traceback for end to end encrypted messaging
play

Traceback for End-to-End Encrypted Messaging Nirvan Tyagi Ian - PowerPoint PPT Presentation

Oct 16, 2022 •284 likes •1.03k views

Traceback for End-to-End Encrypted Messaging Nirvan Tyagi Ian Miers Tom Ristenpart CCS 2019 1 Setting: End-to-end encrypted (E2EE) messaging Hello Alice Bob Platform 2 Setting: End-to-end encrypted (E2EE) messaging Hello > 2

  1. Traceback for End-to-End Encrypted Messaging Nirvan Tyagi Ian Miers Tom Ristenpart CCS 2019 1

  2. Setting: End-to-end encrypted (E2EE) messaging Hello Alice Bob Platform 2

  3. Setting: End-to-end encrypted (E2EE) messaging Hello > 2 billion users Alice Bob Platform 3

  4. Problem: Viral forwarding of misinformation in E2EE messaging 4

  5. Problem: Viral forwarding of misinformation in E2EE messaging 5

  6. Content moderation for user-driven reports Moderation decision Action taken on User submits report based on content relevant parties 6

  7. Content moderation for user-driven reports Moderation decision Action taken on User submits report based on content relevant parties Combination of machine learning and human review 7

  8. Content moderation for user-driven reports Moderation decision Action taken on User submits report based on content relevant parties Combination of Ban fake/troll accounts machine learning and injecting misinformation human review into network Notify users that have previously shared or received misinformation 8

  9. Content moderation for user-driven reports Moderation decision Action taken on User submits report based on content relevant parties Combination of Ban fake/troll accounts machine learning and injecting misinformation human review into network Report must provide enough information to execute the Notify users that have following steps previously shared or received misinformation 9

  10. E2EE hides information useful for content moderation of misinformation 10

  11. E2EE hides information useful for content moderation of misinformation - Platform doesn’t see message content Message content is encrypted! 11

  12. E2EE hides information useful for content moderation of misinformation - Platform doesn’t see message content - Platform doesn’t see forwarding relationships Message content is encrypted! 12

  13. E2EE hides information useful for content moderation of misinformation - Platform doesn’t see message content - Platform doesn’t see forwarding relationships Forwarding traffic is muddled by other users and other messages Message content is encrypted! 13

  14. [TMR CCS’19] This work: Tracing in E2EE messaging - Message tracing : new cryptographic functionality for user-driven reporting of forwards in E2EE messaging - Path traceback: chain of messages from source to reporter - Tree traceback: entire forwarding tree of messages originating from source Moderation decision Action taken on User submits report based on content relevant parties 14

  15. [TMR CCS’19] This work: Tracing in E2EE messaging - Message tracing : new cryptographic functionality for user-driven reporting of forwards in E2EE messaging - Path traceback: chain of messages from source to reporter - Tree traceback: entire forwarding tree of messages originating from source - Formal confidentiality and accountability security notions for tracing - Implementation and evaluation of practicality Moderation decision Action taken on User submits report based on content relevant parties 15

  16. Prior work: Abuse reporting in E2EE messaging Message franking [FB white paper ’17], [GLR CRYPTO’17], [DGRW CRYPTO’18] 16

  17. Prior work: Abuse reporting in E2EE messaging Message franking [FB white paper ’17], [GLR CRYPTO’17], [DGRW CRYPTO’18] User reports received message to platform ! 17

  18. Prior work: Abuse reporting in E2EE messaging Message franking [FB white paper ’17], [GLR CRYPTO’17], [DGRW CRYPTO’18] User reports received message to platform ! m 18

  19. Prior work: Abuse reporting in E2EE messaging Message franking [FB white paper ’17], [GLR CRYPTO’17], [DGRW CRYPTO’18] Platform learns message and sender, but nothing more about where message came from or where it reached User reports received message to platform ! m 19

  20. [TMR CCS’19] This work: Tracing in E2EE messaging User reports received message to platform ! 20

  21. [TMR CCS’19] This work: Tracing in E2EE messaging - Two constructions for message tracing - Path traceback User reports received message to platform ! m 21

  22. [TMR CCS’19] This work: Tracing in E2EE messaging - Two constructions for message tracing - Path traceback - Tree traceback User reports received message to platform ! m 22

  23. Goal: Act like standard E2EE messaging before report 23

  24. Goal: Act like standard E2EE messaging before report Before report Platform view : encrypted content and metadata (participants, length, and timing) 24

  25. Goal: Act like standard E2EE messaging before report Before report Platform view : encrypted content and metadata (participants, length, and timing) User view : messages they receive or send 25

  26. Goal: Act like standard E2EE messaging before report Before report Platform view : encrypted content and metadata (participants, length, and timing) User view : messages they receive or send m m m User shouldn’t learn forwarding info of received messages 26

  27. Goal: Act like standard E2EE messaging before report Before report Platform view : encrypted content and metadata (participants, length, and timing) User view : messages they receive or send m m ? m User shouldn’t learn forwarding info of received messages 27

  28. Goal: Reveal limited information after report 28

  29. Goal: Reveal limited information after report After report Platform view : message content and forward links of traceback target (e.g. path, tree) ! m 29

  30. Goal: Report consists of accurate information ! m 30

  31. Goal: Report consists of accurate information Trace accountability An honest user cannot be framed for an action they didn’t perform ! m 31

  32. Goal: Report consists of accurate information Trace accountability An honest user cannot be framed for an action they didn’t perform ! m Malicious user can partition trace, but will be blamed as source 32

  33. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie 33

  34. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m E2EE channel 34

  35. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m E2EE channel - E2EE channel that is decoupled from message tracing 35

  36. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m E2EE channel k AB “tracing” key - E2EE channel that is decoupled from message tracing - Unique per-message “tracing” key shared between communication partners 36

  37. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB E2EE channel k AB k AB “tracing” key - E2EE channel that is decoupled from message tracing - Unique per-message “tracing” key shared between communication partners 37

  38. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB E2EE channel k Ø k AB k AB “null pointer” key randomly generated 38

  39. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB E2EE channel k Ø k AB ct AB = Enc( k AB , k Ø ) k AB id AB = F( k AB , m ) 39

  40. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB E2EE channel k Ø k AB ct AB = Enc( k AB , k Ø ) k AB id AB = F( k AB , m ) “encrypted pointer” 40

  41. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB E2EE channel k Ø k AB ct AB = Enc( k AB , k Ø ) k AB id AB = F( k AB , m ) “encrypted pointer” PRF that is also CR (e.g., HMAC) 41

  42. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB E2EE channel k Ø k AB ct AB = Enc( k AB , k Ø ) k AB id AB = F( k AB , m ) Table stored on platform id AB ct AB 42

  43. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB E2EE channel k Ø id AB k AB ct AB = Enc( k AB , k Ø ) k AB id AB = F( k AB , m ) Table stored on platform id AB ct AB 43

  44. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB m E2EE channel k Ø id AB id BC k AB ct AB = Enc( k AB , k Ø ) ct BC = Enc( k BC , k AB ) k AB id AB = F( k AB , m ) id BC = F( k BC , m ) k BC k BC Table stored on platform id AB ct AB id BC ct BC 44

  45. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie m k AB m E2EE channel k Ø id AB id BC k AB ct AB = Enc( k AB , k Ø ) ct BC = Enc( k BC , k AB ) k AB id AB = F( k AB , m ) id BC = F( k BC , m ) k BC k BC Table stored on platform id AB ct AB id BC ct BC 45

  46. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie ! m k AB m E2EE channel k BC m k Ø id AB id BC k AB ct AB = Enc( k AB , k Ø ) ct BC = Enc( k BC , k AB ) k AB id AB = F( k AB , m ) id BC = F( k BC , m ) k BC k BC Table stored on platform id AB ct AB id BC ct BC 46

  47. Path traceback Idea: Linked list of encrypted pointers A lice B ob C harlie ! m k AB m E2EE channel k BC m k Ø id AB id BC k AB ct AB = Enc( k AB , k Ø ) ct BC = Enc( k BC , k AB ) k AB id AB = F( k AB , m ) id BC = F( k BC , m ) k BC k BC Table stored on platform id AB ct AB id BC ct BC F( k BC , m) 47

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

in Group Messaging: Computational, Statistical, Optimal Lior Rotem Gil Segev Hebrew University

in Group Messaging: Computational, Statistical, Optimal Lior Rotem Gil Segev Hebrew University

Out-of-Band Authentication in Group Messaging: Computational, Statistical, Optimal Lior Rotem Gil Segev Hebrew University Messaging is Popular 2 Major Effort: E2E-Encrypted Messaging Government surveillance and/or coercion

585 views • 40 slides
Out-of-Band Authentication in Group Messaging: Computational, Statistical, Optimal

Out-of-Band Authentication in Group Messaging: Computational, Statistical, Optimal

Out-of-Band Authentication in Group Messaging: Computational, Statistical, Optimal Computational, Statistical, Optimal Lior Rotem Gil Segev Hebrew University Major Effort: E2E-Encrypted Messaging Government surveillance and/or coercion

577 views • 32 slides
A Network Coding Approach A Network Coding Approach to IP Traceback Pegah Sattari, Minas Gjokas,

A Network Coding Approach A Network Coding Approach to IP Traceback Pegah Sattari, Minas Gjokas,

A Network Coding Approach A Network Coding Approach to IP Traceback Pegah Sattari, Minas Gjokas, Athina Markopoulou EECS, UC Irvine Outline Outline o Background on Traceback o Background on Traceback o Main idea PPM+NC o Practical PPM+NC

490 views • 28 slides
TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1

TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1

TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1 DISCLAIMER: THIS IS NOT FULLY-BAKED We just fleshed out this idea yesterday, so its hand-wavy. Insufficient analysis has been done. IETF 94 TLS 1.3

886 views • 11 slides
Secure Messaging Lecture 23 Messaging Alice Bob Secure Messaging Corruption model

Secure Messaging Lecture 23 Messaging Alice Bob Secure Messaging Corruption model

Secure Messaging Lecture 23 Messaging Alice Bob Secure Messaging Corruption model Server/network is adversarial (but trusted identity registration needed) Windows of compromise when a party is under adversarial control (or readable

933 views • 14 slides
on WhatsApp Kiran Garimella , Dean Eckles 1 WhatsApp Peer to peer messaging platform 1.5

on WhatsApp Kiran Garimella , Dean Eckles 1 WhatsApp Peer to peer messaging platform 1.5

Image based Misinformation on WhatsApp Kiran Garimella , Dean Eckles 1 WhatsApp Peer to peer messaging platform 1.5 Billion monthly active users Multimedia heavy roughly 50% is images and video End-to-end encrypted Image

423 views • 19 slides
Dataflow acceleration of Smith- Waterman with Traceback for high throughput Next Generation

Dataflow acceleration of Smith- Waterman with Traceback for high throughput Next Generation

Dataflow acceleration of Smith- Waterman with Traceback for high throughput Next Generation Sequencing Konstantina Koliogeorgi*, Nils Voss , Sotiria Fytraki , Sotirios Xydis*, Georgi Gaydadjiev , Dimitrios Soudris* * National

174 views • 6 slides
Instant Message Delivery Notification (IMDN) for Common Presence and Instant Messaging (CPIM)

Instant Message Delivery Notification (IMDN) for Common Presence and Instant Messaging (CPIM)

Instant Message Delivery Notification (IMDN) for Common Presence and Instant Messaging (CPIM) Messages draft-burger-sipping-imdn-02 Open Issues Issue 1: Requiring IMDNs to be end-to- end encrypted. Issue 2: Sender keeping state

338 views • 10 slides
YOUR MESSAGING ISNT ABOUT YOU 7 Steps to Messaging that Connects Who am I? Why am I

YOUR MESSAGING ISNT ABOUT YOU 7 Steps to Messaging that Connects Who am I? Why am I

YOUR MESSAGING ISNT ABOUT YOU 7 Steps to Messaging that Connects Who am I? Why am I here? Hundreds of product launches. Dozens of corporate launches. One top-funded Kickstarter campaign The Tool: The Message Map

655 views • 22 slides
BBM Messaging is the new social media More than 85% of 13-34 year olds use messaging apps every

BBM Messaging is the new social media More than 85% of 13-34 year olds use messaging apps every

BBM Messaging is the new social media More than 85% of 13-34 year olds use messaging apps every day Why 13-34 year olds love messaging 1. Trust Young adults dont trust social networks 2. Intimacy They want to be able to share

465 views • 34 slides
Three classes based model of traceback system between ASs IETF59th Korea INCH-WG Toshifumi Kai

Three classes based model of traceback system between ASs IETF59th Korea INCH-WG Toshifumi Kai

Three classes based model of traceback system between ASs IETF59th Korea INCH-WG Toshifumi Kai (kai@trc.mew.co.jp), Hiroshige Nakatani (nakatani@trc.mew.co.jp) Naohiro Fukuda(fukuda@trc.mew.co.jp) Matsushita Electric Works, Ltd. Akira

157 views • 11 slides
Challenges With Building End-to-End Encrypted Challenges With Building End-to-End Encrypted

Challenges With Building End-to-End Encrypted Challenges With Building End-to-End Encrypted

Challenges With Building End-to-End Encrypted Challenges With Building End-to-End Encrypted Applications Learnings From Etesync Applications Learnings From Etesync stosb.com/talks Tom Hacohen tom@stosb.com FOSDEM 2019 @TomHacohen

361 views • 32 slides
Using Messaging Protocols to Build Mobile and Web Applications Jeff Mesnil Jeff Mesnil

Using Messaging Protocols to Build Mobile and Web Applications Jeff Mesnil Jeff Mesnil

Using Messaging Protocols to Build Mobile and Web Applications Jeff Mesnil Jeff Mesnil Software Engineer at Red Hat Core developer on WildFly Application Server, lead for its messaging component Developed messaging brokers (HornetQ,

965 views • 82 slides
SMS Messaging for Marketing Success SMS Messaging for Marketing Success Esendex Multichannel

SMS Messaging for Marketing Success SMS Messaging for Marketing Success Esendex Multichannel

SMS Messaging for Marketing Success SMS Messaging for Marketing Success Esendex Multichannel Solutions What are we covering off today? Who we are - communigator relationship Power of using SMS What does good look like? What is

342 views • 19 slides
STRATEGIC STRATEGIC MESSAGING MESSAGING BUILDING A BETTER CORE PITCH TORYTELLING FOR STARTUPS:

STRATEGIC STRATEGIC MESSAGING MESSAGING BUILDING A BETTER CORE PITCH TORYTELLING FOR STARTUPS:

STRATEGIC STRATEGIC MESSAGING MESSAGING BUILDING A BETTER CORE PITCH TORYTELLING FOR STARTUPS: Andy Raskin Andy Raskin Strategic Messaging & Positioning Strategic Messaging & Positioning http://andyraskin.com The great

690 views • 45 slides
Can You Trust Your Encrypted Cloud? An Assessment of SpiderOakONEs Security Anders Dalskov

Can You Trust Your Encrypted Cloud? An Assessment of SpiderOakONEs Security Anders Dalskov

Can You Trust Your Encrypted Cloud? An Assessment of SpiderOakONEs Security Anders Dalskov Claudio Orlandi Aarhus University RWC 2018 Agenda I A Threat Model for Encrypted Cloud Storage (ECS). I A high-level look into a modern ECS service

770 views • 47 slides
Museums Beyond Reopening: Thriving in Your New Normal Welcome! The webinar will begin at 10:00

Museums Beyond Reopening: Thriving in Your New Normal Welcome! The webinar will begin at 10:00

Museums Beyond Reopening: Thriving in Your New Normal Welcome! The webinar will begin at 10:00 a.m. CT. While you wait: 1. Download PDFs of the slides and handouts under the Handouts tab of your control bar. 2. Confirm that your

548 views • 20 slides
A Hybrid Systolic-Dataflow Architecture for In Inductive Matrix Alg lgorithms Jian Weng, Sihao

A Hybrid Systolic-Dataflow Architecture for In Inductive Matrix Alg lgorithms Jian Weng, Sihao

A Hybrid Systolic-Dataflow Architecture for In Inductive Matrix Alg lgorithms Jian Weng, Sihao Liu, Zhengrong Wang, Vidushi Dadu, Tony Nowatzki University of California, Los Angeles Feb 27 th , 2020 1 Inductive Kernels F(

552 views • 24 slides
New ew Fa Faculty lty Li Life fe Hac acks: ks: So youre at a PUI Michelle L. Kovarik

New ew Fa Faculty lty Li Life fe Hac acks: ks: So youre at a PUI Michelle L. Kovarik

New ew Fa Faculty lty Li Life fe Hac acks: ks: So youre at a PUI Michelle L. Kovarik Trinity College, Hartford CT How can I meet the teaching expectations of a PUI while Teaching simultaneously producing publishable research? Be

254 views • 6 slides
Bootstrapping for Approximate Homomorphic Encryption Jung Hee Cheon, Kyoohyung Han, Andrey Kim

Bootstrapping for Approximate Homomorphic Encryption Jung Hee Cheon, Kyoohyung Han, Andrey Kim

Bootstrapping for Approximate Homomorphic Encryption Jung Hee Cheon, Kyoohyung Han, Andrey Kim (Seoul National University) Miran Kim, Yongsoo Song (University of California, San Diego) Landscape of Homomorphic Encryption Landscape of

412 views • 38 slides
Functional Encryption: Deterministic to Randomized Functions from Simple Assumptions Shashank

Functional Encryption: Deterministic to Randomized Functions from Simple Assumptions Shashank

Functional Encryption: Deterministic to Randomized Functions from Simple Assumptions Shashank Agrawal David J. Wu Public-Key Functional Encryption [BSW11, ON10] () Keys are associated with deterministic functions sk

1.47k views • 99 slides
Introducing Computational Thinking in Education Courses Aman Yadav Chris Mayfield Ninger Zhou

Introducing Computational Thinking in Education Courses Aman Yadav Chris Mayfield Ninger Zhou

Introducing Computational Thinking in Education Courses Aman Yadav Chris Mayfield Ninger Zhou Susanne Hambrusch Department of Educational Studies John T. Korb Department of Computer Science This work is supported by the NSF CPATH program

477 views • 22 slides
Financial Econometrics Econ 40357 Local Projections N.C. Mark University of Notre Dame and NBER

Financial Econometrics Econ 40357 Local Projections N.C. Mark University of Notre Dame and NBER

Financial Econometrics Econ 40357 Local Projections N.C. Mark University of Notre Dame and NBER September 10, 2020 1 / 5 Pitfalls of VARs VAR is optimally designed for one-period ahead forecasting. An impulse response, is a function of

507 views • 5 slides
Disclaimer This presentation was prepared by Green & Sklarz LLC and does not represent

Disclaimer This presentation was prepared by Green & Sklarz LLC and does not represent

4/30/2020 DISCUSSION WITH DISCUSSION WITH CT DRS:HO CT DRS:HOW IS CT IS CT DRS AND IRS DRS AND IRS RESPONDING TO RESPONDING TO COVID COVID-19? 19? Apri April 30, 2020 30, 2020 Presented by: Eric L. Green, Esq., Green & Sklarz

468 views • 17 slides

More recommend