SlideShare a Scribd company logo

5 Anonymous Communication exercises fee d

Download as PPTX, PDF
G
gawodaf378

communication

Career
1 of 56
Information Hiding: Anonymous Communication Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last slide for acknowledgements!
Classes of Information Hiding • Digital watermarking • Steganography • Covert channels • Anonymous communication • Protocol obfuscation CS660 - Advanced Information Assurance - UMassAmherst 2
Definition • Hiding the identitie(s) of the parties involved in digital communications from each other, or from third-parties – “Who you are” from the communicating party – “Who you are talking to” from everyone else CS660 - Advanced Information Assurance - UMassAmherst 3
Why be Anonymous? • If you are a cyber-criminal! – DRM infringement, hacker, spammer, terrorist, etc. • But, also if you are: – Journalist – Whistleblower – Human rights activist – Business executive – Military/intelligence personnel – Abuse victims CS660 - Advanced Information Assurance - UMassAmherst 4
Why be Anonymous? • How about normal people? – Avoid tracking by advertising companies – Protect sensitive personal information from businesses, like insurance companies, banks, etc. – Express unpopular or controversial opinions – Have a dual life • A professor who is also a pro in World of Warcraft! – Try uncommon things – … – It feels good to have some privacy! CS660 - Advanced Information Assurance - UMassAmherst 5
Bottomline: Anonymity is not for criminals only! CS660 - Advanced Information Assurance - UMassAmherst 6
But, It’s Hard to be Anonymous! • Your network location (IP address) can be linked directly to you – ISPs store communications records – Usually for several years (Data Retention Laws) – Law enforcement can subpoena these records • Your application is being tracked – Cookies, Flash cookies, E-Tags, HTML5 Storage – Centralized services like Skype, Google voice – Browser fingerprinting • Your activities can be used to identify you – Unique websites and apps that you use – Types of links that you click CS660 - Advanced Information Assurance - UMassAmherst 7
But, It’s Hard to be Anonymous! • Your Internet access point can be wiretapped – Wireless traffic can be trivially intercepted • Airsnort, Firesheep, etc. • Wifi and Cellular traffic! • Encryption helps, if it’s strong – WEP and WPA are both vulnerable! – Tier 1 ASs and IXPs are compromised • NSA, GCHQ, “5 Eyes” • ~1% of all Internet traffic • Focus on encrypted traffic CS660 - Advanced Information Assurance - UMassAmherst 8
You Have to Protect at All Layers! CS660 - Advanced Information Assurance - UMassAmherst 9 Challenge: Maintain Performance
Definitions CS660 - Advanced Information Assurance - UMassAmherst 10
Types of Anonymity • Sender anonymity • Receiver anonymity • Sender-Receiver anonymity CS660 - Advanced Information Assurance - UMassAmherst 11
Properties • Unlinkability: the inability of link two or more items of interests to break anonymity, like packets, events, people, actions, etc. • Unobservability: items of interest are indistinguishable from all other items CS660 - Advanced Information Assurance - UMassAmherst 12
Quantifying Anonymity 13 • How can we calculate how anonymous we are? – Anonymity Sets  Larger anonymity set = stronger anonymity Who sent this message? Suspects (Anonymity Set)
Anonymity Systems CS660 - Advanced Information Assurance - UMassAmherst 15
Crypto (SSL) 16 Data Traffic • Content is unobservable – Due to encryption • Source and destination are trivially linkable – No anonymity!
Anonymizing Proxies 17 • Source is known • Destination anonymity HTTPS Proxy  Destination is known  Source anonymity No anonymity!
Anonymizing VPNs 18 • Source is known • Destination anonymity VPN Gateway  Destination is known  Source anonymity No anonymity!
Using Content to Deanonymize 19 HTTPS Proxy No anonymity! • Reading Gmail • Looking up directions to home • Updating your G+ profile • Etc… • Fact: the NSA leverages common cookies from ad networks, social networks, etc. to track users
Data To Protect 20 • Personally Identifiable Information (PII) – Name, address, phone number, etc. • OS and browser information – Cookies, etc. • Language information • IP address • Amount of data sent and received • Traffic timing
Some Crypto Background CS660 - Advanced Information Assurance - UMassAmherst 21
Crypto Algorithms 22 • Symmetric algorithms – Conventional algorithms – Encryption and decryption keys are the same – Examples: DES, 3DES, AES, Blowfish • Asymmetric algorithms – Commonly known as Public Key algorithms – Encryption key and decryption key are different – Examples: Diffie-Hellman, RSA, Elliptic curve
Symmetric Key Crypto 23 • Let’s say we have a plaintext message M – … a symmetric encryption algorithm E – … and a key K M  E(K, M) = C  E(K, C) = M • Advantages: – Fast and easy to use • Disadvantages – How to securely communicate the key? Cyphertext C Symmetric encryption is reversible
Public Key Crypto 24 • Let’s say we have plaintext message M – … a public key algorithm F – … and two keys KP (public) and KS (private) M  F(KP, M) = C  F(KS, C) = M M  F(KS, M) = C  F(KP, C) = M Encrypt with the public key… Decrypt with the private key
Public Key Crypto in Action 25 • Safe to distribute the public key KP – Can only decrypt with the private key KS – Computationally infeasible to derive KS from KP <KP, KS> KP KP
Crowds CS660 - Advanced Information Assurance - UMassAmherst 26
Crowds 27 • Key idea – Users’ traffic blends into a crowd of users – Eavesdroppers and end-hosts don’t know which user originated what traffic • High-level implementation – Every user runs a proxy on their system – Proxy is called a jondo • From “John Doe,” i.e. an unknown person – When a message is received, select x [0, 1] • If x > pf: forward the message to a random jondo • Else: deliver the message to the actual receiver
Crowds Example 28 • Links between users use public key crypto • Users may appear on the path multiple times Final Destination
Anonymity in Crowds 29 • No source anonymity – Target receives m incoming messages (m may = 0) – Target sends m + 1 outgoing messages – Thus, the target is sending something • Destination anonymity is maintained – If the source isn’t sending directly to the receiver
Anonymity in Crowds 30 • Source and destination are anonymous – Source and destination are jondo proxies – Destination is hidden by encryption
Anonymity in Crowds 31 • Destination is known – Obviously • Source is anonymous – O(n) possible sources, where n is the number of jondos
Anonymity in Crowds 32 • Destination is known – Evil jondo is able to decrypt the message • Source is somewhat anonymous – Suppose there are c evil jondos in the system – If pf > 0.5, and n > 3(c + 1), then the source cannot be inferred with probability > 0.5
Other Implementation Details 33 • Crowds requires a central server called a Blender – Keep track of who is running jondos • Kind of like a BitTorrent tracker – Broadcasts new jondos to existing jondos – Facilitates exchanges of public keys
Summary of Crowds 34 • The good: – Crowds has excellent scalability • Each user helps forward messages and handle load • More users = better anonymity for everyone – Strong source anonymity guarantees • The bad: – Very weak destination anonymity • Evil jondos can always see the destination – Weak unlinkability guarantees
Mixes CS660 - Advanced Information Assurance - UMassAmherst 35
Mix Networks 36 • A different approach to anonymity than Crowds • Originally designed for anonymous email – David Chaum, 1981 – Concept has since been generalized for TCP traffic • Hugely influential ideas – Onion routing – Traffic mixing – Dummy traffic (a.k.a. cover traffic)
Mix Proxies and Onion Routing 37 • Mixes form a cascade of anonymous proxies • All traffic is protected with layers of encryption Mix <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> [KP , KP , KP] Encrypted Tunnels Non-encrypted data E(KP , E(KP , E(KP , M))) = C
Another View of Encrypted Paths 38 <KP, KS> <KP, KS> <KP, KS>
Return Traffic 39 • In a mix network, how can the destination respond to the sender? • During path establishment, the sender places keys at each mix along the path – Data is re-encrypted as it travels the reverse path <KP1 , KS1> <KP2 , KS2> <KP3 , KS3> KP1 KP2 KP3
Traffic Mixing 40 • Hinders timing attacks – Messages may be artificially delayed – Temporal correlation is warped • Problems: – Requires lots of traffic – Adds latency to network flows 1 2 3 4 Arrival Order 1 2 3 4 Send Order • Mix collects messages for t seconds • Messages are randomly shuffled and sent in a different order
Dummy / Cover Traffic 41 • Simple idea: – Send useless traffic to help obfuscate real traffic
Tor Well, not Thor! CS660 - Advanced Information Assurance - UMassAmherst 42
Tor: The 2nd Generation Onion Router 43 • Basic design: a mix network with improvements – Perfect forward secrecy – Introduces guards to improve source anonymity – Introduces sessions for long term communicatios – Takes bandwidth into account when selecting relays • Mixes in Tor are called relays – Introduces hidden services • Servers that are only accessible via the Tor overlay
Deployment and Statistics 44 • Largest, most well deployed anonymity preserving service on the Internet – Publicly available since 2002 – Continues to be developed and improved • Currently, ~5000 Tor relays around the world – All relays are run by volunteers – It is suspected that some are controlled by intelligence agencies • 500K – 900K daily users – Numbers are likely larger now, thanks to Snowden
Celebrities Use Tor 45
How Do You Use Tor? 46 1. Download, install, and execute the Tor client – The client acts as a SOCKS proxy – The client builds and maintains circuits of relays 2. Configure your browser to use the Tor client as a proxy – Any app that supports SOCKS proxies will work with Tor 3. All traffic from the browser will now be routed through the Tor overlay
Selecting Relays 47 • How do clients locate the Tor relays? • Tor Consensus File – Hosted by trusted directory servers – Lists all known relays • IP address, uptime, measured bandwidth, etc. • Not all relays are created equal – Entry/guard and exit relays are specially labelled – Why? • Tor does not select relays randomly – Chance of selection is proportional to bandwidth – Why? Is this a good idea?
Attacks Against Tor Circuits 48 • Tor users can choose any number of relays – Default configuration is 3 – Why would higher or lower number be better or worse? Entry/ Guard Middle Exit Source: known Dest: unknown Source: unknown Dest: unknown Source: unknown Dest: known Source: known Dest: known
Predecessor Attack 49 • Assumptions: – N total relays – M of which are controlled by an attacker • Attacker goal: control the first and last relay – M/N chance for first relay – (M-1)/(N-1) chance for the last relay – Roughly (M/N)2 chance overall, for a single circuit • However, client periodically builds new circuits – Over time, the chances for the attacker to be in the correct positions improves! • This is the predecessor attack • Attacker controls the first and last relay • Probability of being in the right positions increases over time
Guard Relays 50 • Guard relays help prevent attackers from becoming the first relay – Tor selects 3 guard relays and uses them for 3 months – After 3 months, 3 new guards are selected • Only relays that: – Have long and consistent uptimes… – Have high bandwidth… – And are manually vetted may become guards • Problem: what happens if you choose an evil guard? – M/N chance of full compromise
Hidden Services 51 • Tor is very good at hiding the source of traffic – But the destination is often an exposed website • What if we want to run an anonymous service? – i.e. a website, where nobody knows the IP address? • Tor supports Hidden Services – Allows you to run a server and have people connect – … without disclosing the IP or DNS name • Many hidden services – Tor Mail, Tor Char – DuckDuckGo – Wikileaks  The Pirate Bay  Silk Road (2.0)
https://go2ndkjdf8whfanf4o.onion Hidden Service Example 52 • Onion URL is a hash, allows any Tor user to find the introduction points Hidden Service Introduction Points Rendezvous Point
Perfect Forward Secrecy 53 • In traditional mix networks, all traffic is encrypted using public/private keypairs • Problem: what happens if a private key is stolen? – All future traffic can be observed and decrypted – If past traffic has been logged, it can also be decrypted • Tor implements Perfect Forward Secrecy (PFC) – The client negotiates a new public key pair with each relay – Original keypairs are only used for signatures • i.e. to verify the authenticity of messages • An attacker who compromises a private key can still eavesdrop on future traffic • … but past traffic is encrypted with ephemeral keypairs that are not stored
Discussion • Main challenges? – Performance – Scalability – Resourceful adversaries – … • Alternatives to Tor? – Peer-to-peer structures CS660 - Advanced Information Assurance - UMassAmherst 54
Classes of Information Hiding • Digital watermarking • Steganography • Covert channels • Anonymous communication • Protocol obfuscation CS660 - Advanced Information Assurance - UMassAmherst 55
Acknowledgements • Some of the slides, content, or pictures are borrowed from the following resources, and some pictures are obtained through Google search without being referenced below: • Most of the slides borrowed (with some changes) from Prof. Christo Wilson’s presentation in NEU CS4700 56

Recommended

Privacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August MeetingPrivacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August Meeting
Jose L. Quiñones-Borrero
 
How to become Hackers .
How to become Hackers .How to become Hackers .
How to become Hackers .
Greater Noida Institute Of Technology
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 
Hackers Cracker Network Intruder
Hackers Cracker Network IntruderHackers Cracker Network Intruder
Hackers Cracker Network Intruder
Erdo Deshiant Garnaby
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce
STS
 
Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?
hackdemocracy
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
hibaehed
 
Meletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information security
Meletis Belsis MPhil/MRes/BSc
 

Recommended

Privacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August MeetingPrivacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August Meeting
Jose L. Quiñones-Borrero
 
How to become Hackers .
How to become Hackers .How to become Hackers .
How to become Hackers .
Greater Noida Institute Of Technology
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 
Hackers Cracker Network Intruder
Hackers Cracker Network IntruderHackers Cracker Network Intruder
Hackers Cracker Network Intruder
Erdo Deshiant Garnaby
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce
STS
 
Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?
hackdemocracy
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
hibaehed
 
Meletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information security
Meletis Belsis MPhil/MRes/BSc
 
Computer Security
Computer SecurityComputer Security
Computer Security
Greater Noida Institute Of Technology
 
Dmk blackops2006
Dmk blackops2006Dmk blackops2006
Dmk blackops2006
Dan Kaminsky
 
Hacking
HackingHacking
Hacking
Muhammad Ruhul Mowla
 
Hacking
HackingHacking
Hacking
Anil Shrivastav
 
Hacking
HackingHacking
Hacking
LutfulM
 
20 security
20 security20 security
20 security
abiy2004
 
Network security
Network securityNetwork security
Network security
Perfect Training Center
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniques
MohitManna
 
hacking.ppt
hacking.ppthacking.ppt
hacking.ppt
ssuserec53e73
 
2hacking.ppt
2hacking.ppt2hacking.ppt
2hacking.ppt
LatinaLatina1
 
Cryptography
CryptographyCryptography
Cryptography
PPT4U
 
Threats to network
Threats to networkThreats to network
Threats to network
Q4Points.com
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security Hacking
Erdo Deshiant Garnaby
 
Network security
Network securityNetwork security
Network security
syed mehdi raza
 
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
Amazon Web Services
 
Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
PECB
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
Jose L. Quiñones-Borrero
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
b coatesworth
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
chintaan
 
Network security basics
Network security basicsNetwork security basics
Network security basics
Skillspire LLC
 
DOH 5S ENHANCED DENGUE PROTOCOL (1).pptx
DOH 5S ENHANCED DENGUE PROTOCOL (1).pptxDOH 5S ENHANCED DENGUE PROTOCOL (1).pptx
DOH 5S ENHANCED DENGUE PROTOCOL (1).pptx
SamCuevas4
 
Master SEO in 2024 The Complete Beginner's Guide
Master SEO in 2024 The Complete Beginner's GuideMaster SEO in 2024 The Complete Beginner's Guide
Master SEO in 2024 The Complete Beginner's Guide
TechEasifyInfotech
 

More Related Content

Similar to 5 Anonymous Communication exercises fee d

20 security
20 security20 security
20 security
abiy2004
 
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
Amazon Web Services
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
chintaan
 

Similar to 5 Anonymous Communication exercises fee d (20)

Computer Security
Computer SecurityComputer Security
Computer Security
 
Dmk blackops2006
Dmk blackops2006Dmk blackops2006
Dmk blackops2006
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
20 security
20 security20 security
20 security
 
Network security
Network securityNetwork security
Network security
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniques
 
hacking.ppt
hacking.ppthacking.ppt
hacking.ppt
 
2hacking.ppt
2hacking.ppt2hacking.ppt
2hacking.ppt
 
Cryptography
CryptographyCryptography
Cryptography
 
Threats to network
Threats to networkThreats to network
Threats to network
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security Hacking
 
Network security
Network securityNetwork security
Network security
 
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
AWS re:Invent 2016: No More Ransomware: How Europol, the Dutch Police, and AW...
 
Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
 
Network security basics
Network security basicsNetwork security basics
Network security basics
 

Recently uploaded

如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
muwyto
 
B. A. (Prog.) Political Science 6th Semester 2019.pdf
B. A. (Prog.) Political Science 6th Semester 2019.pdfB. A. (Prog.) Political Science 6th Semester 2019.pdf
B. A. (Prog.) Political Science 6th Semester 2019.pdf
paraspiyush3
 
如何办理(PITT毕业证书)匹兹堡大学毕业证成绩单原件一模一样
如何办理(PITT毕业证书)匹兹堡大学毕业证成绩单原件一模一样如何办理(PITT毕业证书)匹兹堡大学毕业证成绩单原件一模一样
如何办理(PITT毕业证书)匹兹堡大学毕业证成绩单原件一模一样
qyguxu
 
BLAHALIFHKSDFOILEWKHJSFDNLDSKFN,DLFKNFMELKFJAERPIOAL
BLAHALIFHKSDFOILEWKHJSFDNLDSKFN,DLFKNFMELKFJAERPIOALBLAHALIFHKSDFOILEWKHJSFDNLDSKFN,DLFKNFMELKFJAERPIOAL
BLAHALIFHKSDFOILEWKHJSFDNLDSKFN,DLFKNFMELKFJAERPIOAL
CaitlinCummins3
 
如何办理(UW毕业证书)滑铁卢大学毕业证成绩单原件一模一样
如何办理(UW毕业证书)滑铁卢大学毕业证成绩单原件一模一样如何办理(UW毕业证书)滑铁卢大学毕业证成绩单原件一模一样
如何办理(UW毕业证书)滑铁卢大学毕业证成绩单原件一模一样
qyguxu
 
一比一原版(UQ毕业证书)澳大利亚昆士兰大学毕业证成绩单学位证
一比一原版(UQ毕业证书)澳大利亚昆士兰大学毕业证成绩单学位证一比一原版(UQ毕业证书)澳大利亚昆士兰大学毕业证成绩单学位证
一比一原版(UQ毕业证书)澳大利亚昆士兰大学毕业证成绩单学位证
B
 
Job Hunting - pick over this fishbone for telephone interviews!.pptx
Job Hunting - pick over this fishbone for telephone interviews!.pptxJob Hunting - pick over this fishbone for telephone interviews!.pptx
Job Hunting - pick over this fishbone for telephone interviews!.pptx
Jon Stephenson
 
WIOA Program Info Session | PMI Silver Spring Chapter | May 17, 2024
WIOA Program Info Session | PMI Silver Spring Chapter | May 17, 2024WIOA Program Info Session | PMI Silver Spring Chapter | May 17, 2024
WIOA Program Info Session | PMI Silver Spring Chapter | May 17, 2024
Hector Del Castillo, CPM, CPMM
 
原版一模一样加拿大卡尔顿大学毕业证(Carleton毕业证书)文凭证书制作
原版一模一样加拿大卡尔顿大学毕业证(Carleton毕业证书)文凭证书制作原版一模一样加拿大卡尔顿大学毕业证(Carleton毕业证书)文凭证书制作
原版一模一样加拿大卡尔顿大学毕业证(Carleton毕业证书)文凭证书制作
austye
 
IN DOHA +27838792658 ABORTION PILLS FOR SALE IN DOHA, AL KHOR
IN DOHA +27838792658 ABORTION PILLS FOR SALE IN DOHA, AL KHORIN DOHA +27838792658 ABORTION PILLS FOR SALE IN DOHA, AL KHOR
IN DOHA +27838792658 ABORTION PILLS FOR SALE IN DOHA, AL KHOR
pillahdonald
 
Ralph - Project Presentation Enhancing System Security at Acme Flight Solutio...
Ralph - Project Presentation Enhancing System Security at Acme Flight Solutio...Ralph - Project Presentation Enhancing System Security at Acme Flight Solutio...
Ralph - Project Presentation Enhancing System Security at Acme Flight Solutio...
MasterG
 
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单原件一模一样
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单原件一模一样如何办理(UST毕业证书)圣托马斯大学毕业证成绩单原件一模一样
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单原件一模一样
muwyto
 
如何办理(CQU毕业证书)中央昆士兰大学毕业证成绩单原件一模一样
如何办理(CQU毕业证书)中央昆士兰大学毕业证成绩单原件一模一样如何办理(CQU毕业证书)中央昆士兰大学毕业证成绩单原件一模一样
如何办理(CQU毕业证书)中央昆士兰大学毕业证成绩单原件一模一样
muwyto
 

Recently uploaded (20)

DOH 5S ENHANCED DENGUE PROTOCOL (1).pptx
DOH 5S ENHANCED DENGUE PROTOCOL (1).pptxDOH 5S ENHANCED DENGUE PROTOCOL (1).pptx
DOH 5S ENHANCED DENGUE PROTOCOL (1).pptx
 
Master SEO in 2024 The Complete Beginner's Guide
Master SEO in 2024 The Complete Beginner's GuideMaster SEO in 2024 The Complete Beginner's Guide
Master SEO in 2024 The Complete Beginner's Guide
 
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
 
Rahul Chauhan Resume - Data Scientist.pdf
Rahul Chauhan Resume - Data Scientist.pdfRahul Chauhan Resume - Data Scientist.pdf
Rahul Chauhan Resume - Data Scientist.pdf
 
B. A. (Prog.) Political Science 6th Semester 2019.pdf
B. A. (Prog.) Political Science 6th Semester 2019.pdfB. A. (Prog.) Political Science 6th Semester 2019.pdf
B. A. (Prog.) Political Science 6th Semester 2019.pdf
 
Kathleen McBride ONLINE General Resume 2024.pdf
Kathleen McBride ONLINE General Resume 2024.pdfKathleen McBride ONLINE General Resume 2024.pdf
Kathleen McBride ONLINE General Resume 2024.pdf
 
如何办理(PITT毕业证书)匹兹堡大学毕业证成绩单原件一模一样
如何办理(PITT毕业证书)匹兹堡大学毕业证成绩单原件一模一样如何办理(PITT毕业证书)匹兹堡大学毕业证成绩单原件一模一样
如何办理(PITT毕业证书)匹兹堡大学毕业证成绩单原件一模一样
 
BLAHALIFHKSDFOILEWKHJSFDNLDSKFN,DLFKNFMELKFJAERPIOAL
BLAHALIFHKSDFOILEWKHJSFDNLDSKFN,DLFKNFMELKFJAERPIOALBLAHALIFHKSDFOILEWKHJSFDNLDSKFN,DLFKNFMELKFJAERPIOAL
BLAHALIFHKSDFOILEWKHJSFDNLDSKFN,DLFKNFMELKFJAERPIOAL
 
如何办理(UW毕业证书)滑铁卢大学毕业证成绩单原件一模一样
如何办理(UW毕业证书)滑铁卢大学毕业证成绩单原件一模一样如何办理(UW毕业证书)滑铁卢大学毕业证成绩单原件一模一样
如何办理(UW毕业证书)滑铁卢大学毕业证成绩单原件一模一样
 
一比一原版(UQ毕业证书)澳大利亚昆士兰大学毕业证成绩单学位证
一比一原版(UQ毕业证书)澳大利亚昆士兰大学毕业证成绩单学位证一比一原版(UQ毕业证书)澳大利亚昆士兰大学毕业证成绩单学位证
一比一原版(UQ毕业证书)澳大利亚昆士兰大学毕业证成绩单学位证
 
Your 7-Step Job Application Checklist: Ace Your Next Career Move
Your 7-Step Job Application Checklist: Ace Your Next Career MoveYour 7-Step Job Application Checklist: Ace Your Next Career Move
Your 7-Step Job Application Checklist: Ace Your Next Career Move
 
Job Hunting - pick over this fishbone for telephone interviews!.pptx
Job Hunting - pick over this fishbone for telephone interviews!.pptxJob Hunting - pick over this fishbone for telephone interviews!.pptx
Job Hunting - pick over this fishbone for telephone interviews!.pptx
 
WIOA Program Info Session | PMI Silver Spring Chapter | May 17, 2024
WIOA Program Info Session | PMI Silver Spring Chapter | May 17, 2024WIOA Program Info Session | PMI Silver Spring Chapter | May 17, 2024
WIOA Program Info Session | PMI Silver Spring Chapter | May 17, 2024
 
原版一模一样加拿大卡尔顿大学毕业证(Carleton毕业证书)文凭证书制作
原版一模一样加拿大卡尔顿大学毕业证(Carleton毕业证书)文凭证书制作原版一模一样加拿大卡尔顿大学毕业证(Carleton毕业证书)文凭证书制作
原版一模一样加拿大卡尔顿大学毕业证(Carleton毕业证书)文凭证书制作
 
IN DOHA +27838792658 ABORTION PILLS FOR SALE IN DOHA, AL KHOR
IN DOHA +27838792658 ABORTION PILLS FOR SALE IN DOHA, AL KHORIN DOHA +27838792658 ABORTION PILLS FOR SALE IN DOHA, AL KHOR
IN DOHA +27838792658 ABORTION PILLS FOR SALE IN DOHA, AL KHOR
 
ℂall Girls Baljit Nagar ℂall Now Chhaya ☎ 9899900591 WhatsApp Number 24/7
ℂall Girls Baljit Nagar ℂall Now Chhaya ☎ 9899900591 WhatsApp Number 24/7ℂall Girls Baljit Nagar ℂall Now Chhaya ☎ 9899900591 WhatsApp Number 24/7
ℂall Girls Baljit Nagar ℂall Now Chhaya ☎ 9899900591 WhatsApp Number 24/7
 
Ralph - Project Presentation Enhancing System Security at Acme Flight Solutio...
Ralph - Project Presentation Enhancing System Security at Acme Flight Solutio...Ralph - Project Presentation Enhancing System Security at Acme Flight Solutio...
Ralph - Project Presentation Enhancing System Security at Acme Flight Solutio...
 
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单原件一模一样
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单原件一模一样如何办理(UST毕业证书)圣托马斯大学毕业证成绩单原件一模一样
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单原件一模一样
 
5CL-ADBA,5cladba, the best supplier in China
5CL-ADBA,5cladba, the best supplier in China5CL-ADBA,5cladba, the best supplier in China
5CL-ADBA,5cladba, the best supplier in China
 
如何办理(CQU毕业证书)中央昆士兰大学毕业证成绩单原件一模一样
如何办理(CQU毕业证书)中央昆士兰大学毕业证成绩单原件一模一样如何办理(CQU毕业证书)中央昆士兰大学毕业证成绩单原件一模一样
如何办理(CQU毕业证书)中央昆士兰大学毕业证成绩单原件一模一样
 

5 Anonymous Communication exercises fee d

  • 1. Information Hiding: Anonymous Communication Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last slide for acknowledgements!
  • 2. Classes of Information Hiding • Digital watermarking • Steganography • Covert channels • Anonymous communication • Protocol obfuscation CS660 - Advanced Information Assurance - UMassAmherst 2
  • 3. Definition • Hiding the identitie(s) of the parties involved in digital communications from each other, or from third-parties – “Who you are” from the communicating party – “Who you are talking to” from everyone else CS660 - Advanced Information Assurance - UMassAmherst 3
  • 4. Why be Anonymous? • If you are a cyber-criminal! – DRM infringement, hacker, spammer, terrorist, etc. • But, also if you are: – Journalist – Whistleblower – Human rights activist – Business executive – Military/intelligence personnel – Abuse victims CS660 - Advanced Information Assurance - UMassAmherst 4
  • 5. Why be Anonymous? • How about normal people? – Avoid tracking by advertising companies – Protect sensitive personal information from businesses, like insurance companies, banks, etc. – Express unpopular or controversial opinions – Have a dual life • A professor who is also a pro in World of Warcraft! – Try uncommon things – … – It feels good to have some privacy! CS660 - Advanced Information Assurance - UMassAmherst 5
  • 6. Bottomline: Anonymity is not for criminals only! CS660 - Advanced Information Assurance - UMassAmherst 6
  • 7. But, It’s Hard to be Anonymous! • Your network location (IP address) can be linked directly to you – ISPs store communications records – Usually for several years (Data Retention Laws) – Law enforcement can subpoena these records • Your application is being tracked – Cookies, Flash cookies, E-Tags, HTML5 Storage – Centralized services like Skype, Google voice – Browser fingerprinting • Your activities can be used to identify you – Unique websites and apps that you use – Types of links that you click CS660 - Advanced Information Assurance - UMassAmherst 7
  • 8. But, It’s Hard to be Anonymous! • Your Internet access point can be wiretapped – Wireless traffic can be trivially intercepted • Airsnort, Firesheep, etc. • Wifi and Cellular traffic! • Encryption helps, if it’s strong – WEP and WPA are both vulnerable! – Tier 1 ASs and IXPs are compromised • NSA, GCHQ, “5 Eyes” • ~1% of all Internet traffic • Focus on encrypted traffic CS660 - Advanced Information Assurance - UMassAmherst 8
  • 9. You Have to Protect at All Layers! CS660 - Advanced Information Assurance - UMassAmherst 9 Challenge: Maintain Performance
  • 10. Definitions CS660 - Advanced Information Assurance - UMassAmherst 10
  • 11. Types of Anonymity • Sender anonymity • Receiver anonymity • Sender-Receiver anonymity CS660 - Advanced Information Assurance - UMassAmherst 11
  • 12. Properties • Unlinkability: the inability of link two or more items of interests to break anonymity, like packets, events, people, actions, etc. • Unobservability: items of interest are indistinguishable from all other items CS660 - Advanced Information Assurance - UMassAmherst 12
  • 13. Quantifying Anonymity 13 • How can we calculate how anonymous we are? – Anonymity Sets  Larger anonymity set = stronger anonymity Who sent this message? Suspects (Anonymity Set)
  • 14.
  • 15. Anonymity Systems CS660 - Advanced Information Assurance - UMassAmherst 15
  • 16. Crypto (SSL) 16 Data Traffic • Content is unobservable – Due to encryption • Source and destination are trivially linkable – No anonymity!
  • 17. Anonymizing Proxies 17 • Source is known • Destination anonymity HTTPS Proxy  Destination is known  Source anonymity No anonymity!
  • 18. Anonymizing VPNs 18 • Source is known • Destination anonymity VPN Gateway  Destination is known  Source anonymity No anonymity!
  • 19. Using Content to Deanonymize 19 HTTPS Proxy No anonymity! • Reading Gmail • Looking up directions to home • Updating your G+ profile • Etc… • Fact: the NSA leverages common cookies from ad networks, social networks, etc. to track users
  • 20. Data To Protect 20 • Personally Identifiable Information (PII) – Name, address, phone number, etc. • OS and browser information – Cookies, etc. • Language information • IP address • Amount of data sent and received • Traffic timing
  • 21. Some Crypto Background CS660 - Advanced Information Assurance - UMassAmherst 21
  • 22. Crypto Algorithms 22 • Symmetric algorithms – Conventional algorithms – Encryption and decryption keys are the same – Examples: DES, 3DES, AES, Blowfish • Asymmetric algorithms – Commonly known as Public Key algorithms – Encryption key and decryption key are different – Examples: Diffie-Hellman, RSA, Elliptic curve
  • 23. Symmetric Key Crypto 23 • Let’s say we have a plaintext message M – … a symmetric encryption algorithm E – … and a key K M  E(K, M) = C  E(K, C) = M • Advantages: – Fast and easy to use • Disadvantages – How to securely communicate the key? Cyphertext C Symmetric encryption is reversible
  • 24. Public Key Crypto 24 • Let’s say we have plaintext message M – … a public key algorithm F – … and two keys KP (public) and KS (private) M  F(KP, M) = C  F(KS, C) = M M  F(KS, M) = C  F(KP, C) = M Encrypt with the public key… Decrypt with the private key
  • 25. Public Key Crypto in Action 25 • Safe to distribute the public key KP – Can only decrypt with the private key KS – Computationally infeasible to derive KS from KP <KP, KS> KP KP
  • 26. Crowds CS660 - Advanced Information Assurance - UMassAmherst 26
  • 27. Crowds 27 • Key idea – Users’ traffic blends into a crowd of users – Eavesdroppers and end-hosts don’t know which user originated what traffic • High-level implementation – Every user runs a proxy on their system – Proxy is called a jondo • From “John Doe,” i.e. an unknown person – When a message is received, select x [0, 1] • If x > pf: forward the message to a random jondo • Else: deliver the message to the actual receiver
  • 28. Crowds Example 28 • Links between users use public key crypto • Users may appear on the path multiple times Final Destination
  • 29. Anonymity in Crowds 29 • No source anonymity – Target receives m incoming messages (m may = 0) – Target sends m + 1 outgoing messages – Thus, the target is sending something • Destination anonymity is maintained – If the source isn’t sending directly to the receiver
  • 30. Anonymity in Crowds 30 • Source and destination are anonymous – Source and destination are jondo proxies – Destination is hidden by encryption
  • 31. Anonymity in Crowds 31 • Destination is known – Obviously • Source is anonymous – O(n) possible sources, where n is the number of jondos
  • 32. Anonymity in Crowds 32 • Destination is known – Evil jondo is able to decrypt the message • Source is somewhat anonymous – Suppose there are c evil jondos in the system – If pf > 0.5, and n > 3(c + 1), then the source cannot be inferred with probability > 0.5
  • 33. Other Implementation Details 33 • Crowds requires a central server called a Blender – Keep track of who is running jondos • Kind of like a BitTorrent tracker – Broadcasts new jondos to existing jondos – Facilitates exchanges of public keys
  • 34. Summary of Crowds 34 • The good: – Crowds has excellent scalability • Each user helps forward messages and handle load • More users = better anonymity for everyone – Strong source anonymity guarantees • The bad: – Very weak destination anonymity • Evil jondos can always see the destination – Weak unlinkability guarantees
  • 35. Mixes CS660 - Advanced Information Assurance - UMassAmherst 35
  • 36. Mix Networks 36 • A different approach to anonymity than Crowds • Originally designed for anonymous email – David Chaum, 1981 – Concept has since been generalized for TCP traffic • Hugely influential ideas – Onion routing – Traffic mixing – Dummy traffic (a.k.a. cover traffic)
  • 37. Mix Proxies and Onion Routing 37 • Mixes form a cascade of anonymous proxies • All traffic is protected with layers of encryption Mix <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> <KP, KS> [KP , KP , KP] Encrypted Tunnels Non-encrypted data E(KP , E(KP , E(KP , M))) = C
  • 38. Another View of Encrypted Paths 38 <KP, KS> <KP, KS> <KP, KS>
  • 39. Return Traffic 39 • In a mix network, how can the destination respond to the sender? • During path establishment, the sender places keys at each mix along the path – Data is re-encrypted as it travels the reverse path <KP1 , KS1> <KP2 , KS2> <KP3 , KS3> KP1 KP2 KP3
  • 40. Traffic Mixing 40 • Hinders timing attacks – Messages may be artificially delayed – Temporal correlation is warped • Problems: – Requires lots of traffic – Adds latency to network flows 1 2 3 4 Arrival Order 1 2 3 4 Send Order • Mix collects messages for t seconds • Messages are randomly shuffled and sent in a different order
  • 41. Dummy / Cover Traffic 41 • Simple idea: – Send useless traffic to help obfuscate real traffic
  • 42. Tor Well, not Thor! CS660 - Advanced Information Assurance - UMassAmherst 42
  • 43. Tor: The 2nd Generation Onion Router 43 • Basic design: a mix network with improvements – Perfect forward secrecy – Introduces guards to improve source anonymity – Introduces sessions for long term communicatios – Takes bandwidth into account when selecting relays • Mixes in Tor are called relays – Introduces hidden services • Servers that are only accessible via the Tor overlay
  • 44. Deployment and Statistics 44 • Largest, most well deployed anonymity preserving service on the Internet – Publicly available since 2002 – Continues to be developed and improved • Currently, ~5000 Tor relays around the world – All relays are run by volunteers – It is suspected that some are controlled by intelligence agencies • 500K – 900K daily users – Numbers are likely larger now, thanks to Snowden
  • 46. How Do You Use Tor? 46 1. Download, install, and execute the Tor client – The client acts as a SOCKS proxy – The client builds and maintains circuits of relays 2. Configure your browser to use the Tor client as a proxy – Any app that supports SOCKS proxies will work with Tor 3. All traffic from the browser will now be routed through the Tor overlay
  • 47. Selecting Relays 47 • How do clients locate the Tor relays? • Tor Consensus File – Hosted by trusted directory servers – Lists all known relays • IP address, uptime, measured bandwidth, etc. • Not all relays are created equal – Entry/guard and exit relays are specially labelled – Why? • Tor does not select relays randomly – Chance of selection is proportional to bandwidth – Why? Is this a good idea?
  • 48. Attacks Against Tor Circuits 48 • Tor users can choose any number of relays – Default configuration is 3 – Why would higher or lower number be better or worse? Entry/ Guard Middle Exit Source: known Dest: unknown Source: unknown Dest: unknown Source: unknown Dest: known Source: known Dest: known
  • 49. Predecessor Attack 49 • Assumptions: – N total relays – M of which are controlled by an attacker • Attacker goal: control the first and last relay – M/N chance for first relay – (M-1)/(N-1) chance for the last relay – Roughly (M/N)2 chance overall, for a single circuit • However, client periodically builds new circuits – Over time, the chances for the attacker to be in the correct positions improves! • This is the predecessor attack • Attacker controls the first and last relay • Probability of being in the right positions increases over time
  • 50. Guard Relays 50 • Guard relays help prevent attackers from becoming the first relay – Tor selects 3 guard relays and uses them for 3 months – After 3 months, 3 new guards are selected • Only relays that: – Have long and consistent uptimes… – Have high bandwidth… – And are manually vetted may become guards • Problem: what happens if you choose an evil guard? – M/N chance of full compromise
  • 51. Hidden Services 51 • Tor is very good at hiding the source of traffic – But the destination is often an exposed website • What if we want to run an anonymous service? – i.e. a website, where nobody knows the IP address? • Tor supports Hidden Services – Allows you to run a server and have people connect – … without disclosing the IP or DNS name • Many hidden services – Tor Mail, Tor Char – DuckDuckGo – Wikileaks  The Pirate Bay  Silk Road (2.0)
  • 52. https://go2ndkjdf8whfanf4o.onion Hidden Service Example 52 • Onion URL is a hash, allows any Tor user to find the introduction points Hidden Service Introduction Points Rendezvous Point
  • 53. Perfect Forward Secrecy 53 • In traditional mix networks, all traffic is encrypted using public/private keypairs • Problem: what happens if a private key is stolen? – All future traffic can be observed and decrypted – If past traffic has been logged, it can also be decrypted • Tor implements Perfect Forward Secrecy (PFC) – The client negotiates a new public key pair with each relay – Original keypairs are only used for signatures • i.e. to verify the authenticity of messages • An attacker who compromises a private key can still eavesdrop on future traffic • … but past traffic is encrypted with ephemeral keypairs that are not stored
  • 54. Discussion • Main challenges? – Performance – Scalability – Resourceful adversaries – … • Alternatives to Tor? – Peer-to-peer structures CS660 - Advanced Information Assurance - UMassAmherst 54
  • 55. Classes of Information Hiding • Digital watermarking • Steganography • Covert channels • Anonymous communication • Protocol obfuscation CS660 - Advanced Information Assurance - UMassAmherst 55
  • 56. Acknowledgements • Some of the slides, content, or pictures are borrowed from the following resources, and some pictures are obtained through Google search without being referenced below: • Most of the slides borrowed (with some changes) from Prof. Christo Wilson’s presentation in NEU CS4700 56