Thesis by Jeremy Clark Combating Adverse Selection in Anonymity Networks

1. On Combating Adverse Selection in Anonymity Networks. Jeremy Clark CACR Seminar October 17, 2007

2. On Combating Adverse Selection in Anonymity Networks.

3. On Combating Adverse Selection in Anonymity Networks .

7. Proxy Model

13. Node 5 Node 4 Node 7 Node 6

15. An “Onion”

16. Node 1 Node 2 Node 3

17. Onion Routing in 30 seconds © CBS 2006. Used under the fair dealings clause in the Canada Copyright Act .

32. Exit Node Repudiation N1 Alice IP Address Anonymous and Signed Credential N3 Alice Credential Proof IP A ≠ IP EN

33. Key Generation

34. Issuing Protocol

35. Signed Proof

36. Verification

37. Exit Node Repudiation Entrance Node Alice IP Address Anonymous and Signed Credential Exit Node Alice Credential Proof IP A ≠ IP EN

38. Exit Node Repudiation Law Enforcement Alice IP Address Anonymous and Signed Credential Exit Node Alice Credential Proof IP A ≠ IP EN

43. A Modified Architecture Authentication Server (AS) – Injective Access Control Server (ACS) – One to Many

44. Revocable Access AS - Law Enforcement Alice IP Address <MAC(IP)> in a Credential ACS - Network Server Alice <MAC(IP)> <MAC(IP)>

45. Revocable Access AS - Law Enforcement Alice IP Address <MAC(IP)> in a Credential ACS - Network Server Alice <MAC(IP)> Credentials <MAC(IP)> Cred Batch

46. Adding to Ban List Same IP Credential

47. Challenging the Ban List Different IP Credential

49. Signed Proof

52. A Mental Model T or Privoxy Internet http, https, ftp, etc SOCKS Vidalia Firefox

53. A Mental Model T or Privoxy Internet http, https, ftp, etc SOCKS Torbutton/FoxyProxy Vidalia Firefox

54. A Mental Model Internet T or XeroBank

70. Comparison and Summary Installation Configuration Verification Disabling Manual Config Difficult Very Difficult Easy Very Difficult Torbutton Difficult Easy Easy Very Easy FoxyProxy Difficult Very Easy Easy Easy XeroBank Very Easy Very Easy Very Difficult Very Easy