theory and design of low latency anonymity systems
play

Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul - PowerPoint PPT Presentation

Aug 23, 2023 •38 likes •918 views

Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul Syverson U.S. Naval Research Laboratory syverson@itd.nrl.navy.mil http://www.syverson.org 1 Course Outline Lecture 1: Usage examples, basic notions of anonymity, types

  1. Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul Syverson U.S. Naval Research Laboratory syverson@itd.nrl.navy.mil http://www.syverson.org 1

  2. Course Outline Lecture 1: • Usage examples, basic notions of anonymity, types of anonymous comms systems • Crowds: Probabilistic anonymity, predecessor attacks Lecture 2: • Onion routing basics: simple demo of using Tor, network discovery, circuit construction, crypto, node types and exit policies • Economics, incentives, usability, network effects 2

  3. Course Outline Lecture 3: • Formalization and analysis, possibilistic and probabilistic definitions of anonymity • Hidden services: responder anonymity, predecessor attacks revisited, guard nodes Lecture 4: • Link attacks • Trust 3

  4. Preliminaries Lots of collaborators in what I am presenting. Some of the main ones, alphabetically: George Danezis, Roger Dingledine, Matt Edman, Joan Feigenbaum, Aaron Johnson, Nick Mathewson, Lasse Øverlier I try to remember to cite work of others as I go. Full citations should be in.... 4

  5. Preliminaries Book forthcoming in 2007. Full draft in 1-3 months. We would be happy to give a draft to any attendee of these lectures. Especially we would like to get your comments. Contact George or me if you want a copy. 5

  6. Preliminaries Please interrupt if you have questions, want clarification, etc. 6

  7. Preliminaries Please interrupt if you have questions, want clarification, etc. In bocca al lupo. 7

  8. Anonymous communications Technical Governmental/Social 1. What is it? 2. Why does it matter? 3. How do we build it? 8

  9. 1. What is anonymity anyway? 9

  10. Informally: anonymity means you can't tell who did what “Who wrote this blog post?” “Who's been viewing my webpages?” “Who's been emailing patent attorneys?” 10

  11. Formally: anonymity means indistinguishability within an “anonymity set” Alice1 Alice2 Attacker can't distinguish Alice3 which Alice is talking to Bob Alice4 Bob Alice5 Alice6 Alice7 Alice8 .... 11

  12. Formally: anonymity means indistinguishability within an “anonymity set” Alice1 Alice2 Attacker can't distinguish Alice3 which Alice is talking to Bob Alice4 Bob Alice5 Alice6 Alice7 Alice8 ....  Can't distinguish?  Basic anonymity set size  Probability distribution within anonymity set  .... 12

  13. We have to make some assumptions about what the attacker can do. Alice Anonymity network Bob watch Alice! watch (or be!) Bob! Control part of the network! Etc, etc. 13

  14. Anonymity isn't confidentiality: Encryption just protects contents. “Hi, Bob!” “Hi, Bob!” <gibberish> Alice attacker Bob 14

  15. Anonymity isn't steganography: Attacker can tell that Alice is talking; just not to whom. Bob1 Alice1 Anonymity network Alice2 Bob2 ... AliceN 15

  16. Anonymity isn't steganography: Attacker can tell that Alice is talking; just not to whom. Bob1 Alice1 Anonymity network Alice2 Bob2 ... AliceN Wrinkle: Alice may be trying to hide that she is talking to the anonymity network. 16

  17. Anonymity isn't just wishful thinking “You can't prove it was me!” “Promise you won't look!” “Promise you won't remember!” “Promise you won't tell!” “I didn't write my name on it!” “Isn't the Internet already anonymous?” 17

  18. Anonymity isn't just wishful thinking “You can't prove it was me!” Often statistical likelyhood matters more than legal proof . “Promise you won't look!” Will others have incentives & ability to keep promises? “Promise you won't remember!” Our goal is technical “Promise you won't tell!” protections without reliance on policy promises. Not what we're talking “I didn't write my name on it!” about. “Isn't the Internet already anonymous?” No! 18

  19. 2. Why does anonymity matter? 19

  20. Anonymity serves different interests for different user groups. Governments Businesses “It's traffic-analysis “It's network security!” resistance!” Anonymity “It's reachability and “It's privacy!” censorship circumvention!” Private citizens Human rights advocates 20

  21. Regular citizens don't want to be watched and tracked. “I sell the logs.” Blogger Hostile Bob Alice “Oops, I lost the logs.” 8-year-old Incompetent Bob Alice “Hey, they aren't Indifferent Bob Sick my secrets.” Alice .... Name, address, (the network can track too) age, friends, Consumer interests Alice (medical, financial, etc), unpopular opinions, Union illegal opinions.... member 21 Alice

  22. Many people don't get to see the internet that you can see... 22

  23. 23

  24. 24

  25. 25

  26. 26

  27. 27

  28. and they can't speak on the internet either... 28

  29. It's not only about dissidents in faraway lands 29

  30. Regular citizens don't want to be watched and tracked. “I look for you to Crime Stalker Bob do you harm.” Target Alice Human Censor/Blocker “I control your Rights Bob worldview and who Worker you talk to.” Alice “I imprison you for .... Name, address, seeing/saying the age, friends, wrong things.” Oppressed interests Alice (medical, financial, etc), unpopular opinions, illegal opinions.... 30

  31. Law enforcement needs anonymity to get the job done. Investigated “Why is alice.fbi.gov reading my website?” suspect “Why no, alice.localpolice.gov! Officer Sting I would never sell counterfeits on ebay!” Alice target “Is my family safe if I Organized go after these guys?” Crime Witness/informer “Are they really going to ensure Anonymous Alice my anonymity?” tips 31

  32. Businesses need to protect trade secrets... and their customers. “Oh, your employees are reading Competitor our patents/jobs page/product sheets?” “Hey, it's Alice! Give her the 'Alice' version!” Competitor “Wanna buy a list of Alice's suppliers? AliceCorp What about her customers? Compromised What about her engineering network department's favorite search terms?” Compromised/ “We attack Alice's customers with malicious malware, and watch for when she notices us.” hosts 32

  33. Governments need anonymity for their security “What will you bid for a list of Baghdad IP addresses that get email from .gov?” Untrusted ISP “What bid for the hotel room from which Agent someone just logged in to foo.navy.mil?” Alice Compromised “What does the CIA Google for?” service 33

  34. Aside: other benefits of an anonymity system Besides protecting affiliation, etc. can provide “poor man’s VPN”. Access to the internet despite • Network port policy disconnects • DNS failure 34

  35. Governments need anonymity for their security “Do I really want to reveal my internal network topology?” Shared network “Do I want all my partners to know extent/pattern of my comms with Coalition other partners?” member Hostile Alice “How can I establish network communication with locals without a trusted network?” Semitrusted “How can I avoid selective blocking of network my communications?” 35

  36. You can't be anonymous by yourself: private solutions are ineffective... Alice's small Citizen “One of the 25 ... anonymity net Alice users on AliceNet.” Officer Municipal Investigated Alice “Looks like a cop.” anonymity net suspect AliceCorp AliceCorp Competitor/ “It's somebody at anonymity net malware host AliceCorp!” 36

  37. ... so, anonymity loves company! Citizen “???” ... Alice Officer Investigated Alice Shared “???” suspect anonymity net AliceCorp Competitor “???” 37

  38. Don't bad people use anonymity? 38

  39. Current situation: Bad people on internet are doing fine Trojans Viruses Exploits Botnets Zombies Espionage Phishing DDoS Spam Extortion 39

  40. Giving good people a fighting chance -Resist DDoS -Reduce malware Anonymity Network -Resist -Encourage - Protect operations Identity Theft informants -Protect free speech and cyberstalking and -Freedom of access -Protect kids online analysts/operatives 40

  41. 3. How does anonymity work ? 41

  42. Dining Cryptographers 42

  43. Dining Cryptographers 43

  44. Dining Cryptographers H T T 44

  45. Dining Cryptographers B: Different H T T A: Different C: Same 45

  46. Dining Cryptographers B: Same (Lie) H T T A: Different (True) C: Same (True) Number of "Different"s odd: Signal 1 Number of "Different"s even: No Signal 0 46

  47. Dining Cryptographers (DC Nets)  Invented by Chaum, 1988  Strong provable properties  Versions without collision or abuse problems have high communication and computation overhead  Don't scale very well 47

  48. Mixes 48

  49. 49

  50. 50

  51. 51

  52. 52

  53. 53

  54. Mixes  Invented by Chaum 1981 (not counting ancient Athens)  As long as one mix is honest, network hides anonymity up to capacity of the mix  Sort of Flooding - Trickling -  Many variants Timed - Pool - ... 54 -

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research Laboratory syverson@itd.nrl.navy.mil http://www.syverson.org 1 Course Outline Lecture 1: Usage examples, basic notions of anonymity, types

611 views • 48 slides
Theory and Design of Low-latency Anonymity Systems (Lecture 3) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 3) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 3) Paul Syverson U.S. Naval Research Laboratory syverson@itd.nrl.navy.mil http://www.syverson.org 1 Reminders Paul, dont trail off in volume when speaking. Attendees, if Paul

1.43k views • 115 slides
Deployed Anonymity Networks: A brief history Nick Mathewson &lt;nickm@freehaven.net&gt; The

Deployed Anonymity Networks: A brief history Nick Mathewson &lt;nickm@freehaven.net&gt; The

Deployed Anonymity Networks: A brief history Nick Mathewson &lt;nickm@freehaven.net&gt; The Free Haven Project This presentation About me Introduction to anonymous communication High-latency networks Low-latency networks

792 views • 39 slides
The Design of Low-Latency Interfaces for Mixed-Timing Systems Tiberiu Chelcea and Steven M.

The Design of Low-Latency Interfaces for Mixed-Timing Systems Tiberiu Chelcea and Steven M.

The Design of Low-Latency Interfaces for Mixed-Timing Systems Tiberiu Chelcea and Steven M. Nowick Department of Computer Science Columbia University IEEE Workshop on Complexity-Effective Design (ISCA) May 26, 2002 Trends and Challenges

853 views • 83 slides
Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The

Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The

Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The Free Haven Project 1 Overview We design and deploy anonymity systems. Version 1: You guys are studying this in academia, and we're

684 views • 25 slides
The Benefits and Burdens of Nuclear Latency by Mehta and Whitlark Andrew Malandra Possible

The Benefits and Burdens of Nuclear Latency by Mehta and Whitlark Andrew Malandra Possible

The Benefits and Burdens of Nuclear Latency by Mehta and Whitlark Andrew Malandra Possible Effects of Latency The Background Virtual Deterrence Latency Provocation Theory Theory You cant deter challengers Essentially its the

273 views • 24 slides
Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Database Management Course Content Systems Introduction Database Design Theory

Database Management Course Content Systems Introduction Database Design Theory

Database Management Course Content Systems Introduction Database Design Theory Query Processing and Optimisation Winter 2003 Concurrency Control Data Base Recovery and Security CMPUT 391: Database Design Theory

256 views • 15 slides
Bibliography on Synchronous Elastic (aka Latency Insensitive) Systems July 20, 2009 Latency

Bibliography on Synchronous Elastic (aka Latency Insensitive) Systems July 20, 2009 Latency

Bibliography on Synchronous Elastic (aka Latency Insensitive) Systems July 20, 2009 Latency insensitive designs [CMSV01,CSV02,CSV03,CM04,BMdS06a,Sve04,VA09] SELF implementation and compilation to elastic designs [CKG06,CK07,HB08] Interlock

313 views • 5 slides
Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity, t-Closeness CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1

647 views • 61 slides
Design Innovation in Complex Systems Design: Integrating Design Thinking and Systems Thinking

Design Innovation in Complex Systems Design: Integrating Design Thinking and Systems Thinking

ASME International Design Engineering Technical Conference, Design Theory and Methodology (DTM) Conference, Presentation and Extended Abstract, 52938, August 2020. Design Innovation in Complex Systems Design: Integrating Design Thinking and

646 views • 5 slides
but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

Not all is lost for anonymity but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 ETH Zurich 1 Sender Anonymity

551 views • 44 slides
Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how often, and how much data is

764 views • 54 slides
Run-time interrupts latency detection in real-time systems Julien Desfossez Michel Dagenais

Run-time interrupts latency detection in real-time systems Julien Desfossez Michel Dagenais

Run-time interrupts latency detection in real-time systems Julien Desfossez Michel Dagenais December 2015 cole Polytechnique de Montreal Latency-tracker Kernel module to track down latency problems at run-time Simple API that can be

686 views • 16 slides
Spiral Content Mapping Combinational Sequential System Level Implementation Spiral Theory

Spiral Content Mapping Combinational Sequential System Level Implementation Spiral Theory

2-1.1 2-1.2 Spiral Content Mapping Combinational Sequential System Level Implementation Spiral Theory Project Design Design Design and Tools Performance Decoders and Structural Verilog 1 metrics (latency muxes

742 views • 15 slides
Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs

Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs

Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs Bryan Ford Stanford Yale ACM Workshop on Privacy in the Electronic Society 4 November 2013 New Anonymity Systems Have a

563 views • 27 slides
Algorithms for NLP IITP, Fall 2019 Lecture 25: Computational Ethics Yulia Tsvetkov 1 Tsvetkov

Algorithms for NLP IITP, Fall 2019 Lecture 25: Computational Ethics Yulia Tsvetkov 1 Tsvetkov

Algorithms for NLP IITP, Fall 2019 Lecture 25: Computational Ethics Yulia Tsvetkov 1 Tsvetkov Socially Responsible NLP What NLP Has To Do With Ethics? Applications Machine Translation Information Retrieval Question

1.35k views • 89 slides
Recommending and Targeting Gabrielle Demange Paris School of Economics July 9, 2015 Gabrielle

Recommending and Targeting Gabrielle Demange Paris School of Economics July 9, 2015 Gabrielle

Recommending and Targeting Gabrielle Demange Paris School of Economics July 9, 2015 Gabrielle Demange (PSE-EHESS) Recommending and targeting 1 / 48 What ? a single item, a set of items, an ordered set (PageRank) Who ? who recommends ? who

754 views • 53 slides
Comp 790-058 : Multi-Agent Simulation for Crowds &amp; Autonomous Driving Sahil Narang &amp;

Comp 790-058 : Multi-Agent Simulation for Crowds &amp; Autonomous Driving Sahil Narang &amp;

Comp 790-058 : Multi-Agent Simulation for Crowds &amp; Autonomous Driving Sahil Narang &amp; Andrew Best August 22, 2017 University of North Carolina at Chapel Hill University of North Carolina at Chapel Hill University of North Carolina at

1.04k views • 76 slides
Special Classes of Homogeneous Semilocal Rings Corner Rings Susan F. El-Deken Mathematics

Special Classes of Homogeneous Semilocal Rings Corner Rings Susan F. El-Deken Mathematics

Special Classes of Homogeneous Semilocal Rings Corner Rings Susan F. El-Deken Mathematics Department Faculty of Science Helwan University, Cairo, Egypt Groups, Rings, Associated Structures Spa, Belgium, 13 June, 2019 Basic defjnitions

522 views • 23 slides
Irish Funds Distribution Workshop 18 May 2018 2 irishfunds.ie Kindly hosted by: irishfunds.ie

Irish Funds Distribution Workshop 18 May 2018 2 irishfunds.ie Kindly hosted by: irishfunds.ie

Irish Funds Distribution Workshop 18 May 2018 2 irishfunds.ie Kindly hosted by: irishfunds.ie Wi-Fi Internet Access Username: Guest Password: mathesonwifi Sli.do Audience Interaction www.slido.com #IFDist18 irishfunds.ie Welcome Address

789 views • 55 slides
Dirk Helbing (ETH Zurich) New science and technology to understand and manage our complex world

Dirk Helbing (ETH Zurich) New science and technology to understand and manage our complex world

Global Participatory Computing for Our Complex World Dirk Helbing (ETH Zurich) New science and technology to understand and manage our complex world in a more sustainable and resilient way What It Means to Live in an Information Age

808 views • 61 slides
Notes for the lecture on development aid The paper on the curriculum covers a lot of stu ff but is

Notes for the lecture on development aid The paper on the curriculum covers a lot of stu ff but is

Notes for the lecture on development aid The paper on the curriculum covers a lot of stu ff but is a bit flu ff y and is not very analytic, but serves well as background reading. This note will be a bit more focused. Development Aid;

516 views • 13 slides
Crowdsourcing for Information Retrieval Experimentation and Evaluation Omar Alonso Microsoft 20

Crowdsourcing for Information Retrieval Experimentation and Evaluation Omar Alonso Microsoft 20

Crowdsourcing for Information Retrieval Experimentation and Evaluation Omar Alonso Microsoft 20 September 2011 CLEF 2011 Disclaimer The views, opinions, positions, or strategies expressed in this talk are mine and do not necessarily reflect

1.23k views • 50 slides

More recommend