Anonymity and Privacy
|
|
- Lauren Rogers
- 6 years ago
- Views:
Transcription
1 Computer Security Spring 2008 Anonymity and Privacy Aggelos Kiayias University of Connecticut
2 Anonymity in networks Anonymous Credentials Anonymous Payments Anonymous and Routing E-voting Group, Traceable and Ring Signatures
3 Blind Signatures Chaum 82 signing key Signer signing protocol User message pk unlinkable signature that can be verified against m, pk
4 Anonymous Credentials Blind signature Authority get (blinded) credential + id User sign(cred) Show credential receive service Verify credential is used for the first time Gateway Check credential structure + signature
5 Applications Anonymous credentials: each credential can be used once and it is unlinkable to the act of showing the id. Can be used to disassociate the id from receiving the service.
6 Electronic Cash Withdraw $5 Blind signature Bank show (blinded) Bank,nonce + id User sign$5-bank(bank,nonce) Show E-Coin receive goods Verify coin was not spent Shop Check coin structure + signature
7 Anonymous Communication User Proxy User Web-site Web-site Trusted party anonymity
8 Dining Cryptographers anonymous communication without trusted party The waiter announces that the bill is payed! Did one of the cryptographers pay? or did the NSA pick up the bill? If a cryptographer payed he wishes to remain anonymous.
9 Dining Cryptographers Consider a dinner for three: Each cryptographer flips a coin Shows the coin to the person on the left If coins are same and he is not paying he announces Same... similarly for Different ) If coins are same and he is paying he flips his answer
10 Analysis If the number of Same is even then a cryptographer is paying. If the number of Same is odd then NSA is paying! A non-payer cannot distinguish which one of the other two is paying.
11 Indistinguishability of Payer A B is paying A is paying B H T H H Diff Same Diff Same H Same H Same C curious C curious
12 DC-Net Setting generalizes to arbitrary number of parties. It allows one party (the announcing party) to anonymously send one bit of information to everybody that is present. Parties keep on repeating the protocol constantly. Whenever one party wants to transmit the message it transmits it in binary. Once a party starts to speak no other party starts speaking till a given fixed termination bitstring is sent. if two parties start together they stop and wait a random number of rounds.
13 Anonymity and the Internet Whistle-blowing. Fear of censorship or prosecution. Communication regarding sensitive personal issues.
14 Cypherpunk R er From: Aggelos Kiayias To: :: Anon-To: r er ## Subject: This is the subject... From: Anonymous To: Subject: This is the subject... list of active r ers + statistics:
15 Cypherpunk Encrypted From: Aggelos Kiayias To: :: Encrypted: PGP r er Begin PGP Message Version End PGP Message From: To: Subject: This is the subject...
16 R er Chains From: Aggelos Kiayias To: :: Anon-To: :: Anon-To: ## Subject: This is the subject... r er r er r er
17 Q Mix Network David Chaum, Untraceable Electronic Mail, Return Addresses and Digital Pseudonyms, CACM 81 P msg1 D msg2 A B C msg2 msg1 Not possible to relate whether P send msg1 or msg2 and similarly for Q (as long as there is one honest mix)
18 Using Encryption fixed block size Encrypted with Public-key of A Send to B; sym_key1 Encrypted with sym_key1 Encrypted with sym_key2 fixed block size Encrypted with sym_key1 Encrypted with Public-key of B Send to C; sym_key2 Encrypted with sym_key1 Encrypted with sym_key3 destination/ info payload fixed block size fixed block size Encrypted with sym_key2 Encrypted with Public-key of C Stop; sym_key3
19 Following the route sender A B junk C junk destination junk
20 Mixmaster A mixnet implementation for r ing. Message may be split into packets and each packet is routed differently (but with the same final routing destination who should assemble). Each mix node relays messages in batches after randomly permuting them [consistent with the standard notion of mixnets]. Payload can be either , or usenet posting or dummy message (why a dummy?).
21 Limitations Lack of bidirectional communication: especially problematic if you want to use anonymity with bidirectional protocols. Possibility of replay attacks: can be handled by keeping a log of sent messages and compare. Abuse, flooding, etc.
22 Onion Routing Hiding routing information, by D. M. Goldschlag, M.G.Reed, P.F. Syverson, Information Hiding Workshop 1996 An onion directed to a node A is comprised of the following: expiration_time next_hop Forward(.) Backward(.) Key_material PAYLOAD Encrypted with PK of A can be another onion
23 Onion Layers expiration_time next_hop = B Forward(.) Backward(.) Key_material expiration_time next_hop = D Forward(.) Backward(.) Key_material expiration_time next_hop = null null null null Encrypted with PK of D Encrypted with PK of B Encrypted with PK of A payload
24 S Onion Peeling expiration_time next_hop Forward(.) Backward(.) Key_material PAYLOAD Encrypted with PK of A Create Mode B A 1. Decrypt layer 2. check expiration time 3. Initialize Forward(.) crypto engine using Key_material 4. Initialize Backward(.) crypto engine using Key_material 5. Pad PAYLOAD to maintain fixed size. 6. Forward PAYLOAD to next_hop node.
25 S [.,5123] Circuit Creation ACI = Anonymous Connection Identifier choose an ACI = 5123 forward movement create - mode [8612, 2523] B A choose an ACI = 8612 forward movement create - mode choose an ACI = 2523 forward movement create - mode [5123, 8612] Once the create mode is done there exists a bidirectional link D [2523, outside connection ]
26 S [.,5123] Forwarding DATA [8612, 2523] defined in first onion B Forward1(.) defined in second onion Forward2(.) A the cirtcuit delivers: [5123, 8612] Forward2(Forward1( DATA) ) thus we may define: DATA = Forward1-1 (Forward2-1 (MESSAGE) ) D [2523, outside connection ]
27 S [.,5123] Responding defined in first onion [8612, 2523] Backward1(.) defined in second onion B Backward2(.) DATA A the circuit delivers: [5123, 8612] Backward2(Backward1( DATA) ) thus S recovers the data: DATA = Backward1-1 (Backward2-1 (MESSAGE) ) D [2523, outside connection ]
28 Implementing Onion Routing Tor Each host runs an onion proxy locally. TCP/IP traffic can be directed through virtual circuits created by onions.
29 Problems with Tor
30 Hidden Identity Based Signatures Kiayias - Zhou (2007) Hidden ID-based signatures: a digital signature where the corresponding public-key is your name & is (provably) hidden into the signature. The hiding can be inverted by the OA. name the OA can open this signing key Identity Manager pkim signature that provably contains name and can be verified against pkim
31 a glimpse
32 Applying HiddenIBS to TOR How to calibrate anonymity of Tor using Hidden-IBS Add three entities in Tor: Identity manager (IM) A Disputes & Grievances (D&G) database An opening authority (OA)
33 Goals Minimal anonymity loss if misbehavior does not occur. Minimal efficiency impact for services that do not require anonymity control. Transparency to service providers. the service providers accepting Tor traffic should not have to assist the system [except providing the necessary forensic information]
34 HiddenIBS + Tor Modify Tor Exit policy: certain type of packets must be HiddenIBS ed [e.g., http POST requests] Modify user s onion proxy : it catches such packets and signs them using user s HiddenIBS signing credential. If user does not have a credential, the onion proxy directs user to IM to get one. Modify exit point: beyond forwarding the packet it registers it to the D&G database (only the hash + signature need to be registered).
35 Overview
36 realization issues What is a user s identity and how does the Identity Manager verifies it? IP address, address, id in a reputation system, etc. How to deal with misbehaving users? black-listing. revocation of credentials, time-based or reactive.
37 anonymity scalability Disputes & Grievances database contains: hashes of packets + HiddenIBS signatures. we include nonces in the packets to increase entropy. The D&G size is manageable: using a SHA-256 hash + our bilinear map based scheme with a 10GB we can store ~ 27.3 million entries.
38 properties Minimal anonymity loss : D&G database leaks no information about Tor usage, if no misbehavior occurs. Minimal efficiency impact for services that do not require anonymity control: only a few types of packets need to be signed. Transparency to service providers: a simple packet log is enough to make an abuse report resulting in blacklisting a user.
39 other applications Approach is fairly general. application to other anonymous access systems is possible. other web-sites than wikipedia need similar abuse protection; e.g. slashdot. More services: e.g., SMTP traffic is blocked. Using HiddenIBS it can be opened.
40 Blind Signatures message User signed message blinded message scrambled signature Signer we have seen already its application to e-cash and anonymous tokens. Another anonymity/privacy application : e-voting
41 E-Voting using Blind Signatures choice voter PC blinded choice, proof of identity scrambled signature Election official signed choice Anonymous Channel Results Vote tabulation
42 Group Signatures D. Chaum, E. van Heyst, 1991 PKI Alice, pka Bob, pkb Charlie, pkc David, pkd Eric, pke Frank, pkf Group Manager message PKI-member signature Opening Authority Charlie Verifier Is convinced that a PKI member signs message but not which one
43 Applications Can be used to hide the origin of a transaction. Prove that you belong in a group without showing who you are. They allow Opening Authority to reveal the identity in case of dispute.
44 Traceable Signatures PKI Alice, pka Bob, pkb Charlie, pkc David, pkd Eric, pke Frank, pkf A. Kiayias, Y. Tsiounis M. Yung, 2004 Group Manager PKI-member PKI-member PKI-member Opening Authority signature signature signature Tracing Authority Verifier Charlie Is convinced that a PKI member signs message but not which one Verifier Verifier Charlie s
45 Applications As in group signatures but now it is possible to: The tracing authority to find all signatures of a wanted user A user to claim his signatures.
46 Ring Signatures PKI Alice, pka Bob, pkb Charlie, pkc David, pkd Eric, pke Frank, pkf message PKI-member signature Verifier Is convinced that either Eric, Frank or Bob signs the message but it is unclear which one whistle-blowing etc.
47 Privacy for Trusted Computing Your hardware proves its identity but only using an identification schema based on the previous signatures. Your anonymity can be preserved and still prove you are among the good guys opening functionality can be disabled. Direct Anonymous Attestation
Protocols for Anonymous Communication
18734: Foundations of Privacy Protocols for Anonymous Communication Anupam Datta CMU Fall 2016 Privacy on Public Networks } Internet is designed as a public network } Machines on your LAN may see your
More informationAnonymous Communication: DC-nets, Crowds, Onion Routing. Simone Fischer-Hübner PETs PhD course Spring 2012
Anonymous Communication: DC-nets, Crowds, Onion Routing Simone Fischer-Hübner PETs PhD course Spring 2012 DC (Dining Cryptographers) nets [Chaum 1988 ] Chaum, CACM 28(10), October 1985 Who paid for the
More informationENEE 459-C Computer Security. Security protocols (continued)
ENEE 459-C Computer Security Security protocols (continued) Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p
More informationENEE 459-C Computer Security. Security protocols
ENEE 459-C Computer Security Security protocols Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p and g public.
More informationCIS 551 / TCOM 401 Computer and Network Security. Spring 2008 Lecture 23
CIS 551 / TCOM 401 Computer and Network Security Spring 2008 Lecture 23 Announcements Project 4 is Due Friday May 2nd at 11:59 PM Final exam: Friday, May 12th. Noon - 2:00pm DRLB A6 Today: Last details
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationCS 134 Winter Privacy and Anonymity
CS 134 Winter 2016 Privacy and Anonymity 1 Privacy Privacy and Society Basic individual right & desire Relevant to corporations & government agencies Recently increased awareness However, general public
More informationAnonymity. With material from: Dave Levin and Michelle Mazurek
http://www.sogosurvey.com/static/sogo_resp_images/tat_resp_images/designimg/guaranteed-anonymous-survey.png Anonymity With material from: Dave Levin and Michelle Mazurek What is anonymity? Dining cryptographers
More informationContext. Protocols for anonymity. Routing information can reveal who you are! Routing information can reveal who you are!
Context Protocols for anonymity The nternet is a public network: Myrto Arapinis School of nformatics University of Edinburgh Routing information is public: P packet headers contain source and destination
More informationUntraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. EJ Jung
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms EJ Jung Goals 1. Hide what you wrote encryption of any kind symmetric/asymmetric/stream 2. Hide to whom you sent and when pseudonym?
More informationAnonymity With material from: Dave Levin
Anonymity With material from: Dave Levin http://www.sogosurvey.com/static/sogo_resp_images/tat_resp_images/designimg/guaranteed-anonymous-survey.png What is anonymity? Dining cryptographers Mixnets and
More informationPrivacy Enhancing Technologies CSE 701 Fall 2017
Privacy Enhancing Technologies Lecture 2: Anonymity Applications Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Anonymous communication mixes, anonymizing proxies,
More informationOnion Routing. Varun Pandey Dept. of Computer Science, Virginia Tech. CS 6204, Spring
Onion Routing Varun Pandey Dept. of Computer Science, Virginia Tech 1 What is Onion Routing? a distributed overlay network to anonymize TCP based routing Circuit based (clients choose the circuit) Each
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010
Network Security: Anonymity Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationSecurity and Anonymity
Security and Anonymity Distributed Systems need a network to send messages. Any message you send in a network can be looked at by any router or machine it goes through. Further if your machine is on the
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationcommunication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.
Introduction to anonymous communication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.Leuven) 1 a few words on the scope of the
More informationAnonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L
Anonymity C S 6 8 2 A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L 2 0 1 9 Tor: The Second- Generation Onion Router R. DINGLEDINE N.
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 25 April 18, 2012 CPSC 467b, Lecture 25 1/44 Anonymous Communication DISSENT- Accountable Anonymous
More informationDefinition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party
Definition Anonymous Communication Hiding identities of parties involved in communications from each other, or from third-parties Who you are from the communicating party Who you are talking to from everyone
More informationLecture 8: Privacy and Anonymity Using Anonymizing Networks. CS 336/536: Computer Network Security Fall Nitesh Saxena
Lecture 8: Privacy and Anonymity Using Anonymizing Networks CS 336/536: Computer Network Security Fall 2015 Nitesh Saxena Some slides borrowed from Philippe Golle, Markus Jacobson Course Admin HW/Lab 3
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012
Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2012 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationLecture 9. Anonymity in Cryptocurrencies
Lecture 9 Anonymity in Cryptocurrencies Some say Bitcoin provides anonymity Bitcoin is a secure and anonymous digital currency WikiLeaks donations page Others say it doesn t Bitcoin won't hide you from
More informationIntroduction to Cybersecurity Digital Signatures
Introduction to Cybersecurity Digital Signatures Lecture Summary Digital Signatures Basic Definitions RSA-based Signatures Attacks 1 Digital signatures Goal of digital signatures: Alice s private key Sign
More informationHow Alice and Bob meet if they don t like onions
How Alice and Bob meet if they don t like onions Survey of Network Anonymisation Techniques Erik Sy 34th Chaos Communication Congress, Leipzig Agenda 1. Introduction to Anonymity Networks Anonymity Strategies
More informationCNT Computer and Network Security: Privacy/Anonymity
CNT 5410 - Computer and Network Security: Privacy/Anonymity Professor Kevin Butler Fall 2015 When Confidentiality is Insufficient 2 Privacy!= Confidentiality Confidentiality refers to the property of the
More informationOnion Routing. Submitted By, Harikrishnan S Ramji Nagariya Sai Sambhu J
Onion Routing Submitted By, Harikrishnan S Ramji Nagariya Sai Sambhu J Motivation Public Network Encryption does not hide Routing Information Traffic Analysis Who is Talking to Whom? by analyzing the traffic
More informationProblem: Equivocation!
Bitcoin: 10,000 foot view Bitcoin and the Blockchain New bitcoins are created every ~10 min, owned by miner (more on this later) Thereafter, just keep record of transfers e.g., Alice pays Bob 1 BTC COS
More informationAnonymity. Christian Grothoff.
christian@grothoff.org http://grothoff.org/christian/ The problem with losing your anonymity is that you can never go back. Marla Maples 1 Agenda Definitions and Metrics Techniques, Research Proposals
More informationAnonymous communications and systems
Anonymous communications and systems A short introduction George Danezis Computer Security Group Computer Laboratory 1 Introducing Hiding Two strategies to safeguard assets: protect (guards, walls, safes,
More informationStructure-Preserving Certificateless Encryption and Its Application
SESSION ID: CRYP-T06 Structure-Preserving Certificateless Encryption and Its Application Prof. Sherman S. M. Chow Department of Information Engineering Chinese University of Hong Kong, Hong Kong @ShermanChow
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, autumn 2015
Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, autumn 2015 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationBlockchain. CS 240: Computing Systems and Concurrency Lecture 20. Marco Canini
Blockchain CS 240: Computing Systems and Concurrency Lecture 20 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. Bitcoin: 10,000 foot view New bitcoins
More informationAnonymous communications: Crowds and Tor
Anonymous communications: Crowds and Tor Basic concepts What do we want to hide? sender anonymity attacker cannot determine who the sender of a particular message is receiver anonymity attacker cannot
More informationBlind Signatures and Their Applications
Department of Computer Science, National Chiao Tung University 1 / 15 Cryptanalysis Lab Outline 1 Digital Signature 2 Blind signature 3 Partially blind signature 2 / 15 Cryptanalysis Lab Digital Signature
More informationCS526: Information security
Cristina Nita-Rotaru CS526: Information security Anonymity systems. Based on slides by Chi Bun Chan 1: Terminology. Anonymity Anonymity (``without name ) means that a person is not identifiable within
More informationANET: An Anonymous Networking Protocol
ANET: An Anonymous Networking Protocol Casey Marshall csm@soe.ucsc.edu May 31, 2005 Abstract This paper presents a simple, anonymizing network protocol. Its primary goal is to provide untraceability of
More informationENEE 457: E-Cash and Bitcoin
ENEE 457: E-Cash and Bitcoin Charalampos (Babis) Papamanthou cpap@umd.edu Money today Any problems? Cash is cumbersome and can be forged Credit card transactions require centralized online bank are not
More informationANONYMOUS CONNECTIONS AND ONION ROUTING
I J C I T A E Serials Publications 6(1) 2012 : 31-37 ANONYMOUS CONNECTIONS AND ONION ROUTING NILESH MADHUKAR PATIL 1 AND CHELPA LINGAM 2 1 Lecturer, I. T. Dept., Rajiv Gandhi Institute of Technology, Mumbai
More informationBitcoin/Namecoin/*coin: On Bitcoin like protocols and their relation to other IT-Security issues
: On Bitcoin like protocols and their relation to other IT-Security issues Aljosha Judmayer ajudmayer@sba-research.org 2014-11-07 SBA Research Area 1 (GRC): Governance, Risk and Compliance P1.1: Risk Management
More informationComputer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 15. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 April 24, 2017 CS 419 2017 Paul Krzyzanowski 1 Private Browsing Browsers offer a "private" browsing modes
More informationAnonymous Connections and Onion Routing
Anonymous Connections and Onion Routing David Goldschlag, Michael Reed, and Paul Syverson Center for High Assurance Computer Systems Naval Research Laboratory Washington, D.C. 1 Who is Talking to Whom?
More informationPrivate Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a "private" browsing modes
Private Browsing Computer Security 16. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 Browsers offer a "private" browsing modes Apple Private Browsing, Mozilla Private Browsing,
More informationE-cash. Cryptography. Professor: Marius Zimand. e-cash. Benefits of cash: anonymous. difficult to copy. divisible (you can get change)
Cryptography E-cash Professor: Marius Zimand e-cash Benefits of cash: anonymous difficult to copy divisible (you can get change) easily transferable There are several protocols for e-cash. We will discuss
More informationAnonymity on the Internet. Cunsheng Ding HKUST Hong Kong
Anonymity on the Internet Cunsheng Ding HKUST Hong Kong Part I: Introduc
More informationCRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION
#RSAC SESSION ID: CRYP-W04 CRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION Adam Shull Recent Ph.D. Graduate Indiana University Access revocation on the cloud #RSAC sk sk Enc Pub Sym pk k
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationOnion services. Philipp Winter Nov 30, 2015
Onion services Philipp Winter pwinter@cs.princeton.edu Nov 30, 2015 Quick introduction to Tor An overview of Tor Tor is a low-latency anonymity network Based on Syverson's onion routing......which is based
More informationApplied cryptography
Applied cryptography Electronic Cash Andreas Hülsing 29 November 2016 1 / 61 Classical Cash - Life Cycle Mint produces money (coins / bank notes) Sent to bank User withdraws money (reduces account balance)
More informationMixminion: Design of a Type III Anonymous R er Protocol
Mixminion: Design of a Type III Anonymous Remailer Protocol George Danezis University of Cambridge george.danezis@cl.cam.ac.uk Roger Dingledine and Nick Mathewson The Free Haven Project farma,nickmg@freehaven.net
More informationPeer-to-Peer Networks 14 Security. Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Cryptography in a Nutshelf Symmetric Cryptography - AES - Affine Cryptosystems
More informationCrypto Background & Concepts SGX Software Attestation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 4b Slide deck extracted from Kamran s tutorial on SGX, presented during ECE 6095 Spring 2017 on Secure Computation and Storage, a precursor to this course
More informationAnonymity Analysis of TOR in Omnet++
Anonymity Analysis of TOR in Omnet++ Carmelo Badalamenti Mini Workshop on Security Framework 2006, Catania, December 12, 2006 "Security in Mobility" Badalamenti TOR & Omnet++
More informationPseudonym Based Security Architecture for Wireless Mesh Network
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727, Volume 16, Issue 4, Ver. VII (Jul Aug. 2014), PP 01-05 Pseudonym Based Security Architecture for Wireless Mesh Network
More informationChapter 13. Digital Cash. Information Security/System Security p. 570/626
Chapter 13 Digital Cash Information Security/System Security p. 570/626 Introduction While cash is used in illegal activities such as bribing money laundering tax evasion it also protects privacy: not
More informationCS Paul Krzyzanowski
Computer Security 17. Tor & Anonymous Connectivity Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2018 1 2 Anonymity on the Internet Often considered bad Only criminals need to hide
More informationOn Privacy and Anonymity in Knowledge Externalization
On Privacy and Anonymity in Knowledge Externalization Yuen-Yan Chan and Chi-Hong Leung The Chinese University of Hong Kong rosannachan@cuhk.edu.hk, leung_chi_hong@yahoo.com.hk Secure Knowledge Management
More informationIdentity Mixer: From papers to pilots and beyond. Gregory Neven, IBM Research Zurich IBM Corporation
Identity Mixer: From papers to pilots and beyond Gregory Neven, IBM Research Zurich Motivation Online security & trust today: SSL/TLS for encryption and server authentication Username/password for client
More informationCS232. Lecture 21: Anonymous Communications
CS232 Lecture 21: Anonymous Communications November 21, 2018 2 You Are Not Anonymous 3 Your IP address can be linked directly to you ISPs store communications records Usually for several years (Data Retention
More informationDesign and Analysis of Efficient Anonymous Communication Protocols
Design and Analysis of Efficient Anonymous Communication Protocols Thesis Defense Aaron Johnson Department of Computer Science Yale University 7/1/2009 1 Acknowledgements Joan Feigenbaum Paul Syverson
More informationanonymous routing and mix nets (Tor) Yongdae Kim
anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1 q Why? Anonymous web browsing 1. Discuss health issues or financial matters anonymously
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationDistributed-Application Security
Distributed-Application Security Spam Spams Spam referred to unsolicited bulk email Spam emails contain advertisement, viruses, malware Spams emails are used to gather information about the victim Harvesting
More informationIntroduction. Overview of Tor. How Tor works. Drawback of Tor s directory server Potential solution. What is Tor? Why use Tor?
Introduction 1 Overview of Tor What is Tor? Why use Tor? How Tor works Encryption, Circuit Building, Directory Server Drawback of Tor s directory server Potential solution Using DNS Security Extension
More informationScalable privacy-enhanced traffic monitoring in vehicular ad hoc networks
Scalable privacy-enhanced traffic monitoring in vehicular ad hoc networks Yi Liu1,2,3 Jie Ling 1 Qianhong Wu4,6 Bo Qin5 Presented By Khaled Rabieh Introduction & Problem Statement In traffic monitoring
More informationHerbivore: An Anonymous Information Sharing System
Herbivore: An Anonymous Information Sharing System Emin Gün Sirer August 25, 2006 Need Anonymity Online Current networking protocols expose the identity of communication endpoints Anyone with access to
More informationNYMBLE: Blocking Misbehaving Users in Anonymizing Networks
RESEARCH ARTICLE OPEN ACCESS NYMBLE: Blocking Misbehaving Users in Anonymizing Networks 1 R.Ravikumar, 2 J.Ramesh Kumar 1 Asst.professor, Dept.of.Computer Science, Tamil University, Thanjavur-613010. 2
More informationLecture 15 PKI & Authenticated Key Exchange. COSC-260 Codes and Ciphers Adam O Neill Adapted from
Lecture 15 PKI & Authenticated Key Exchange COSC-260 Codes and Ciphers Adam O Neill Adapted from http://cseweb.ucsd.edu/~mihir/cse107/ Today We will see how signatures are used to create public-key infrastructures
More informationDISSENT: Accountable, Anonymous Communication
DISSENT: Accountable, Anonymous Communication Joan Feigenbaum http://www.cs.yale.edu/homes/jf/ Joint work with Bryan Ford (PI), Henry Corrigan Gibbs, Ramakrishna Gummadi, Aaron Johnson (NRL), Vitaly Shmatikov
More informationInformation Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1
Information Security message M one-way hash fingerprint f = H(M) 4/19/2006 Information Security 1 Outline and Reading Digital signatures Definition RSA signature and verification One-way hash functions
More informationA Privacy-Aware Service Protocol for Ubiquitous Computing Environments
A Privacy-Aware Service Protocol for Ubiquitous Computing Environments Gunhee Lee, Song-hwa Chae, Inwhan Hwang, and Manpyo Hong Graduate School of Information Communication, Ajou University, Suwon, Korea
More informationSecurity: Focus of Control
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationIntroduction to Traffic Analysis. George Danezis University of Cambridge, Computer Laboratory
Introduction to Traffic Analysis George Danezis University of Cambridge, Computer Laboratory Outline Introduction to anonymous communications Macro-level Traffic Analysis Micro-level Traffic Analysis P2P
More informationBlocking of Mischievous Users in Anonymizing Networks using Nymble System Srikanth Chintala, I.L. Narsimha Rao
International Journal of Scientific & Engineering Research Volume 3, Issue 9, September-2012 1 Blocking of Mischievous Users in Anonymizing Networks using Nymble System Srikanth Chintala, I.L. Narsimha
More informationEfficiency of large-scale DC-networks
Bachelor thesis Computer Science Radboud University Efficiency of large-scale DC-networks Author: Moritz Neikes 4099095 m.neikes@student.ru.nl Supervisor: Anna Krasnova anna@mechanical-mind.org Supervisor:
More informationAnonymous Credentials: How to show credentials without compromising privacy. Melissa Chase Microsoft Research
Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase Microsoft Research Credentials: Motivation ID cards Sometimes used for other uses E.g. prove you re over 21, or
More informationAnonymous communication with on-line and off-line onion encoding
Anonymous communication with on-line and off-line onion encoding Marek Klonowski, Mirosław Kutyłowski, and Filip Zagórski Institute of Mathematics, Wrocław University of Technology, Marek.Klonowski@im.pwr.wroc.pl
More informationPeer-to-Peer Systems and Security
Peer-to-Peer Systems and Security Anonymity Christian Grothoff Technische Universität München May 16, 2013 The problem with losing your anonymity is that you can never go back. Marla Maples Motivation
More informationA simple approach of Peer-to-Peer E-Cash system
A simple approach of Peer-to-Peer E-Cash system Mr. Dharamvir, Mr. Rabinarayan Panda Asst. Professor, Dept. of MCA, The Oxford College of Engineering Bangalore, India. Abstract-With the popularization
More informationCryptanalysis of a fair anonymity for the tor network
Cryptanalysis of a fair anonymity for the tor network Amadou Moctar Kane KSecurity, BP 47136, Dakar, Senegal amadou1@gmailcom April 16, 2015 Abstract The aim of this paper is to present an attack upon
More informationThe Design of an Anonymous and a Fair Novel E-cash System
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 2, Number 2 (2012), pp. 103-109 International Research Publications House http://www. ripublication.com The Design of
More informationErgo platform. Dmitry Meshkov
Ergo platform Dmitry Meshkov Prehistory Motivation Theory Practice Provably secure 1000 currencies New features Ad-hoc solutions Impractical Security issues Motivation Theory Provably secure New features
More informationEXTENDED NYMBLE: METHOD FOR TRACKING MISBEHAVING USERS ANONYMOSLY WHILE BLOCKING
EXTENDED NYMBLE: METHOD FOR TRACKING MISBEHAVING USERS ANONYMOSLY WHILE BLOCKING M.Durga Prasad 1, Dr P.Chenna Reddy 2, Banoth Samya 3 1 Asst Professor, Department of CSE, Vijay Institute of Tech & Sciences,
More informationThe Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science
The Tor Network Cryptography 2, Part 2, Lecture 6 Ruben Niederhagen June 16th, 2014 Tor Network Introduction 2/33 Classic goals of cryptography: confidentiality, data integrity, authentication, and non-repudiation.
More informationAnonymous Communications
Anonymous Communications Andrew Lewman andrew@torproject.org December 05, 2012 Andrew Lewman andrew@torproject.org () Anonymous Communications December 05, 2012 1 / 45 Who is this guy? 501(c)(3) non-profit
More information2 Application Support via Proxies Onion Routing can be used with applications that are proxy-aware, as well as several non-proxy-aware applications, w
Onion Routing for Anonymous and Private Internet Connections David Goldschlag Michael Reed y Paul Syverson y January 28, 1999 1 Introduction Preserving privacy means not only hiding the content of messages,
More informationIntroduction to Computer Security
Introduction to Computer Security Instructor: Mahadevan Gomathisankaran mgomathi@unt.edu CSCE 4550/5550, Fall 2009 Lecture 10 1 Announcements Project Group Due today Attendance Mandatory Ave. 85% ( 4 absentees
More informationCS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong
CS573 Data Privacy and Security Cryptographic Primitives and Secure Multiparty Computation Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationOn Anonymity in an Electronic Society: A Survey of Anonymous Communication Systems
On Anonymity in an Electronic Society: A Survey of Anonymous Communication Systems MATTHEW EDMAN and BÜLENT YENER Rensselaer Polytechnic Institute The past two decades have seen a growing interest in methods
More informationCISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security. A Brief Overview of Security & Privacy Issues
CISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security A Brief Overview of Security & Privacy Issues 1 Topics to Be Covered Cloud computing RFID systems Bitcoin
More informationPrivacy-preserving PKI design based on group signature
Edith Cowan University Research Online Australian Information Security Management Conference Conferences, Symposia and Campus Events 2011 Privacy-preserving PKI design based on group signature Sokjoon
More informationFreedom of Speech: Anonymity. Steven M. Bellovin February 17,
Freedom of Speech: Anonymity Steven M. Bellovin February 17, 2010 1 Why Anonymity? Free speech can be unpopular Threats of physical harm Threats of job loss or other forms of financial coercion Social
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationProvable Anonymity. Epistemic Logic for Anonymizing Protocols. Ichiro Hasuo. Radboud University Nijmegen The Netherlands
Provable Anonymity Epistemic Logic for Anonymizing Protocols Ichiro Hasuo Radboud University Nijmegen The Netherlands Internatinal Summer School Marktoberdorf Provable Anonymity Ichiro Hasuo, Nijmegen,
More informationAnonymous Credentials through Acid Mixing
Anonymous Credentials through Acid Mixing Alessandro Acquisti Carnegie Mellon University June 2003 Abstract Reliability and trust are open issues in the MIX-net literature. We present a variation on the
More informationAchieving Privacy in Mesh Networks
Achieving Privacy in Mesh Networks Xiaoxin Wu Intel China Research Center Ltd Beijing, China xiaoxin.wu@intel.com Ninghui Li Department of Computer Science Purdue University West Lafayette, IN 47907-2086,
More informationPublic-Key Infrastructure NETS E2008
Public-Key Infrastructure NETS E2008 Many slides from Vitaly Shmatikov, UT Austin slide 1 Authenticity of Public Keys? private key Alice Bob public key Problem: How does Alice know that the public key
More informationOptimal Payoff for Selective Traceable Anonymity of a Network System
Optimal Payoff for Selective Traceable Anonymity of a Network System Extended Abstract Md Rasel Al Mamun mdrasel.mamun@unt.edu Bongsik Shin San Diego State University San Diego, CA 92182 bshin@mail.sdsu.edu
More informationRemote E-Voting System
Remote E-Voting System Crypto2-Spring 2013 Benjamin Kaiser Jacob Shedd Jeremy White Phases Initialization Registration Voting Verifying Activities Trusted Authority (TA) distributes 4 keys to Registrar,
More information