when encryption is not enough privacy attacks in content
play

When Encryption is Not Enough Privacy Attacks in Content- Centric - PowerPoint PPT Presentation

Dec 06, 2023 •16 likes •386 views

When Encryption is Not Enough Privacy Attacks in Content- Centric Networking ACM ICN 2017 1 Privacy with IP GET /a/b/c C S RESPONSE: <data> ACM ICN 2017 2 Privacy with IP secure channel GET /a/b/c C S RESPONSE: <data>

  1. When Encryption is Not Enough Privacy Attacks in Content- Centric Networking ACM ICN 2017 1

  2. Privacy with IP GET /a/b/c C S RESPONSE: <data> ACM ICN 2017 2

  3. Privacy with IP secure channel GET /a/b/c C S RESPONSE: <data> What’s revealed? • Source and destination addresses and port # • Timing • Packet sizes ACM ICN 2017 3

  4. Privacy with CCN Interest: /a/b/c C P Content: <data> ACM ICN 2017 4

  5. Privacy with CCN encrypted name? Interest: /a/b/c C P Content: <data> encrypted content? What’s revealed? • Consumer and producer locations • Timing • Packet sizes • Producer identity • Interest name (and equality) • … ACM ICN 2017 5

  6. Motivating Question What can an adversary do with interest equality alone? ACM ICN 2017 6

  7. Database Security SELECT * FROM SECRET_TABLE WHERE NAME = <secret> C DB [secret record] ACM ICN 2017 7

  8. Database Security SELECT * FROM SECRET_TABLE WHERE NAME = <secret> C DB [secret record] ACM ICN 2017 8

  9. Eavesdropping Attack C C NAME = 0x1234… DB C ACM ICN 2017 9

  10. Eavesdropping Attack C 0x1234… 0x4356… 0x4356… 0x1234… C NAME = 0x1234… DB 0x1234… 0x1234… 0x1234… 0x9981… 0x9981… 0x9271… C 0x3233… … ACM ICN 2017 10

  11. Empirical Frequency Counts 0x1234… 0x4356… 6 0x4356… 0x1234… 5 0x1234… 0x1234… 0x1234… 4 0x9981… 0x9981… 3 0x9271… 0x3233… 2 … 1 0 0 x1234… 0 x9981… 0x4536 0x9271 0x3233 Count ACM ICN 2017 11

  12. Auxiliary Popularity Info 0.6 0.5 0.4 0.3 0.2 0.1 0 Item 1 Item 2 Item 3 Item 4 Item 5 Popularity ACM ICN 2017 12

  13. Frequency Analysis Attack 6 Count 4 2 0 0 x1234… 0 x9981… 0x4536 0x9271 0x3233 0.6 Popularity 0.5 0.4 0.3 0.2 0.1 0 Item 1 Item 2 Item 3 Item 4 Item 5 ACM ICN 2017 13

  14. Frequency Analysis Attack 6 Count 4 2 0 0 x1234… 0 x9981… 0x4536 0x9271 0x3233 0.6 Popularity 0.5 0.4 0.3 0.2 0.1 0 Item 1 Item 2 Item 3 Item 4 Item 5 ACM ICN 2017 14

  15. CCN as a Content Database Request for encrypted content Get <secret> C Network [Secret Content] Application data P Encrypted data items C ACM ICN 2017 15

  16. CCN as a Content Database Request for encrypted content P ∈ P Get <secret> P C [Secret Content] C ∈ C ACM ICN 2017 16

  17. Relevant Distributions • Real popularity distribution D R ( P ) D A • Auxiliary information distribution A ( P ) • Empirical frequency distribution D E ( C ) ACM ICN 2017 17

  18. Global Eavesdropping Adversary • Nefarious ISPs, nation states, etc. • Questions: – To what extent does auxiliary information accuracy matter? – To what extent does universe size matter? ACM ICN 2017 18

  19. Topology Consumer Edge Router Core Router ACM ICN 2017 19

  20. Different Auxiliary and Popularity Information ACM ICN 2017 20

  21. Matching Auxiliary and Popularity Information ACM ICN 2017 21

  22. Takeaway ∆ ( D A A ( P ) , D R ( P )) ≈ 0 . 0 ∆ ( D E ( C ) , D A A ( P )) ≈ 0 . 0 ACM ICN 2017 22

  23. Auxiliary Information Gap 0.000 0.005 0.010 0.015 0.020 0.025 0.030 0.035 0.040 ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● Match Ratio ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● Length of Simulation [s] ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● 10000 ● ● ● ● ● 8000 6000 ● 4000 ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● 2000 ● ● 0 0.0 0.2 0.4 0.6 0.8 1.0 Statistical Distance ACM ICN 2017 23

  24. Content Universe Size ● ● ● ● ● ● 1.0 ● ● 0.8 Length of Simulation [s] Match Ratio 0.6 ● ● ● ● ● 10000 ● ● ● ● ● ● ● 0.4 ● ● ● ● ● ● ● ● ● ● 8000 ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● 6000 ● ● ● ● ● ● ● ● ● ● ● 0.2 ● ● ● ● ● ● 4000 ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● 2000 ● ● ● ● ● ● ● ● ● 0.0 ● ● ● ● ● ● ● 0 ● 0 200 400 600 800 1000 Sample Size ACM ICN 2017 24

  25. Takeaway Auxiliary information accuracy is not as important as sample size ACM ICN 2017 25

  26. Distributed Adversary • Access point, enterprise network middlebox, compromised transit router, etc. • Questions: – Where does the adversary have the best chance at succeeding? – To what extent does caching dampen attack efficacy? – Can content replication (across different producers) help? ACM ICN 2017 26

  27. Edge vs Inner Router ACM ICN 2017 27

  28. Cache Presence ACM ICN 2017 28

  29. Replication ACM ICN 2017 29

  30. Probing for Popularity • What does do if it has no popularity information? ACM ICN 2017 30

  31. Probing for Popularity • What does do if it has no popularity information? • Exploit caches to learn popularity – Assumes plaintext and ciphertext equivalents are fetched with equal distributions ACM ICN 2017 31

  32. Probing Algorithm ACM ICN 2017 32

  33. Probe Results (S = 50) ACM ICN 2017 33

  34. Probe Results (S = 100) ACM ICN 2017 34

  35. Summary • Caching both helps and hurts privacy • Content replication helps bypass adversaries • Preventing namespace enumeration is key to mitigating the attack ACM ICN 2017 35

  36. Future Work • Expand simulator and widen experiments • Analytically quantify the attack match percentage given distributions, network topologies, and cache hit probabilities • Study attack on CDNs today ACM ICN 2017 36

  37. /this/is/the/end/ version=0x00/chunk=0x01/PID=0x02 Questions? ACM ICN 2017 37

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Encryption and Attacks Attacks on Encryption Block Cipher Design Principles Cryptography

Encryption and Attacks Attacks on Encryption Block Cipher Design Principles Cryptography

Cryptography Encryption and Attacks Encryption Building Blocks Encryption and Attacks Attacks on Encryption Block Cipher Design Principles Cryptography Stream Cipher Design Principles Example: Brute School of Engineering and Technology

681 views • 51 slides
Encryption and Attacks Attacks on Encryption Block Cipher Design Principles Cryptography

Encryption and Attacks Attacks on Encryption Block Cipher Design Principles Cryptography

Cryptography Encryption and Attacks Encryption Building Blocks Encryption and Attacks Attacks on Encryption Block Cipher Design Principles Cryptography Stream Cipher Design Principles Example: Brute School of Engineering and Technology

923 views • 51 slides
Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Software and Web Security 2 More attacks on Clients: Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth reality Welcome user29. (IP address: 131.174.16.131) RU Nijmegen, NL; male german

1.11k views • 58 slides
Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about encryption? Encryption Certificates Crypto Currencies Public Key AES Encryption Privacy SSH VPN HTTPS TLS Quantum Digital Signatures

837 views • 46 slides
Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer,

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer,

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017 Content Differential power analysis for key recovery Re-keying

284 views • 24 slides
Privacy Attacks Practicum Privacy &amp; Fairness in Data Science CS848 Fall 2019 2 Module 1:

Privacy Attacks Practicum Privacy &amp; Fairness in Data Science CS848 Fall 2019 2 Module 1:

Privacy Attacks Practicum Privacy &amp; Fairness in Data Science CS848 Fall 2019 2 Module 1: Intro to Privacy 1. Privacy Attacks Practicum 2. Differential Privacy 3. Basic Algorithms 4. Designing Complex Algorithms &amp; Composition 3

677 views • 44 slides
So Far ... AUTHENTICATED ENCRYPTION We have looked at methods to provide privacy and authenticity

So Far ... AUTHENTICATED ENCRYPTION We have looked at methods to provide privacy and authenticity

So Far ... AUTHENTICATED ENCRYPTION We have looked at methods to provide privacy and authenticity separately: Goal Primitive Security notion Data privacy symmetric encryption IND-CPA Data authenticity MAC UF-CMA Mihir Bellare UCSD 1

105 views • 9 slides
GSM privacy attacks Karsten Nohl, nohl@srlabs.de Karsten Nohl, nohl@srlabs.de Agenda GSM

GSM privacy attacks Karsten Nohl, nohl@srlabs.de Karsten Nohl, nohl@srlabs.de Agenda GSM

GSM privacy attacks Karsten Nohl, nohl@srlabs.de Karsten Nohl, nohl@srlabs.de Agenda GSM attack history GSM attack vectors Attacking GSMs A 5/1 encryption Risk scenario: GSM payment GSM is global, omnipresent and wants to

600 views • 46 slides
Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Software and Web Security 2 More attacks on Clients: More attacks on Clients: Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth reality y y Welcome user29. (IP address: (IP address:

691 views • 50 slides
So far: had cryptographic algorithms to achieve Privacy: use encryption Integrity: use MAC Want

So far: had cryptographic algorithms to achieve Privacy: use encryption Integrity: use MAC Want

So far: had cryptographic algorithms to achieve Privacy: use encryption Integrity: use MAC Want both privacy and integrity Achieve this by combining encryption and MAC in appropriate way Eike Ritter Cryptography 2014/15 39 Several

1.18k views • 12 slides
AUTHENTICATED ENCRYPTION 1 / 1 So Far ... We have looked at methods to provide privacy and

AUTHENTICATED ENCRYPTION 1 / 1 So Far ... We have looked at methods to provide privacy and

AUTHENTICATED ENCRYPTION 1 / 1 So Far ... We have looked at methods to provide privacy and integrity/authenticity separately: Goal Primitive Security notions Data privacy symmetric encryption IND-CPA, IND-CCA Data integrity/authenticity

922 views • 73 slides
Authenticated Encryption Atul Luykx COSIC, ESAT, KU Leuven, Belgium July 15, 2016 1 2 2 2 2

Authenticated Encryption Atul Luykx COSIC, ESAT, KU Leuven, Belgium July 15, 2016 1 2 2 2 2

Authenticated Encryption Atul Luykx COSIC, ESAT, KU Leuven, Belgium July 15, 2016 1 2 2 2 2 2 2 2 2 2 2 Modeling Attacks 3 Modeling Attacks 3 Modeling Attacks Encryption 3 Modeling Attacks Encryption 3 Modeling Attacks

1.82k views • 169 slides
Encryption Ethical Quandaries that Exist in Privacy Rudolf Musika CS 3111 Overview

Encryption Ethical Quandaries that Exist in Privacy Rudolf Musika CS 3111 Overview

April 12, 2018 Encryption Ethical Quandaries that Exist in Privacy Rudolf Musika CS 3111 Overview Presentation description Brief description of encryption. Bring to attention some of the troubles that plague encryption and

857 views • 23 slides
Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption With good encryption, data values not readable So whats the problem? Lecture 17 Page 1 CS 236 Online Traffic Analysis

532 views • 21 slides
Attacks on Clients: Dynamic Content &amp; XSS (Section 7.1.3 on JavaScript; 7.2.4 on Media

Attacks on Clients: Dynamic Content &amp; XSS (Section 7.1.3 on JavaScript; 7.2.4 on Media

Software and Web Security 2 Attacks on Clients: Dynamic Content &amp; XSS (Section 7.1.3 on JavaScript; 7.2.4 on Media content; 7.2.6 on XSS) sws2 1 Recap from last lecture Attacks on web server: attacker/client sends malicious input

835 views • 56 slides
Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 14 : 590.03 Fall 12 1 Outline Differential Privacy Implementations PINQ: Privacy Integrated Queries [McSherry SIGMOD

1.22k views • 40 slides
Significance of Alignments COMP 571 Luay Nakhleh, Rice University Hypothesis Testing for

Significance of Alignments COMP 571 Luay Nakhleh, Rice University Hypothesis Testing for

Significance of Alignments COMP 571 Luay Nakhleh, Rice University Hypothesis Testing for Sequence Homology When a best local alignment is found, the next task is to assess its biological relevance This is most often done based on hypothesis

158 views • 13 slides
Lecture 18 Fitting CAR and SAR Models Colin Rundel 11/07/2018 1 Fitting areal models Revised

Lecture 18 Fitting CAR and SAR Models Colin Rundel 11/07/2018 1 Fitting areal models Revised

Lecture 18 Fitting CAR and SAR Models Colin Rundel 11/07/2018 1 Fitting areal models Revised SAR Model Formula Model ( ) = + =1 1 (, 2 1 )

590 views • 45 slides
Distribution properties of digital functions over Gaussian integers Peter Grabner (joint work

Distribution properties of digital functions over Gaussian integers Peter Grabner (joint work

Distribution properties of digital functions over Gaussian integers Peter Grabner (joint work with M. Drmota (TU Vienna) and P. Liardet (Marseille)) Institut f ur Mathematik A, Graz University of Technology Journ ees Num eration,

923 views • 65 slides
Topological properties of convolutor spaces via the short-time Fourier transform Andreas

Topological properties of convolutor spaces via the short-time Fourier transform Andreas

Topological properties of convolutor spaces via the short-time Fourier transform Andreas Debrouwere (Joint work with Jasson Vindas) Ghent University Pawel Doma nski Memorial Conference 6 July 2018 1 / 14 The space of integrable

582 views • 54 slides
7 papers on Kepler DSC stars Fruitful discussions Passion for science THANKS THE IMPACT OF

7 papers on Kepler DSC stars Fruitful discussions Passion for science THANKS THE IMPACT OF

7 papers on Kepler DSC stars Fruitful discussions Passion for science THANKS THE IMPACT OF GAP-FILLING METHODS ON THE DETERMINATION OF PERIODICITIES FOR A-F STARS STARS 2016 | Windermere UK J.C. Surez, A. Garca Hernndez Dept.

412 views • 20 slides
Lecture 4 Filtering in the Frequency Domain Lin ZHANG, PhD School of Software Engineering

Lecture 4 Filtering in the Frequency Domain Lin ZHANG, PhD School of Software Engineering

Lecture 4 Filtering in the Frequency Domain Lin ZHANG, PhD School of Software Engineering Tongji University Spring 2016 Lin ZHANG, SSE, 2016 Outline Background From Fourier series to Fourier transform Properties of the Fourier

1.51k views • 85 slides
Fast 3D Helmholtz Solvers for Seismic Inversion in the Frequency Domain Russell J. Hewett

Fast 3D Helmholtz Solvers for Seismic Inversion in the Frequency Domain Russell J. Hewett

Fast 3D Helmholtz Solvers for Seismic Inversion in the Frequency Domain Russell J. Hewett Mathematics &amp; CMDA, Virginia Tech Theory and Experience in Solving Inverse Problems in Geophysics Workshop Uppsala University April 10, 2019 RJH

1.48k views • 92 slides
[Synthesizer] Sound Design with Patrick Young About Speaker Feature Studios - Patch Design

[Synthesizer] Sound Design with Patrick Young About Speaker Feature Studios - Patch Design

[Synthesizer] Sound Design with Patrick Young About Speaker Feature Studios - Patch Design http://www.speakerfeaturestudios.com/soundbanks/ BSEE, MSEE with specialization in Digital Signal Processing Favorite waveform:

303 views • 15 slides

More recommend