vuvuzela
play

Vuvuzela a scalable private messaging system David Lazar Jelle van - PowerPoint PPT Presentation

Dec 26, 2022 •19 likes •609 views

Vuvuzela a scalable private messaging system David Lazar Jelle van den Hooff, Matei Zaharia, Nickolai Zeldovich Motivation Alice Bob (Oncologist) Encryption Z28gUGF0cmlvdHMhCg c2VhaGF3a3Mgc3Vjawo Alice Bob (Oncologist) Problem: metadata

  1. Vuvuzela a scalable private messaging system David Lazar Jelle van den Hooff, Matei Zaharia, Nickolai Zeldovich

  2. Motivation Alice Bob (Oncologist)

  3. Encryption Z28gUGF0cmlvdHMhCg c2VhaGF3a3Mgc3Vjawo Alice Bob (Oncologist)

  4. Problem: metadata Z28gUGF0cmlvdHMhCg Ex-boyfriend Pfizer Lawyer c2VhaGF3a3Mgc3Vjawo AA Alice Bob (Oncologist) Hospital Lawyer Snowden Guardian NY Times White House

  5. Goal: hide metadata Vuvuzela Ex-boyfriend Pfizer Lawyer AA Alice Bob (Oncologist) Hospital Lawyer Snowden Guardian NY Times White House

  6. Goal: hide metadata Vuvuzela Ex-boyfriend Pfizer Lawyer AA Alice Bob (Oncologist) Hospital Lawyer Snowden Guardian NY Times White House

  7. Goal: scalability Vuvuzela Ex-boyfriend Pfizer Lawyer AA Alice Bob (Oncologist) Hospital Lawyer Snowden Guardian NY Times White House

  8. Tor is scalable Alice Bob Tor network

  9. Tor is insecure Alice Bob Tor network

  10. Tor is insecure Low-Cost Traffic Analysis of Tor Steven J. Murdoch and George Danezis University of Cambridge, Computer Laboratory 15 JJ Thomson Avenue, Cambridge CB3 0FD United Kingdom Users Get Routed: { Steven.Murdoch,George.Danezis } @cl.cam.ac.uk Traffic Correlation on Tor by Realistic Adversaries Abstract Other systems, based on the idea of a mix, were de- veloped to carry low latency traffic. ISDN mixes [33] Aaron Johnson 1 Chris Wacek 2 Rob Jansen 1 Micah Sherr 2 Paul Syverson 1 Tor is the second generation Onion Router, supporting propose a design that allows phone conversations to be the anonymous transport of TCP streams over the Inter- anonymised, and web-mixes [6] follow the same design pat- 1 U.S. Naval Research Laboratory, Washington DC 2 Georgetown University, Washington DC {aaron.m.johnson, rob.g.jansen, paul.syverson}@nrl.navy.mil {cwacek, msherr}@cs.georgetown.edu net. Its low latency makes it very suitable for common terns to anonymise web traffic. A service based on these ideas, the Java Anon Proxy (JAP) 1 has been implemented tasks, such as web browsing, but insecure against traffic- analysis attacks by a global passive adversary. We present and is running at the University of Dresden. These ap- Alice Bob new traffic-analysis techniques that allow adversaries with proaches work in a synchronous fashion, which is not well ABSTRACT The traffic correlation problem in Tor has seen much attention only a partial view of the network to infer which nodes are adapted for the asynchronous nature of widely deployed in the literature. Prior Tor security analyses often consider entropy We present the first analysis of the popular Tor anonymity network Circuit Fingerprinting Attacks: being used to relay the anonymous streams and therefore TCP/IP networks [8]. or similar statistical measures as metrics of the security provided that indicates the security of typical users against reasonably realis- by the system at a static point in time . In addition, while prior tic adversaries in the Tor network or in the underlying Internet. Our Passive Deanonymization of Tor Hidden Services metrics of security may provide useful information about overall results show that Tor users are far more susceptible to compromise usage, they typically do not tell users how secure a type of behav- than indicated by prior work. Specific contributions of the paper ior is. Further, similar previous work has thus far only considered include (1) a model of various typical kinds of users, (2) an adver- adversaries that control either a subset of the members of the Tor Albert Kwon † , Mashael AlSabah ‡§† ∗ , David Lazar † , Marc Dacier ‡ , and Srinivas Devadas † † Massachusetts Institute of Technology, { kwonal,lazard,devadas } @mit.edu ‡ Qatar Computing Research Institute, mdacier@qf.org.qa § Qatar University, malsabah@qu.edu.qa This paper sheds light on crucial weaknesses in the As a result, many sensitive services are only accessi- design of hidden services that allow us to break the ble through Tor. Prominent examples include human anonymity of hidden service clients and operators pas- rights and whistleblowing organizations such as Wik- Tor network sively. In particular, we show that the circuits , paths ileaks and Globalleaks, tools for anonymous messag- established through the Tor network, used to commu- ing such as TorChat and Bitmessage, and black markets nicate with hidden services exhibit a very different be- like Silkroad and Black Market Reloaded. Even many havior compared to a general circuit. We propose two non-hidden services, like Facebook and DuckDuckGo, attacks, under two slightly different threat models, that recently have started providing hidden versions of their

  11. Related work Tor Pond Scalability Riposte [Oakland 2015] Dissent [OSDI 2012] Privacy

  12. Contribution Tor Pond Vuvuzela Scalability Riposte [Oakland 2015] Dissent [OSDI 2012] Privacy

  13. Contribution • Vuvuzela : the first private messaging system that hides metadata from powerful adversaries for millions of users • Vuvuzela scales linearly with the number of users • Differential privacy for millions of messages per user for one million users • 37s end-to-end message latency • 60,000 messages / second throughput • Good match for private text-based messaging

  14. Vuvuzela overview • Handful of servers arranged in a chain • Users send/receive messages through the first server Alice Bob Server 1 Server 2 Server 3 • Last server decides who gets Charlie what messages and sends them back down the chain

  15. Vuvuzela’s two protocols Dialing protocol: Initiate conversation session between two users Alice Bob Conversation protocol: Exchange messages between two users Charlie

  16. Threat model • All but one server are compromised • Adversary is active (can knock users offline, tamper with messages, etc) Alice Bob • All users might be malicious (besides you and your friends) Charlie • PKI: users know each other’s keys

  17. Metadata privacy Scenario 1 Scenario 2 Scenario 3 Alice Bob Charlie Alice Bob Charlie Alice Bob Charlie Vuvuzela Vuvuzela Vuvuzela

  18. Metadata privacy Scenario 1 Scenario 2 Scenario 3 Alice Bob Charlie Alice Bob Charlie Alice Bob Charlie Vuvuzela Vuvuzela Vuvuzela ? ? ? traffic analysis 47D1FC9A… hacked servers

  19. Approach to scalable privacy • Use efficient cryptography to encrypt as much metadata as possible. • Add noise to metadata that we can’t “encrypt.” • Use differential privacy to reason about how much privacy the noise gives us.

  20. Dead drops prevent users from talking directly Alice Dead drop: a place to leave a message that Bob another user can pick up Charlie

  21. Talking via dead drops Dead drop: zzp8ns0nrxt3g9efb6c Alice Message: “Hi Bob! How’s it going?” Bob Dead drop: zzp8ns0nrxt3g9efb6c Message: “” Charlie

  22. Conversation protocol Dead drop: zzp8ns0nrxt3g9efb6c Alice Message: “Hi Bob! How’s it going?” Bob Dead drop: zzp8ns0nrxt3g9efb6c Message: “” Charlie Round 1

  23. Conversation protocol D e a d d r o p : F s d d 5 v P M L H 3 K M A e R s q s a E g 2 a e : “ ” Alice a 2 E q R A K 3 H L M P v 5 d d s F : p o r d d a e D ” ! s k n a h t , d o o g m ’ “ I Bob : e g a s s e M Charlie Round 2

  24. Conversation protocol Alice Bob Charlie Round 3

  25. Conversation protocol Alice Bob Charlie Round 4

  26. Messages are encrypted D e a d d r o p : F s d d 5 v P M L H 3 K M A e R s q s a E g 2 a e : W C z d j L 5 w B N p J U t t 9 t E 7 … Alice a 2 E q R A K 3 H L M P v 5 d d s F : p o r d d a … e D E j g 6 P u 4 W q 8 k V s W Q 1 T j y Bob : e g a s s e M Charlie

  27. Idle clients send cover traffic D e a d d r o p : F s d d 5 v P M L H 3 K M A e R s q s a E g 2 a e : W C z d j L 5 w B N p J U t t 9 t E 7 … Alice a 2 E q R A K 3 H L M P v 5 d d s F : p o r d d a … e D E j g 6 P u 4 W q 8 k V s W Q 1 T j y Bob : e g a s s e M Charlie

  28. Idle clients send cover traffic D e a d d r o p : F s d d 5 v P M L H 3 K M A e R s q s a E g 2 a e : W C z d j L 5 w B N p J U t t 9 t E 7 … Alice a 2 E q R A K 3 H L M P v 5 d d s F : p o r d d a … e D E j g 6 P u 4 W q 8 k V s W Q 1 T j y Bob : e g a s s e M Dead drop: uy06ZOuTTvrERU7rCh Message: JwXpDGH5reB627KOs0… Charlie

  29. Dead drops give privacy D e a d d r o p : F s d d 5 v P M L H 3 K M A e R s q s a E g 2 a e : W C z d j L 5 w B N p J U t t 9 t E 7 … Alice a 2 E q R A K 3 H L M P v 5 d d s F : p o r d d a … e D E j g 6 P u 4 W q 8 k V s W Q 1 T j y Bob : e g a s s e M Dead drop: uy06ZOuTTvrERU7rCh Message: JwXpDGH5reB627KOs0… Charlie

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis Jelle van den Hooff, David

Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis Jelle van den Hooff, David

Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis Jelle van den Hooff, David Lazar, Matei Zaharia, Nickolai Zeldovich MIT CSAIL Symposium on Operating Systems Principles (SOSP), 2015 1 / 12 Motivation Encryption systems hide

608 views • 14 slides
Multidisciplinary Cancer Management Training ASCO: A Global Organization Publications US

Multidisciplinary Cancer Management Training ASCO: A Global Organization Publications US

Multidisciplinary Cancer Management Training ASCO: A Global Organization Publications US Intl ASCO: A Multidisciplinary Organization Medical Oncologists Radiation Oncologists Surgical Oncologists Pediatric Oncologists

600 views • 19 slides
geriatric minimum data set for clinical oncology research Paillaud E, Caillet P, Cudennec T , ,

geriatric minimum data set for clinical oncology research Paillaud E, Caillet P, Cudennec T , ,

DIALOG task force for definition of a geriatric minimum data set for clinical oncology research Paillaud E, Caillet P, Cudennec T , , Pamoukdjian F, Fossey-Diaz V, Liuu E, Albrand G, Boulahssass R, Couderc AL, Retornaz F, Mertens C, Balardy L,

434 views • 15 slides
Chapter 1: Basic Radiation Physics Slide set of 194 slides based on the chapter authored by E.B.

Chapter 1: Basic Radiation Physics Slide set of 194 slides based on the chapter authored by E.B.

Chapter 1: Basic Radiation Physics Slide set of 194 slides based on the chapter authored by E.B. Podgorsak of the IAEA publication: Review of Radiation Oncology Physics: A Handbook for Teachers and Students Objective: To familiarize the

1.14k views • 97 slides
Models to Enable Practice Growth Advancing the Business of Oncology Moderator Gail Airasian

Models to Enable Practice Growth Advancing the Business of Oncology Moderator Gail Airasian

September 21, 2019 Models to Enable Practice Growth Advancing the Business of Oncology Moderator Gail Airasian place photo over circle Vice President of Sales & Services, Flatiron Health Panelists place photo place photo place photo

660 views • 27 slides
How is MIPS working? At what cost? Is this the best we can do? Aaron Lyss alyss@tnonc.com

How is MIPS working? At what cost? Is this the best we can do? Aaron Lyss alyss@tnonc.com

How is MIPS working? At what cost? Is this the best we can do? Aaron Lyss alyss@tnonc.com Disclaimer: this presentation includes opinions and perspectives that should not be assumed to reflect official policies or positions of Tennessee

328 views • 6 slides
Oncology Technologies and Pathways Host: Derrick Gingery Speakers: Bridget Silverman and David

Oncology Technologies and Pathways Host: Derrick Gingery Speakers: Bridget Silverman and David

Companion Diagnostics: Oncology Technologies and Pathways Host: Derrick Gingery Speakers: Bridget Silverman and David Filmore Agenda / moderator intro slide Companion Diagnostic Development: Technology and Regulatory Drivers Pharma

723 views • 30 slides
Oncology Innovation Powered by Investments and Competition from China Moderator: James T. Lee ,

Oncology Innovation Powered by Investments and Competition from China Moderator: James T. Lee ,

Oncology Innovation Powered by Investments and Competition from China Moderator: James T. Lee , PhD, Associate Principal, Cello Health BioConsulting, previously Defined Health Panelists: Iris Luo , MS, MBA, Head of Business Development, North

315 views • 3 slides
Office-Based Palliative Care Practices: Strategies for Success Bethann Scarborough, MD Associate

Office-Based Palliative Care Practices: Strategies for Success Bethann Scarborough, MD Associate

Office-Based Palliative Care Practices: Strategies for Success Bethann Scarborough, MD Associate Professor Associate Director of Ambulatory Services Brookdale Department of Geriatrics and Palliative Medicine Icahn School of Medicine at Mount

588 views • 32 slides
Informatics and Information in in Radiation Oncology : OncoSpace John W. Wong, Ph.D. Todd

Informatics and Information in in Radiation Oncology : OncoSpace John W. Wong, Ph.D. Todd

Informatics and Information in in Radiation Oncology : OncoSpace John W. Wong, Ph.D. Todd McNutt, Ph.D. Department of Radiation Oncology Supported in Part by Elekta Impac Supported in Part by Elekta-Impac OCI_50 th 2008, JWW Status of

569 views • 39 slides
Growing Global Leaders Advancing Palliative Care Pushing the Agenda: Engaging an

Growing Global Leaders Advancing Palliative Care Pushing the Agenda: Engaging an

Growing Global Leaders Advancing Palliative Care Pushing the Agenda: Engaging an International Organization Jamie Von Roenn, MD, LDI C2 RC3 October 13-18, 2013 Why Oncology? The State of Oncology 1980s-1990s Suffering

584 views • 39 slides
Chemical imaging in pharmaceutics for formulation analysis, quality control, and monitoring of

Chemical imaging in pharmaceutics for formulation analysis, quality control, and monitoring of

Chemical imaging in pharmaceutics for formulation analysis, quality control, and monitoring of formulation interactions with biological tissue Ievgeniia Iermak 1* , Ana Paula da Silva 2 , Cristina Kurachi 1 , Vanderlei Salvador Bagnato 1 , Natalia

529 views • 19 slides
75 Year Anniversary NC State University Department of Statistics Biostatistics Geert

75 Year Anniversary NC State University Department of Statistics Biostatistics Geert

75 Year Anniversary NC State University Department of Statistics Biostatistics Geert Molenberghs geert.molenberghs@uhasselt.be & geert.molenberghs@kuleuven.be Interuniversity Institute for Biostatistics and statistical Bioinformatics

1k views • 51 slides
Hierarchical Bayesian Overdispersion Models for Non-Gaussian Repeated Measurement Data Aregay

Hierarchical Bayesian Overdispersion Models for Non-Gaussian Repeated Measurement Data Aregay

Outline Introduction Statistical Methodology Application to Data Simulation Study Concluding Remarks Further Research Hierarchical Bayesian Overdispersion Models for Non-Gaussian Repeated Measurement Data Aregay Mehreteab I-BioStat,

885 views • 35 slides
David Antoon PREVENT MEDICAL HARM aka Patient 32 is the goal of every harmed

David Antoon PREVENT MEDICAL HARM aka Patient 32 is the goal of every harmed

11/5/2015 David Antoon PREVENT MEDICAL HARM aka Patient 32 is the goal of every harmed patient Patient Advocate * 20 Years 25 Years 8 Years 53 Years Commercial Military Aviation Patient Advocate Safety Aviation

329 views • 5 slides
Visualizing Public Health Data Anamaria Crisan, MSc PhD student with Drs. Jennifer Gardy &

Visualizing Public Health Data Anamaria Crisan, MSc PhD student with Drs. Jennifer Gardy &

Visualizing Public Health Data Anamaria Crisan, MSc PhD student with Drs. Jennifer Gardy & Tamara Munzner UBC School of Population and Public Health Why am I giving this talk? PhD Master of Science (Computational Public Health)

1.02k views • 72 slides
Every Primary Care Clinician Should Know Cynthia S. Chiu, MD, FACS Associate Professor UCSF

Every Primary Care Clinician Should Know Cynthia S. Chiu, MD, FACS Associate Professor UCSF

Common Eye Conditions Every Primary Care Clinician Should Know Cynthia S. Chiu, MD, FACS Associate Professor UCSF Department of Ophthalmology UCSF Family Medicine Board Review March 9, 2016 http://www.timandjeni.com/images/cookiemonster.jpg

773 views • 50 slides
TARRANT COUNTY COLLEGE DISTRICT AGENDA FOR OPHTHALMIC ASSISTANT INFORMATION SESSION 1.

TARRANT COUNTY COLLEGE DISTRICT AGENDA FOR OPHTHALMIC ASSISTANT INFORMATION SESSION 1.

OPHTHALMIC ASSISTANT INFORMATION SESSION TRINITY RIVER EAST CAMPUS TARRANT COUNTY COLLEGE DISTRICT AGENDA FOR OPHTHALMIC ASSISTANT INFORMATION SESSION 1. Introduction to Ophthalmic Assistant Program 2. Introduction to Ophthalmic Assistant

574 views • 12 slides
Title Table of content 1 Easy to change colors, photos and Text 2 Easy to change colors,

Title Table of content 1 Easy to change colors, photos and Text 2 Easy to change colors,

LogoType Title Table of content 1 Easy to change colors, photos and Text 2 Easy to change colors, photos and Text 3 Easy to change colors, photos and Text 4 Easy to change colors, photos and Text Welcome!! Insert the title of your

326 views • 19 slides
USF EYE INSTITUTE 1.9 ACRES LOCATED AT NE CORNER OF MAGNOLIA/CITRUS DRIVES, USF TAMPA CO-LOCATED

USF EYE INSTITUTE 1.9 ACRES LOCATED AT NE CORNER OF MAGNOLIA/CITRUS DRIVES, USF TAMPA CO-LOCATED

USF EYE INSTITUTE 1.9 ACRES LOCATED AT NE CORNER OF MAGNOLIA/CITRUS DRIVES, USF TAMPA CO-LOCATED ON BLOCK WITH MOFFITT RESEARCH INSTITUTE 28,876 SF ONE-STORY BUILDING CONSTRUCTED IN 1995, 75 PARKING SPACES MOFFITT DESIRES TO PURCHASE PROPERTY

271 views • 5 slides
Management of chronic patients in Sweden Dr Eva Arvidsson evaarv@gmail.com Outline 1. Health

Management of chronic patients in Sweden Dr Eva Arvidsson evaarv@gmail.com Outline 1. Health

Management of chronic patients in Sweden Dr Eva Arvidsson evaarv@gmail.com Outline 1. Health care in Sweden 2. Management of chronic patients 3. Example: Hypertension 4. Example: Diabetes 5. Reflextions Primary heath care in Sweden

334 views • 32 slides
Hot topics Ophthalmology October 2015 (2/4) Feedback about the Initial Appointment

Hot topics Ophthalmology October 2015 (2/4) Feedback about the Initial Appointment

Hot topics Ophthalmology October 2015 (1/4) About the respondents 31 people responded, 17 of which had had an eye appointment in the hospital eye clinic in the last 2 years. The majority of recent service users were HaRD Net members

424 views • 4 slides
Ally with WTBBL: Downloading Audio Books for Your Patrons E u r a R y a n S z u w a l s k i W

Ally with WTBBL: Downloading Audio Books for Your Patrons E u r a R y a n S z u w a l s k i W

Ally with WTBBL: Downloading Audio Books for Your Patrons E u r a R y a n S z u w a l s k i W a s h i n g t o n T a l k i n g B o o k & B r a i l l e L i b r a r y E l e c t r o n i c S e r v i c e s , I n s t r u c t i o n A n d

680 views • 32 slides
REVISED 10 CFR PART 35: MEDICAL USE OF BYPRODUCT MATERIAL Subpart F: Manual Brachytherapy New

REVISED 10 CFR PART 35: MEDICAL USE OF BYPRODUCT MATERIAL Subpart F: Manual Brachytherapy New

REVISED 10 CFR PART 35: MEDICAL USE OF BYPRODUCT MATERIAL Subpart F: Manual Brachytherapy New Subpart F replaces the requirements in the old Subpart G, Sources for Brachytherapy P The following section was deleted: 35.420 Possession

280 views • 14 slides

More recommend