SlideShare a Scribd company logo

Anonymity

Download as PPT, PDF
D
Dooremoore

Attacker can see evidence of a sent message, but the sender appears no more likely to be the originator than any other potential sender in the system

Technology
1 of 18
Anonymity on the Internet
Types of Anonymity  Pseudonymity – Susceptible to subpoenas  Sender – Receiver / observer can’t identify sender  Receiver – Observer can’t identify receiver  Sender-receiver – Observer can’t identify that communication has been sent
Uses of Anonymity Positive  Free speech for political claims as well as non-political comments  engage in whistle-blowing  conduct commercial transactions  freedom from detection, retribution, and embarrassment  New York Times Co. vs. Sullivan, 1964 "an author's decision to remain anonymous...is an aspect of the freedom of speech protected by the First Amendment"
Uses of Anonymity Negative  Spam  DoS -  Illegal activity – anonymous bribery, copyright infringement, harassment, financial scams, disclosure of trade secrets
Assumptions  Weak attacker – Eavesdrops on first and last hop – Can introduce messages here  Strong attacker – Eavesdrops on all links – Can introduce messages anywhere  Attacker has finite time, computing power  Multiple users
Types of Attackers  Local eavesdropper – Observes inbound and outbound messages on user’s computer  Administrator – Operator or group of operators of anonymizing systems attempting to foil their own system  Remote attack – Observation at the remote end by eavesdropper or attack by the remote host
Attacks  Timing Attack, Volume Attack – Watches shape of traffic instead of content  Flooding Attack – With batch size n, attacker sends n-1 messages  Usage Pattern Attack – Consistent usage patterns leads to predictability
Levels of Anonymity Absolute Privacy Beyond Suspicion Probable Innocence Possible Innocence Exposed Provably Exposed •Beyond Suspicion •Attacker can see evidence of a sent message, but the sender appears no more likely to be the originator than any other potential sender in the system •Probable Innocence •The sender is more likely the originator than any other potential sender, but there is equal likelihood the sender is not the originator •Possible Innocence •The sender appears more likely to be the originator than to not be the originator, but there’s still a non-trivial probability that the originator is someone else
Capabilities  Latency, Bandwidth, Anonymity – Pick 2  Human element – Repetitive usage patterns make attacks easier – Pizza effect
Proxy Anonymizers  Use trusted centralized servers  Anonymous remailers - Helsingius  Anonymizer.com  Hides IP address - NAT  Users not anonymous to proxy server  Susceptible to traffic analysis
Mixes  Source routing chosen by user  Shuffles order of packets  Mix cascade consists of several mixes under separate operators  Encrypted for each mix in the path  Processes packets in batches  Used to counter traffic analysis
Mixes A1, C1(A3, C3(A2, C2(S, M, r2), r3), r1) A3, C3(A2, C2(S, M, r2), r3) A2, C2(S, M, r2) S, M Mix 1 Mix 4Mix 3 Mix 2 1. 2. 3. 4. 1. 2. 3. 4. Ai = Next Hop Address Ci = Message encrypted with public key of Mix i S = Destination Host address M = Original message
Mixes  Fine for non real-time (email)  Not sufficient for VoIP, video, web  Mix waits to accumulate inputs to process as a batch (especially slow for low traffic)
Enhancements  Messages all the same length  Buffers messages until several can be sent at once  Dummy messages inserted – Between mixes – Between mixes and user  Balance end to end throughput with anonymity – Duration to wait for mixes to accumulate traffic – Percentage of dummy traffic
P5  Decentralized – Harder to attack  Allows choice of tradeoff between anonymity / throughput  Encrypted with public key of each node in route  Nodes change packet order  Fixed message size  Users have broadcast map and route map  Noise packets counter statistical traffic analysis
User A User B User A can send an anonymous message to User B via group */0, 1/1, 111/3, etc User A can route messages between 00/2 and 01/2 01/2 is a subset of */0 – more efficient but less anonymous Hash of User’s public key provides choice of groups.
P5  Within a channel, P5 functions as a mix cascade  Between channels, P5 provides greater anonymity per bandwidth – For 8192 users, 1.5 Mbps provides 200Kbps with 40% loss  Resistant to Timing/Volume and DoS attacks  Susceptible to Flood Attack (Mob Attack) – User’s channel is flooded, prompting him to reveal more of his mask to gain efficiency, thereby reducing his anonymity
Conclusion  Costly to be anonymous (Use Anonymous VPN Service) – Tradeoff with throughput  Can not be completely anonymous anyway – No protection from monitoring usage patterns  Aside from this, practical anonymity can be achieved

Recommended

Presentation endangered languages and linguistic diversity
Presentation endangered languages and linguistic diversityPresentation endangered languages and linguistic diversity
Presentation endangered languages and linguistic diversity
Zwidzai Chinyowa
 
Introduction Linguistics
Introduction LinguisticsIntroduction Linguistics
Introduction Linguistics
Dr. Cupid Lucid
 
Second language acquisition and error analysis (arfan rai)
Second language acquisition and error analysis (arfan rai)Second language acquisition and error analysis (arfan rai)
Second language acquisition and error analysis (arfan rai)
Arfan rai
 
Computer Assisted Language Learning
Computer Assisted Language LearningComputer Assisted Language Learning
Computer Assisted Language Learning
Hala Nur
 
The Role of Electronic Dictionary in Learning Process
The Role of Electronic Dictionary in Learning ProcessThe Role of Electronic Dictionary in Learning Process
The Role of Electronic Dictionary in Learning Process
ijtsrd
 
Segregation
SegregationSegregation
Segregation
SocProf
 
The influence of age on sla in terms of route
The influence of age on sla in terms of routeThe influence of age on sla in terms of route
The influence of age on sla in terms of route
Thao Le
 
Ethnicity and language use
Ethnicity and language use Ethnicity and language use
Ethnicity and language use
nordiwiyana mn
 

Recommended

Presentation endangered languages and linguistic diversity
Presentation endangered languages and linguistic diversityPresentation endangered languages and linguistic diversity
Presentation endangered languages and linguistic diversity
Zwidzai Chinyowa
 
Introduction Linguistics
Introduction LinguisticsIntroduction Linguistics
Introduction Linguistics
Dr. Cupid Lucid
 
Second language acquisition and error analysis (arfan rai)
Second language acquisition and error analysis (arfan rai)Second language acquisition and error analysis (arfan rai)
Second language acquisition and error analysis (arfan rai)
Arfan rai
 
Computer Assisted Language Learning
Computer Assisted Language LearningComputer Assisted Language Learning
Computer Assisted Language Learning
Hala Nur
 
The Role of Electronic Dictionary in Learning Process
The Role of Electronic Dictionary in Learning ProcessThe Role of Electronic Dictionary in Learning Process
The Role of Electronic Dictionary in Learning Process
ijtsrd
 
Segregation
SegregationSegregation
Segregation
SocProf
 
The influence of age on sla in terms of route
The influence of age on sla in terms of routeThe influence of age on sla in terms of route
The influence of age on sla in terms of route
Thao Le
 
Ethnicity and language use
Ethnicity and language use Ethnicity and language use
Ethnicity and language use
nordiwiyana mn
 
Security management in mobile ad hoc networks
Security management in mobile ad hoc networksSecurity management in mobile ad hoc networks
Security management in mobile ad hoc networks
Prof. Dr. Noman Islam
 
Ids 009 network attacks
Ids 009 network attacksIds 009 network attacks
Ids 009 network attacks
jyoti_lakhani
 
Privacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August MeetingPrivacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August Meeting
Jose L. Quiñones-Borrero
 
Anonymizing Networks
Anonymizing NetworksAnonymizing Networks
Anonymizing Networks
pauldeng
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
chintaan
 
透视消费者.ppt
透视消费者.ppt透视消费者.ppt
透视消费者.ppt
wei mingyang
 
zebra curtain
zebra curtainzebra curtain
zebra curtain
curtainnikjou
 
best jewelry
best jewelrybest jewelry
best jewelry
baldaligatmashhad
 
Ip traceback seminar full report
Ip traceback seminar full reportIp traceback seminar full report
Ip traceback seminar full report
deepakmarndi
 
501 ch 6 threats vulnerabilities attacks
501 ch 6 threats vulnerabilities attacks501 ch 6 threats vulnerabilities attacks
501 ch 6 threats vulnerabilities attacks
gocybersec
 
Black hole attack
Black hole attackBlack hole attack
Black hole attack
Richa Kumari
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
AfiqEfendy Zaen
 
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERYASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
AM Publications
 
Computer Security
Computer SecurityComputer Security
Computer Security
Greater Noida Institute Of Technology
 
DDoS attacks
DDoS attacksDDoS attacks
DDoS attacks
Ch Anas Irshad
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security Hacking
Erdo Deshiant Garnaby
 
A Trusted Approach Towards DDos Attack
A Trusted Approach Towards DDos AttackA Trusted Approach Towards DDos Attack
A Trusted Approach Towards DDos Attack
theijes
 
Various Security Attacks in mobile ad hoc networks
Various Security Attacks in mobile ad hoc networksVarious Security Attacks in mobile ad hoc networks
Various Security Attacks in mobile ad hoc networks
Kishan Patel
 
Describe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docxDescribe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docx
earleanp
 
Research by ahad attack on the physical layer
Research by ahad attack on the physical layerResearch by ahad attack on the physical layer
Research by ahad attack on the physical layer
Muhammad Ahad
 
How to watch youtube red abroad
How to watch youtube red abroadHow to watch youtube red abroad
How to watch youtube red abroad
Dooremoore
 
Wireless network guide
Wireless network guideWireless network guide
Wireless network guide
Dooremoore
 

More Related Content

Similar to Anonymity

Anonymizing Networks
Anonymizing NetworksAnonymizing Networks
Anonymizing Networks
pauldeng
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
chintaan
 
透视消费者.ppt
透视消费者.ppt透视消费者.ppt
透视消费者.ppt
wei mingyang
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
AfiqEfendy Zaen
 
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERYASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
AM Publications
 
A Trusted Approach Towards DDos Attack
A Trusted Approach Towards DDos AttackA Trusted Approach Towards DDos Attack
A Trusted Approach Towards DDos Attack
theijes
 
Describe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docxDescribe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docx
earleanp
 

Similar to Anonymity (20)

Security management in mobile ad hoc networks
Security management in mobile ad hoc networksSecurity management in mobile ad hoc networks
Security management in mobile ad hoc networks
 
Ids 009 network attacks
Ids 009 network attacksIds 009 network attacks
Ids 009 network attacks
 
Privacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August MeetingPrivacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August Meeting
 
Anonymizing Networks
Anonymizing NetworksAnonymizing Networks
Anonymizing Networks
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
 
透视消费者.ppt
透视消费者.ppt透视消费者.ppt
透视消费者.ppt
 
zebra curtain
zebra curtainzebra curtain
zebra curtain
 
best jewelry
best jewelrybest jewelry
best jewelry
 
Ip traceback seminar full report
Ip traceback seminar full reportIp traceback seminar full report
Ip traceback seminar full report
 
501 ch 6 threats vulnerabilities attacks
501 ch 6 threats vulnerabilities attacks501 ch 6 threats vulnerabilities attacks
501 ch 6 threats vulnerabilities attacks
 
Black hole attack
Black hole attackBlack hole attack
Black hole attack
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
 
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERYASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
ASYMTOTIC ANALYSIS IN SECURED MESSAGE DELIVERY
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
DDoS attacks
DDoS attacksDDoS attacks
DDoS attacks
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security Hacking
 
A Trusted Approach Towards DDos Attack
A Trusted Approach Towards DDos AttackA Trusted Approach Towards DDos Attack
A Trusted Approach Towards DDos Attack
 
Various Security Attacks in mobile ad hoc networks
Various Security Attacks in mobile ad hoc networksVarious Security Attacks in mobile ad hoc networks
Various Security Attacks in mobile ad hoc networks
 
Describe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docxDescribe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docx
 
Research by ahad attack on the physical layer
Research by ahad attack on the physical layerResearch by ahad attack on the physical layer
Research by ahad attack on the physical layer
 

More from Dooremoore

More from Dooremoore (9)

How to watch youtube red abroad
How to watch youtube red abroadHow to watch youtube red abroad
How to watch youtube red abroad
 
Wireless network guide
Wireless network guideWireless network guide
Wireless network guide
 
Wifi security
Wifi securityWifi security
Wifi security
 
A Detailed History of Cybercrimes
A Detailed History of CybercrimesA Detailed History of Cybercrimes
A Detailed History of Cybercrimes
 
Cyber security and safety
Cyber security and safetyCyber security and safety
Cyber security and safety
 
Wifi wireless networks
Wifi wireless networksWifi wireless networks
Wifi wireless networks
 
Internet anonymity and privacy
Internet anonymity and privacyInternet anonymity and privacy
Internet anonymity and privacy
 
Internet privacy
Internet privacyInternet privacy
Internet privacy
 
What is an ip address
What is an ip addressWhat is an ip address
What is an ip address
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Recently uploaded (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

Anonymity

  • 1. Anonymity on the Internet
  • 2. Types of Anonymity  Pseudonymity – Susceptible to subpoenas  Sender – Receiver / observer can’t identify sender  Receiver – Observer can’t identify receiver  Sender-receiver – Observer can’t identify that communication has been sent
  • 3. Uses of Anonymity Positive  Free speech for political claims as well as non-political comments  engage in whistle-blowing  conduct commercial transactions  freedom from detection, retribution, and embarrassment  New York Times Co. vs. Sullivan, 1964 "an author's decision to remain anonymous...is an aspect of the freedom of speech protected by the First Amendment"
  • 4. Uses of Anonymity Negative  Spam  DoS -  Illegal activity – anonymous bribery, copyright infringement, harassment, financial scams, disclosure of trade secrets
  • 5. Assumptions  Weak attacker – Eavesdrops on first and last hop – Can introduce messages here  Strong attacker – Eavesdrops on all links – Can introduce messages anywhere  Attacker has finite time, computing power  Multiple users
  • 6. Types of Attackers  Local eavesdropper – Observes inbound and outbound messages on user’s computer  Administrator – Operator or group of operators of anonymizing systems attempting to foil their own system  Remote attack – Observation at the remote end by eavesdropper or attack by the remote host
  • 7. Attacks  Timing Attack, Volume Attack – Watches shape of traffic instead of content  Flooding Attack – With batch size n, attacker sends n-1 messages  Usage Pattern Attack – Consistent usage patterns leads to predictability
  • 8. Levels of Anonymity Absolute Privacy Beyond Suspicion Probable Innocence Possible Innocence Exposed Provably Exposed •Beyond Suspicion •Attacker can see evidence of a sent message, but the sender appears no more likely to be the originator than any other potential sender in the system •Probable Innocence •The sender is more likely the originator than any other potential sender, but there is equal likelihood the sender is not the originator •Possible Innocence •The sender appears more likely to be the originator than to not be the originator, but there’s still a non-trivial probability that the originator is someone else
  • 9. Capabilities  Latency, Bandwidth, Anonymity – Pick 2  Human element – Repetitive usage patterns make attacks easier – Pizza effect
  • 10. Proxy Anonymizers  Use trusted centralized servers  Anonymous remailers - Helsingius  Anonymizer.com  Hides IP address - NAT  Users not anonymous to proxy server  Susceptible to traffic analysis
  • 11. Mixes  Source routing chosen by user  Shuffles order of packets  Mix cascade consists of several mixes under separate operators  Encrypted for each mix in the path  Processes packets in batches  Used to counter traffic analysis
  • 12. Mixes A1, C1(A3, C3(A2, C2(S, M, r2), r3), r1) A3, C3(A2, C2(S, M, r2), r3) A2, C2(S, M, r2) S, M Mix 1 Mix 4Mix 3 Mix 2 1. 2. 3. 4. 1. 2. 3. 4. Ai = Next Hop Address Ci = Message encrypted with public key of Mix i S = Destination Host address M = Original message
  • 13. Mixes  Fine for non real-time (email)  Not sufficient for VoIP, video, web  Mix waits to accumulate inputs to process as a batch (especially slow for low traffic)
  • 14. Enhancements  Messages all the same length  Buffers messages until several can be sent at once  Dummy messages inserted – Between mixes – Between mixes and user  Balance end to end throughput with anonymity – Duration to wait for mixes to accumulate traffic – Percentage of dummy traffic
  • 15. P5  Decentralized – Harder to attack  Allows choice of tradeoff between anonymity / throughput  Encrypted with public key of each node in route  Nodes change packet order  Fixed message size  Users have broadcast map and route map  Noise packets counter statistical traffic analysis
  • 16. User A User B User A can send an anonymous message to User B via group */0, 1/1, 111/3, etc User A can route messages between 00/2 and 01/2 01/2 is a subset of */0 – more efficient but less anonymous Hash of User’s public key provides choice of groups.
  • 17. P5  Within a channel, P5 functions as a mix cascade  Between channels, P5 provides greater anonymity per bandwidth – For 8192 users, 1.5 Mbps provides 200Kbps with 40% loss  Resistant to Timing/Volume and DoS attacks  Susceptible to Flood Attack (Mob Attack) – User’s channel is flooded, prompting him to reveal more of his mask to gain efficiency, thereby reducing his anonymity
  • 18. Conclusion  Costly to be anonymous (Use Anonymous VPN Service) – Tradeoff with throughput  Can not be completely anonymous anyway – No protection from monitoring usage patterns  Aside from this, practical anonymity can be achieved