![Page 1: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/1.jpg)
Lecture24 – AnonymityandPrivacy
StephenCheckowayUniversityofIllinois atChicago
CS487 – Fall 2017SlidesbasedonMillerandBailey’sECE422
![Page 2: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/2.jpg)
![Page 3: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/3.jpg)
Anonymity
•Anonymity:Concealingyouridentity•InthecontextoftheInternet,wemaywantanonymouscommunications
–Communicationswheretheidentityofthesourceand/ordestinationareconcealed
•Notthesameassecrecy/confidentiality–Confidentialityisaboutmessagecontents,
•(whatwassaid)
•Anonymityisaboutidentities•(whosaiditandtowhom)
![Page 4: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/4.jpg)
NymitySpectrum
•Verinymity–creditcard#s,driver'slicense,address
•Pseudonymity–pennames,manyblogs
•Linkableanonymity–loyaltycards,prepaidmobilephone
•Unlinkableanonymity–payingincash,Tor
![Page 5: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/5.jpg)
Whydoweneedanonymity?
•Necessarytoensurecivilliberties:–Freespeech,freeassociation,autonomy,freedomfromcensorshipandconstantsurveillance
•Privacyisahumanright–Dignity–NotexplicitinUSconstitution,butrelevantto1st4th5th9thamendmentsinbillofrights
•Surveillanceisexploitedforprofit–Targetedmarketingcampaigns–Discrimination(insurance,employment)
![Page 6: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/6.jpg)
ArgumentsagainstPrivacy?
•The"NothingtoHide”Argument–DangersofconstructingaKafkaesqueworld–Optionalreading:'I'veGotNothingtoHide'andOtherMisunderstandingsofPrivacy,DanielJ.Solove
–Typicallyspokenfromaviewofprivilege•Nooneexpectsprivacyanymoreanyway
–KidstodaysharetheirentirelivesonFacebook•Benefitsfromsharing(bettersearchresults?)•Privatecommunicationsabusedbybadguys
![Page 7: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/7.jpg)
HowtogetAnonymity
•Internetanonymityishard*–Difficultifnotimpossibletoachieveonyourown–RightthereineverypacketisthesourceanddestinationIPaddress–*Butit’seasyforbadguys.Why?
•Howdowedoit?•Stateofthearttechnique:Asksomeoneelsetosenditforyou
–Ok,it’sabitmoresophisticatedthanthat...
![Page 8: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/8.jpg)
Proxies
•Proxy:Intermediarythatrelaysourtraffic•Trusted3rdparty,e.g....hidemyass.com
–YousetupanencryptedVPNtotheirsite–Allofyourtrafficgoesthroughthem
•Whyeasyforbadguys?Compromisedmachinesasproxies.
![Page 9: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/9.jpg)
AlicewantstosendamessageMtoBob...
•Bobdoesn’tknowMisfromAlice,and•Evecan’tdeterminethatAliceisindeedcommunicatingwithBob.
•HMAacceptsmessagesencryptedforit.Extractsdestinationandforwards.
![Page 10: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/10.jpg)
Anonymitymotivation
Surveillanceunder:• ThePatriotAct
• Section215• NationalSecurityLetters(NSLs)
• FISAAmendmentAct
![Page 11: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/11.jpg)
Imagecredit:ACLU
![Page 12: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/12.jpg)
GoogleTransparencyReport
NationalSecurityLetters(NSLs)ReportingPeriod NationalSecurityLetters Users/AccountsJanuarytoJune2016 0–499 500–999JulytoDecember2015 1–499 500–999JanuarytoJune2015 0–499 500–999JulytoDecember2014 0–499 500–999JanuarytoJune2014 500–999 500–999JulytoDecember2013 500–999 1000–1499JanuarytoJune2013 0–499 500–999JulytoDecember2012 0–499 500–999JanuarytoJune2012 500–999 1000–1499JulytoDecember2011 0–499 500–999JanuarytoJune2011 0–499 500–999JulytoDecember2010 0–499 1000–1499JanuarytoJune2010 500–999 1500–1999JulytoDecember2009 0–499 500–999JanuarytoJune2009 0–499 500–999
![Page 13: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/13.jpg)
Metadata
•Everythingexceptthecontentsofyourcommunications:– If– When– Howmuch– Who
• What(thisisactuallythedata)“... analysis of telephony metadata often reveals information that could traditionally only be obtained by examining the contents of communications. That is, metadata is often a proxy for content.”— Prof. Edward W. Felten, Computer Science and Public Affairs, Princeton;
(former) Chief Technologist of FTC
![Page 14: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/14.jpg)
![Page 15: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/15.jpg)
XKEYSCORE
“I,sittingatmydesk,certainlyhadtheauthoritiestowiretapanyone,fromyouoryouraccountant,toafederaljudgeoreventhePresident,ifIhadapersonale-mail,”
![Page 16: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/16.jpg)
Technologyasadefense
![Page 17: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/17.jpg)
“Whetherwearesurveilledbyourgovernment,bycriminals,orbyourneighbors,itisfairtosaythatneverhasour abilitytoshieldouraffairsfrompryingeyesbeenatsuchalowebb.Theavailabilityanduseofsecureencryptionmayofferanopportunitytoreclaimsomeportionoftheprivacywehavelost.”
— 9thCircuitcourtopinion,Bernsteinv US DOJ1999“Cryptowars”
![Page 18: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/18.jpg)
EncryptionTools:PGP
•GnuPG,freesoftware–PrettyGoodPrivacy(PGP),PhilZimmerman(1991)–GnuPG (GPG)isafreesoftwarerecreation–Letsyouhideemailcontentviaencryption
•Basicidea:–Hybridencryptiontoconcealmessages–Digitalsignaturesonmessages(hash-then-sign)
![Page 19: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/19.jpg)
PGPcont'd
•Eachuserhas:–Apublicencryptionkey,pairedwithaprivatedecryptionkey–Aprivatesignaturekey,pairedwithapublicverificationkey
•Howdoessending/receivingwork?•Howdoyoufindoutsomeone'spublickey?
![Page 20: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/20.jpg)
Sendingandreceiving
•Tosendamessage:–Signwithyoursignaturekey–Encryptmessageandsignaturewithrecipient'spublicencryptionkey
•Toreceiveamessage:–Decryptwithyourprivatekeytogetmessageandsignature–Usesender'spublicverificationkeytochecksig
![Page 21: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/21.jpg)
![Page 22: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/22.jpg)
Fingerprints
•HowdoyouobtainBob'spublickey?–GetitfromBob'swebsite?(☹ )–GetitfromBob'swebsite,verifyusingout-of-bandcommunication
•Keysareunwieldy-→fingerprints•Afingerprintisacryptographichashofakey
–Keyservers:storepublickeys,lookupbyname/emailaddress,verifywithfingerprint
•Whatifyoudon'tpersonallyknowBob?–WebofTrust(WoT),“friendofafriend”–BobintroducesAlicetoCarobysigningAlice’skey
![Page 23: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/23.jpg)
![Page 24: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/24.jpg)
Drawbacksof(Just)EncryptionI
•WhatifBob'smachinecompromised?–Hiskeymaterialbecomesknown–Pastmessagescanbedecryptedandread–Youalsohavesender'ssignatureonmessagessent,soyoucanproveidentityofsender
•Thesoftwarecreatedlotsofincriminatingrecords–KeymaterialthatdecryptsdatasentoverthepublicInternet–Signatureswithproofsofwhosaidwhat
• Alicebetterwatchwhatshesays–HerprivacydependsonBob’sactions
![Page 25: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/25.jpg)
Drawbacksof(Just)EncryptionII
![Page 26: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/26.jpg)
CasualConversations
•AliceandBobtalkinaroom•Nooneelsecanhear
–Unlessbeingrecorded•Nooneelseknowswhattheysay
–UnlessAliceorBobtellthem•Noonecanprovewhatwassaid
–NotevenAliceorBob•Theseconversationsare“off-the-record”
![Page 27: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/27.jpg)
Desirablecommunicationproperties
•Forwardsecrecy:–Evenifyourkeymaterialiscompromised,pastmessagesshouldbesafe
•Deniability:beabletoplausiblydenyhavingsentamessage•Mimiccasual,off-the-recordconversations
–Deniableauthentication:beconfidentofwhoyouaretalkingto,butunabletoprovetoathirdpartywhatwassaid
![Page 28: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/28.jpg)
Off-the-Record(OTR)Messaging
BobAliceSignbob(gy)
Signalice(gx)
1.UseAuthenticatedDiffie-Hellmantoestablisha(short-lived)sessionkeyEK
SS=(gx) ySS=(gy)xEK=H(SS) EK=H(SS)
![Page 29: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/29.jpg)
OTRII
BobAliceEEK(M)MACMK(EEK(M))
2.Thenusesecret-keyencryptiononmessageM...AndauthenticateusingaMAC
SS=(gx) ySS=(gy)xEK=H(SS) EK=H(SS)
MK=H(EK)MK=H(EK)
![Page 30: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/30.jpg)
Off-the-Record
BobAlicegy’,MACMK(gy’)
gx’,MACMK(gx’)
3.Re-keyusingDiffie-Hellman
SS’=(gx’) y’SS’=(gy’)x’EK’=H(SS’) EK’=H(SS’)
MK’=H(EK’)MK’=H(EK’)MK=H(EK)MK=H(EK)
![Page 31: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/31.jpg)
Off-the-Record
BobAliceMK
4.PublisholdMK
SS’=(gx’) y’SS’=(gy’)x’EK’=H(SS’) EK’=H(SS’)
MK’=H(EK’)MK’=H(EK’)MK=H(EK)MK=H(EK)
![Page 32: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/32.jpg)
Off-the-recordMessaging(OTR)
•Notethisissuitedtointeractivecommunication,notsomuchemail
• But,OTRprovides–messageconfidentiality–authentication–perfectforwardsecrecy–deniability
•Caveat:wedonothaveexamplesof“deniability”servingitspurposeinpractice
![Page 33: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/33.jpg)
UsingOTR
•BuiltintoAdium andPidgin•Butbewaredefaults
–Loggingenabledbydefault–Etiquettedictatesyoushoulddisablethis,sodoeshistory(e.g.,ChelseaManning)
•VerydifferentfromGoogleHangout’s“offtherecord”featurewhichmerelydoesn’tlogtheconversation
![Page 34: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/34.jpg)
Signalandthe“DoubleRatchet”TheprotocolbehindSignalapp(iphone,android)TrevorPerin andMoxieMarlinspike- ForwardsecrecyToday’smessagesaresecret,evenifkeycompromisedtomorrow
- FuturesecrecyTomorrow’smessagesaresecret,evenifkeycompromisedtoday
- DeniabilityNopermanent/transferableevidenceofwhatwassaid
- Usability Toleratesout-of-ordermessagedeliveryhttps://whispersystems.org/docs/specifications/doubleratchet/
![Page 35: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/35.jpg)
PlausiblyDeniableStorage
Goal:Encryptdatastoredonyourharddrive
Problem:Canbecompelledtodecryptit!
Idea:havea“decoy”volumewithbenigninformationonit
Example:VeraCrypt
[Doesthissolvetheproblem?Caveats?]
![Page 36: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/36.jpg)
RecapPrivacy/Anonymity
•Metadata:Everythingexceptthecontentsofyourcommunications:
– If– When– Howmuch– Who
• What (thisisactuallythedata) Signal and OTR
![Page 37: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/37.jpg)
Anonymityforbrowsing?
You Server
![Page 38: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/38.jpg)
Naiveapproach....VPNs
You Server
![Page 39: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/39.jpg)
VPNs
![Page 40: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/40.jpg)
VPNs
“…receivedacourtorderaskingforinformationrelatingtoanaccountassociatedwithsomeoralloftheabovecases.Asstatedinourtermsofserviceandprivacypolicyourserviceisnottobeusedforillegalactivity,andasalegitimatecompanywewillcooperatewithlawenforcementifwereceiveacourtorder”
![Page 41: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/41.jpg)
Betterapproach:Tor
•Low-latencyanonymouscommunicationsystem•Hidemetadata
–whoiscommunicatingwithwhom?–e.g.,justsendinganencryptedmessagetoTheInterceptmaygetyouintrouble
•Hideexistenceofcommunication–anyencryptedmessagemaygetyouintrouble
![Page 42: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/42.jpg)
Tor overview
•Worksatthetransportlayer•AllowsyoutomakeTCPconnectionswithoutrevealingyourIPaddress
•Popularforwebconnections•Tornetworkmadeupofvolunteer-runnodes,oronionrouters,locatedallovertheworld
•Basicidea:AlicewantstoconnecttoawebserverwithoutrevealingherIPaddress
![Page 43: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/43.jpg)
OnionRouting
•Thisapproachgeneralizestoanarbitrarynumberofintermediaries(“mixes”)
•AliceultimatelywantstotalktoBob,withthehelpofHMA,Dan,andCharlie
•Aslongasanyofthemixesishonest,noonecanlinkAlicewithBob
![Page 44: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/44.jpg)
OnionRouting
![Page 45: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/45.jpg)
Tor
Imagecredit:TorProject
![Page 46: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/46.jpg)
Tor
Imagecredit:TorProject
![Page 47: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/47.jpg)
Tor
Imagecredit:TorProject
![Page 48: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/48.jpg)
TrustinTor
•Entrynode:knowsAliceisusingTor,andidentityofmiddlenode,butnotdestination
•Exitnode:knowssomeToruserisconnectingtodestination,butdoesn'tknowwhichuser
•Destination:knowsaToruserisconnectingtoitviatheexitnode
•ImportanttonotethatTordoesnotprovideencryptionbetweenexitanddestination!(e.g.,useHTTPS)
![Page 49: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/49.jpg)
TorHiddenServices
![Page 50: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/50.jpg)
HowtogetTor
•TorBrowserbundleavailable(builtonmodifiedversionoffirefox)
•☺ optionalexercise:downloadanduseit!
•https://www.torproject.org/
•...orvolunteertobeapartoftheTornetwork.
![Page 51: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/51.jpg)
OnionRoutingIssues/Attacks?
•Performance:messagebouncesaroundalot•Attack:rubber-hosecryptanalysisofmixoperators
–Defense:usemixserversindifferentcountries•Attack:adversaryoperatesallofthemixes
–Defense:havelotsofmixservers(Tortoday:~6,500)•Attack:adversaryobserveswhenAlicesendsandwhenBobreceives,linksthetwotogether
•Asidechannelattack– exploitstiminginformation–Defenses:padmessages,introducesignificantdelays
•Tordoestheformer,butnotesthatit’snotenoughfordefense
https://metrics.torproject.org/networksize.html
![Page 52: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/52.jpg)
OnionRoutingIssues,cont.
•Issue:trafficleakage•SupposeallofyourHTTP/HTTPStrafficgoesthroughTor,buttherestofyourtrafficdoesn’t
•Howmighttheoperatorofsensitive.com•deanonymizeyourwebsessiontotheirserver?
![Page 53: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/53.jpg)
Thetrafficleakageproblem
•Answer:theyinspectthelogsoftheirDNSservertoseewholookedupsensitive.comjustbeforeyourconnectiontotheirwebserverarrived
•Hard,generalproblem:anonymityoftenatriskwhenadversarycancorrelateseparatesourcesofinformation
![Page 54: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/54.jpg)
![Page 55: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/55.jpg)
Metadata
• If• When• Howmuch• Who• What
![Page 56: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/56.jpg)
Metadata
• If• When• Howmuch• Who• What←TLS/PGP/OTR/Signal
![Page 57: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/57.jpg)
Metadata
• If• When• Howmuch• Who←• What←TLS/PGP/OTR/Signal
![Page 58: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/58.jpg)
Pond
•"Pondisnotemail.Pondisaforwardsecure,asynchronousmessagingsystemforthediscerning"
•Seekstoprotectagainstleakingtrafficinfoagainstallbutaglobalpassiveadversary
–forwardsecure–nospam–messagesexpireautomaticallyafteraweek
![Page 59: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/59.jpg)
Pond
User
PrivateKeyPublicKey Pond
ServerMessages?Pubkey=Apadding=XXXX..
None.padding=XXXXXXXXXXXXX…
Messages?Pubkey=Apadding=XXXX..
Message=Mpadding=XXXXXXXXX…
![Page 60: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/60.jpg)
Pond
User
PrivateKeyPublicKey Pond
ServerMessages?Pubkey=Apadding=XXXX..
None.padding=XXXXXXXXXXXXX…
Messages?Pubkey=Apadding=XXXX..
Message=Mpadding=XXXXXXXXX…
Privatekey
![Page 61: Lecture 24–Anonymity and Privacy - UIC Computer Science · Anonymity •Anonymity: Concealing your identity •In the context of the Internet, we may want anonymous communications](https://reader034.vdocuments.us/reader034/viewer/2022051509/5aea805b7f8b9a3b2e8cc06f/html5/thumbnails/61.jpg)
Metadatasummary
• If• When ←• Howmuch ←• Who←• What ←TLS/PGP
Pond