem One person, Lea, has some information x she wants to reveal to a journalist Joe. She do not want Joe to learn that the information came from her.

  12. Problem One person, Lea, has some information x she wants to reveal to a journalist Joe. She do not want Joe to learn that the information came from her. She can publish files on a site where other people publish files, e.g. Instagram or YouTube.

  13. Problem One person, Lea, has some information x she wants to reveal to a journalist Joe. She do not want Joe to learn that the information came from her. She can publish files on a site where other people publish files, e.g. Instagram or YouTube. We assume that she has access to a limited anonymous channel.

  14. Problem One person, Lea, has some information x she wants to reveal to a journalist Joe. She do not want Joe to learn that the information came from her. She can publish files on a site where other people publish files, e.g. Instagram or YouTube. We assume that she has access to a limited anonymous channel. Can she send x to Joe, if x has more bits than what she can send over the channel?

  15. Steganography Steganography means concealed writing. Unlike cryptography, steganography hides the fact that there is a secret message.

  16. Steganography Steganography means concealed writing. Unlike cryptography, steganography hides the fact that there is a secret message. This is used by Message in a Bottle. [Invernizzi-Kruegel-Giovanni 2013]

  17. Anonymous Steganography Scheme . . . Alice Lea Bob Joe Lea uses an algorithm Gen to generate a key ek , and then use the key to generate a random looking string c ← Enc ek ( x ) . This string is then embedded into a picture using steganography.

  18. Anonymous Steganography Scheme . . . Alice Lea Bob Joe Everyone uploads a picture. Lea uploads a picture with c embedded.

  19. Anonymous Steganography Scheme . . . Alice Lea Bob Joe We want Joe to be able to extract x using an algorithm Dec ( t ) . However, if he could do this independently of the other pictures, he could figure out who sent x .

  20. Anonymous Steganography Scheme . . . Alice Lea Bob Joe To avoid this, we have to ensure that Joe can only use Dec on the entire transcript t . We let Lea generate a key dk ← KeyEx ek ( t , i ) . Now Lea sends dk over the anonymous channel. Joe computes x ′ ← Dec dk ( t ) .

  21. Anonymous Steganogarphy Scheme An anonymous steganography scheme it a tuple ( Gen , Enc , KeyEx , Dec ) with ek ← Gen ( 1 λ ) c ← Enc ek ( x ) dk ← KeyEx ek ( t , i ) x ′ = Dec dk ( t ) which achieves correctness , compactness ( | dk | < | x | ) and is anonymous (next slide).

  22. Anonymity Challenger Adversary x , i 0 , i 1 b ← { 0 , 1 } ek ← Gen ( λ ) t i b ← Enc ek ( x ) t i 0 , t i 1 t i 1 − b ← { 0 , 1 } l t 1 , t 2 , . . . , t n dk ← KeyEx ek ( i b , t ) dk Guess b

  23. Results Theorem Assuming the existence of homomorphic encryption and indistinguishability obfuscators for all polynomially sized circuits, there exist an anonymous steganography scheme.

  24. Results Theorem Assuming the existence of homomorphic encryption and indistinguishability obfuscators for all polynomially sized circuits, there exist an anonymous steganography scheme. Theorem Any anonymous steganography scheme must have dk of length more than O ( log ( λ ))

  25. Results Theorem Assuming the existence of homomorphic encryption and indistinguishability obfuscators for all polynomially sized circuits, there exist an anonymous steganography scheme. Theorem Any anonymous steganography scheme must have dk of length more than O ( log ( λ )) The lower bound holds even if we only require polynomially small probability of success, and allow the leaker to send multiple messages.

  26. Construction, sketch Each c j = t j i is an encryption of x j .

  27. Construction, sketch Each c j = t j i is an encryption of x j . dk contains a homomorphic encryption of i .

  28. Construction, sketch Each c j = t j i is an encryption of x j . dk contains a homomorphic encryption of i . For each j Joe can compute an encryption of t j i , without knowing i .

  29. Construction, sketch Each c j = t j i is an encryption of x j . dk contains a homomorphic encryption of i . For each j Joe can compute an encryption of t j i , without knowing i . If Joe only got this information he could use a vector commitment scheme to commit to these encryptions.

  30. Construction, sketch Each c j = t j i is an encryption of x j . dk contains a homomorphic encryption of i . For each j Joe can compute an encryption of t j i , without knowing i . If Joe only got this information he could use a vector commitment scheme to commit to these encryptions. Lea can also make these computations, and build a circuit that takes as input j , an encryption of t j i and a correct opening, and decrypts to x j .

  31. Construction, sketch Each c j = t j i is an encryption of x j . dk contains a homomorphic encryption of i . For each j Joe can compute an encryption of t j i , without knowing i . If Joe only got this information he could use a vector commitment scheme to commit to these encryptions. Lea can also make these computations, and build a circuit that takes as input j , an encryption of t j i and a correct opening, and decrypts to x j . Lea includes an obfuscation of this circuit in dk and send it all to Joe at the same time.

  32. Construction, sketch Each c j = t j i is an encryption of x j . dk contains a homomorphic encryption of i . For each j Joe can compute an encryption of t j i , without knowing i . If Joe only got this information he could use a vector commitment scheme to commit to these encryptions. Lea can also make these computations, and build a circuit that takes as input j , an encryption of t j i and a correct opening, and decrypts to x j . Lea includes an obfuscation of this circuit in dk and send it all to Joe at the same time. To make the proof work, you need to have two independent encryptions of i and use a somewhere statistically binding vector commitment scheme [Hubᢠcek-Wichs 2015] .

  33. Open problems Can we make an anonymous steganography scheme without use indistinguishability obfuscation? Can the leaker avoid downloading all the uploaded files, and instead use a hash of the files?

  34. Questions?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Attacks on Structured Peer-to-Peer Anonymous Communication Systems Theresa Enghardt

Attacks on Structured Peer-to-Peer Anonymous Communication Systems Theresa Enghardt

Motivation Anonymous Communication NISAN Torsk Conclusion Attacks on Structured Peer-to-Peer Anonymous Communication Systems Theresa Enghardt theri@mailbox.tu-berlin.de Seminar Computer Security Technische Universitt Berlin 28 July 2011

390 views • 17 slides
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner May 2,

Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner May 2,

Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner May 2, 2013 oday Goals For T State-sponsored adversaries Anonymous communication Internet censorship State-Sponsored Adversaries Anonymous

974 views • 58 slides
Do dummies pay off? Limits of dummy traffic protection in anonymous communication systems Simon

Do dummies pay off? Limits of dummy traffic protection in anonymous communication systems Simon

Do dummies pay off? Limits of dummy traffic protection in anonymous communication systems Simon Oya , Carmela Troncoso and Fernando Prez-Gonzlez Introduction Anonymous channels hide correspondences (input/output). Dummies are a common

402 views • 18 slides
1 Get Started 2 3 Web Application Development What is Bootstrap? Bootstrap is a free

1 Get Started 2 3 Web Application Development What is Bootstrap? Bootstrap is a free

1 Get Started 2 3 Web Application Development What is Bootstrap? Bootstrap is a free front-end framework for faster and easier web development Bootstrap includes HTML and CSS based design templates for typography, forms, buttons,

1.19k views • 84 slides
DISSENT: Accountable, Anonymous Communication Joan Feigenbaum

DISSENT: Accountable, Anonymous Communication Joan Feigenbaum

DISSENT: Accountable, Anonymous Communication Joan Feigenbaum http://www.cs.yale.edu/homes/jf/ Joint work with Bryan Ford (PI), Henry Corrigan Gibbs, Ramakrishna Gummadi, Aaron

802 views • 59 slides
K-anonymous algorithm in protecting privacy in social communication networks Jiacheng Wang

K-anonymous algorithm in protecting privacy in social communication networks Jiacheng Wang

K-anonymous algorithm in protecting privacy in social communication networks Jiacheng Wang 515030910412 ABSTRACT The rapid development of social communication network has increased the risk in privacy protection, the association between people has

385 views • 4 slides
Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine The Free Haven Project http://tor.eff.org/ April 12, CFP 2005 Talk Outline Motivation: Why anonymous communication? Myth 1: This is only for privacy

488 views • 33 slides
PET PhD Course 2012 SWITS The Smart Grid and Anonymous Communication Mechanisms Leonardo

PET PhD Course 2012 SWITS The Smart Grid and Anonymous Communication Mechanisms Leonardo

PET PhD Course 2012 SWITS The Smart Grid and Anonymous Communication Mechanisms Leonardo Martucci Security and Networks Group, ADIT Department of Computer and Information Science About me EE Degree (95-00) + Master in EE (00-02)

625 views • 33 slides
A better Bootstrap, Mack, and the ELRF and PTF modelling Frameworks Bootstrap technique- a

A better Bootstrap, Mack, and the ELRF and PTF modelling Frameworks Bootstrap technique- a

A better Bootstrap, Mack, and the ELRF and PTF modelling Frameworks Bootstrap technique- a powerful diagnostic tool for testing a model; The Bootstrap is a technique not a model; When is the Bootstrap technique needed or necessary?

959 views • 56 slides
Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven

Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven Project Electronic Frontier Foundation http://tor.eff.org/ 17 September 2005 Talk Outline Motivation: Why anonymous communication? Myth 1:

703 views • 47 slides
Anonymous Communication Martijn Terpstra &amp; Max Tijssen Introduction 1. Definition of

Anonymous Communication Martijn Terpstra &amp; Max Tijssen Introduction 1. Definition of

Anonymous Communication Martijn Terpstra &amp; Max Tijssen Introduction 1. Definition of anonymity 2. Reasons 3. Problems 4. Legal issues and implications 5. PETs 6. Crowds 7. I2P Definition of anonymity The state or quality

607 views • 36 slides
Lecture 21: Bootstrap and Permutation Tests The bootstrap Bootstrapping generally refers to

Lecture 21: Bootstrap and Permutation Tests The bootstrap Bootstrapping generally refers to

Mathematical Tools for Neuroscience (NEU 314) Princeton University, Spring 2016 Jonathan Pillow Lecture 21: Bootstrap and Permutation Tests The bootstrap Bootstrapping generally refers to statistical approach to quantifying uncertainty by

345 views • 3 slides
Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work

Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work

Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work with Ben Kreuter, Tancrde Lepoint, Mariana Raykova ia.cr/2020/072 1 Definition Anonymous tokens are lightweight, single-use anonymous credentials.

657 views • 61 slides
Anonymous Communication: DC-nets, Crowds, Onion Routing Simone Fischer-Hbner PETs PhD course

Anonymous Communication: DC-nets, Crowds, Onion Routing Simone Fischer-Hbner PETs PhD course

Anonymous Communication: DC-nets, Crowds, Onion Routing Simone Fischer-Hbner PETs PhD course Spring 2012 DC (Dining Cryptographers) nets [Chaum 1988 ] Chaum, CACM 28 (10), October 1985 Who paid for the Dinner (anonymously)? (I) n Equal

857 views • 37 slides
Unit 4: Inference for numerical variables Lecture 1: Bootstrap, paired, and two sample Statistics

Unit 4: Inference for numerical variables Lecture 1: Bootstrap, paired, and two sample Statistics

Unit 4: Inference for numerical variables Lecture 1: Bootstrap, paired, and two sample Statistics 101 Thomas Leininger June 4, 2013 Bootstrap &amp; Randomization testing Rent in Durham - bootstrap interval The dot plot below shows the

387 views • 27 slides
Bootstrap Shan-Hung Wu CS, NTHU Landing Page HTML/CSS taught so far Bootstrap 4 (alpha

Bootstrap Shan-Hung Wu CS, NTHU Landing Page HTML/CSS taught so far Bootstrap 4 (alpha

Bootstrap Shan-Hung Wu CS, NTHU Landing Page HTML/CSS taught so far Bootstrap 4 (alpha 6) for the responsive grid layout and components Font Awesome for vector icons Balsamiq Mockups for UI mockups Google Forms for user

933 views • 43 slides
Steganography Alex Toumazis Friday, 4 December 2009 History Herodotus - wax tablets, slave

Steganography Alex Toumazis Friday, 4 December 2009 History Herodotus - wax tablets, slave

Steganography Alex Toumazis Friday, 4 December 2009 History Herodotus - wax tablets, slave heads WWI - microdots, invisible ink Vietnam - morse code blinks Friday, 4 December 2009 Users Military - e.g. spread spectrum/frequency

743 views • 35 slides
Steganalysis by Ensemble Classifiers with Boosting by Regression, and Post-Selection of Features

Steganalysis by Ensemble Classifiers with Boosting by Regression, and Post-Selection of Features

Steganalysis by Ensemble Classifiers - Marc Chaumont - ICIP2012 Steganalysis by Ensemble Classifiers with Boosting by Regression, and Post-Selection of Features Marc Chaumont, Sarra Kouider LIRMM, Montpellier, France October 2, 2012 IEEE

376 views • 26 slides
Mobile VoIP Steganography From Framework to Implementation Marcus Nutzinger Rainer Poisel

Mobile VoIP Steganography From Framework to Implementation Marcus Nutzinger Rainer Poisel

Mobile VoIP Steganography From Framework to Implementation Marcus Nutzinger Rainer Poisel Jrgen Wurzer Institute of IT Security Research St. Plten University of Applied Sciences DeepSec 2010 November 25 th 2010 Mobile VoIP Steganography

528 views • 27 slides
Image Forensics and Steganalysis (Hans) Georg Schaathun Department of Computing University of

Image Forensics and Steganalysis (Hans) Georg Schaathun Department of Computing University of

Image Forensics and Steganalysis (Hans) Georg Schaathun Department of Computing University of Surrey 26 June 2009 (Hans) Georg Schaathun Image Forensics and Steganalysis 26 June 2009 1 / 47 Outline Examples 1 Tampering Different

1.15k views • 86 slides
A Comprehensive Bibliography of Linguistic Steganography Richard Bergmair Univ. of Cambridge

A Comprehensive Bibliography of Linguistic Steganography Richard Bergmair Univ. of Cambridge

A Comprehensive Bibliography of Linguistic Steganography Richard Bergmair Univ. of Cambridge Computer Lab talk presented by Mercan Topkara Purdue CERIAS Number of Publications year num year num 1992 1 2002 3 1995 1 2003 2 1997 2

203 views • 9 slides
DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A.

DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A.

DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A. Gondree, and Zachary N. J. Peterson. In NDSS'15 Presented by Fengwei Zhang Wayne State University CSC 6991 Topics in Computer Security 1

695 views • 20 slides
AN ANDR DROID OID S SECU CURE RE C COM OMMUNICATION UNICATION SYSTE TEM M U USING

AN ANDR DROID OID S SECU CURE RE C COM OMMUNICATION UNICATION SYSTE TEM M U USING

AN ANDR DROID OID S SECU CURE RE C COM OMMUNICATION UNICATION SYSTE TEM M U USING NG S STE TEGAN ANOGRAPH OGRAPHY Kleona Binjaku Elinda Kajo Mee DAAD Workshop &quot;Cooperation at Academic Informatics Education across

972 views • 23 slides
Welcome! Welcome! Welcome! Welcome! What will happen today? What will happen today? Lecture

Welcome! Welcome! Welcome! Welcome! What will happen today? What will happen today? Lecture

th January 2008 20 th 20 January 2008 University College London University College London Welcome! Welcome! Welcome! Welcome! What will happen today? What will happen today? Lecture Lecture - - bear with us, will start in a minute!

500 views • 31 slides

More recommend