anonymity - background r. newman. topics defining anonymity need for anonymity defining privacy...
TRANSCRIPT
Anonymity - Background
R. Newman
Topics
Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity Applications of anonymity technology
User Observability in Networks Attacker: can observe messages
Message contents: Data disclosure Message headers: Traffic analysis
Attacker: may be able to affect/inject messages Destroy/delay Replay Modification Fabrication
Attacker: may have compromised node(s) Observe whatever the node can see Perform actions as that node
Network Protocols
Application Message
Application MessageTransport Header
Application MessageTransport HeaderNetwork Header
Application MessageTransport HeaderNetwork HeaderLink Header Link Trailer
Application MessageTransport HeaderNetwork HeaderLink Header Link TrailerPHY
Socket – map process/port via OS
Interface – provide address for routing through network
Medium Access – provide MAC address and deliver to next node in path
Physical – modulate/sense medium, synchronize symbols, bits, boundaries
Simplified version of what goes on when a message is sent
Where to protect your wires? Protect actual wires Link Layer Encryption Network Layer Encryption Transport Layer Encryption
Allows policies at port and connection levels Application Layer Encryption
Allows for specificity, but reveals a lot!
Physical Mechanisms Prevent eavesdropping on wires
Prevent tapping Fiber optics Special cabling Still need appropriate protocols in case nodes are
compromised Still need EMI emission elimination (TEMPEST)
Link Encryption
Encrypt all traffic at link level Network header is not observable But.... Can still have linkability:
Frame lengths Frame timing
Node compromise Reveals everything!
Network Layer Encryption
Encrypt at network level If network addresses encrypted, must broadcast
Not scalable Implicit addressing Encrypt contents
Compromise of router doesn’t lose content confidentiality But allows for traffic analysis
So – encrypt true destination, encapsulate, and send to intermediate nodes These become Mixes Mix unpacks and resends
Transport Layer Encryption
Encrypt at transport layer If port numbers encrypted, host has no way to route
to processes/sockets Can be transparent to applications Encrypt contents
Allows for endpoint (IP address/Port number) traffic analysis
Network Anonymity Forms
Recipient Anonymity Know who sent a message, but not who received it
Message linkability Know a message was sent, but don’t know which of
the incoming messages correspond to an outgoing message
Sender Anonymity Know who received a message, but not who sent it
Recipient Anonymity
Broadcast All nodes receive all messages Scaling problems! Implicit addressing – recognize msgs for you Invisible – only destination can determine attribute
Public key distribution (like covert channel) Visible – if not invisible
Can use pseudonyms Public vs. Private
Public if known to all principals Public <=> Not invisible – else linkable
Sender-Receiver Unlinkability
Mixes Sender sends to Mix Mix resends to Recipient Must prevent linking incoming messages with
outgoing messages More on this when covering Chaum Mix papers
Sender Anonymity
Superposed Sending DC-networks Every station generates at least one key bit per
message bit Key bit is sent over secure channel to exactly one other
station To send a bit, each station XORs all key bits it sent or
received, plus the bit it wants to send (if any) Makes multiple access collision channel Need anonymity-preserving multiple access protocol
Slotted ring w/sender remove, e.g. Can reduce traffic by PRNG distribution
End-to-end delay Store-and-forward vs. Cut-through Introduced delays (Mixes)
Reliability End-to-end retransmission problematic
Scalability Network load Station load
Performance Issues
Chaum Mixes Generalized Mixes Measuring information leakage
Next