Crowds Anonymous Web Transactions. Why anonymity?

Similar documents
Anonymous communications: Crowds and Tor

Anonymity - Lecture Notes 1

CS526: Information security

Definition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party

Anonymity. Professor Patrick McDaniel CSE545 - Advanced Network Security Spring CSE545 - Advanced Network Security - Professor McDaniel

Anonymous Communication: DC-nets, Crowds, Onion Routing. Simone Fischer-Hübner PETs PhD course Spring 2012

0x1A Great Papers in Computer Security

Anonymity Questions. Leland Smith

anonymous routing and mix nets (Tor) Yongdae Kim

CIS 551 / TCOM 401 Computer and Network Security. Spring 2008 Lecture 23

ENEE 459-C Computer Security. Security protocols

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

ENEE 459-C Computer Security. Security protocols (continued)

ANET: An Anonymous Networking Protocol

CS Final Exam

VAST: Versatile Anonymous System for Web Users

MWR InfoSecurity Advisory. 26 th April Elastic Path Administrative. Quit. Session Hijacking through Embedded XSS

Chaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonym, Communications of the ACM, 24:2, Feb. 1981

Privacy defense on the Internet. Csaba Kiraly

1-1. Switching Networks (Fall 2010) EE 586 Communication and. September Lecture 10

CS Paul Krzyzanowski

Web, HTTP and Web Caching

HTTP Protocol and Server-Side Basics

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

CRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION

A SIMPLE INTRODUCTION TO TOR

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012

CNT Computer and Network Security: Privacy/Anonymity

Application Security through a Hacker s Eyes James Walden Northern Kentucky University

Anonymity. Assumption: If we know IP address, we know identity

ArcGIS Enterprise Security: Advanced. Gregory Ponto & Jeff Smith

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. EJ Jung

Introduction to Cybersecurity Digital Signatures

Onion Routing. Varun Pandey Dept. of Computer Science, Virginia Tech. CS 6204, Spring

Computer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017

Private Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a "private" browsing modes

A Report on Modified Onion Routing and its Proof of Concept

ArcGIS Enterprise Security. Gregory Ponto & Jeff Smith

Web Search An Application of Information Retrieval Theory

Real-time protocol. Chapter 16: Real-Time Communication Security

CMSC 332 Computer Networking Web and FTP

CS 494/594 Computer and Network Security

Wireless Network Security Spring 2011

Onion Routing. Submitted By, Harikrishnan S Ramji Nagariya Sai Sambhu J

e-commerce Study Guide Test 2. Security Chapter 10

Announcements. me your survey: See the Announcements page. Today. Reading. Take a break around 10:15am. Ack: Some figures are from Coulouris

Protocols for Anonymous Communication

Penetration Testing. James Walden Northern Kentucky University

Towards measuring anonymity

Context. Protocols for anonymity. Routing information can reveal who you are! Routing information can reveal who you are!

Overlay and P2P Networks. Unstructured networks: Freenet. Dr. Samu Varjonen

vcloud Director User's Guide

CS232. Lecture 21: Anonymous Communications

«On the Internet, nobody knows you are a dog» Twenty years later

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Robust Defenses for Cross-Site Request Forgery

Lecture 9a: Sessions and Cookies

Proxy server is a server (a computer system or an application program) that acts as an intermediary between for requests from clients seeking

communication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security

Solutions Business Manager Web Application Security Assessment

vcloud Director User's Guide

Authentication Handshakes

WEB SECURITY: WEB BACKGROUND

Uniform Resource Locators (URL)

HyperText Transfer Protocol

CSC 474/574 Information Systems Security

Locking down a Hitachi ID Suite server

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, autumn 2015

Configure ACE with Source NAT and Client IP Header Insert

Onion services. Philipp Winter Nov 30, 2015

ANONYMOUS CONNECTIONS AND ONION ROUTING

CS6740: Network security

Towards Anonymity in Mobile Ad Hoc Networks

Parameterization in OpenSTA for load testing. Parameterization in OpenSTA Author: Ranjit Shewale

Lecture 7b: HTTP. Feb. 24, Internet and Intranet Protocols and Applications

The Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science

Robust Defenses for Cross-Site Request Forgery Review

Defeating All Man-in-the-Middle Attacks

System-Level Failures in Security

Tor: Online anonymity, privacy, and security.

::/Topics/Configur...

Achieving Privacy in Mesh Networks

CLIENT SERVER SYNERGY USING VPN

Web Application Security GVSAGE Theater

Computer Networks. Wenzhong Li. Nanjing University

How to Configure SSL VPN Portal for Forcepoint NGFW TECHNICAL DOCUMENT

Data Security and Privacy. Topic 14: Authentication and Key Establishment

How Alice and Bob meet if they don t like onions

Privacy Enhancing Technologies CSE 701 Fall 2017

Configuring Caching Services

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

Robust Defenses for Cross-Site Request Forgery

Applications & Application-Layer Protocols: The Web & HTTP

Network Security (PhD Section)

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Port-Scanning Resistance in Tor Anonymity Network. Presented By: Shane Pope Dec 04, 2009

Anonymity in P2P Systems

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

Transcription:

Why anonymity? The web contains a wealth of information on topics that you might want to explore privately Support groups victims of crime private health concerns Job search don t want to inform current employer of search Concerned with private retrieval, not publishing 2 1

Privacy on the web NOT Browsers advertise IP address, domain name, organization, referring page platform: O/S, browser which information is requested Information available to end servers local system administrators other third parties (e.g., doubleclick.com) Cookies (not so sweet) 3 A typical HTTP request Example GET http://www.amazon.com/ HTTP/1.0 User-Agent: Mozilla/3.01 (X11; I; SunOS 4.1.4 sun4m) Host: www.amazon.com Referer: http://www.alcoholics-anonymous.org/ Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */* Cookie: session-id-time=868867200; session-id=6828-2461327- 649945; group_discount_cookie=f 4 2

Example: doubleclick.com Numerous sites link to ads at doubleclick.com Due to Referer: field, doubleclick may capture your whole click-stream! Site A You Referer: Site A Referer: Site B Site B doubleclick.com 5 Online privacy in the press 6 3

Facets of anonymity Adversaries Eavesdroppers local (system administrators) global (backbone administrator) Active attackers (local, global) End servers, other users Properties Sender anonymity Receiver anonymity Unlinkability of sender and receiver 7 The Anonymizer Acts as a proxy for users Hides information from end servers Browser Request Reply Anonymizer Request Reply End Server Sees all web traffic Adds ads to pages 8 4

Mixes [Chaum81] Sender B, C, dest,msg k C k B k A Mix C msg Destination dest,msg k C Mix A C, dest,msg k C k B k X = encrypted with public key of Mix X Mix B Sender routes message randomly through network of Mixes, using layered public-key encryption. 9 Limitations of mixes Require public key cryptography (costly) All send fixed-length messages, at regular intervals, including dummies when necessary (more costly) Vulnerable to timing attacks by first and last mix, if used for synchronous communication No sender anonymity from first mix or sys. admin. 10 5

A new technique for anonymity on the web A system that implements it code now available in the US and Canada Can be analyzed in the face of various adversaries Degrees of anonymity 11 How works Each user joins a crowd of other users Each user represented by a jondo on her machine Each jondo either submits request to end server or forwards it to a randomly chosen jondo A jondo cannot tell if a request is initiated by the previous jondo or one before it Request and reply follow same path 12 6

Example Crowd members Web servers 2 1 3 6 5 6 5 3 1 4 4 2 13 Strip out Other jondo jobs cookies (option to include) identifying headers From: Referer: User-Agent: Pragma: Add the word Crowd to title of page Provide messages to the user 14 7

More Degrees of anonymity Absolute privacy: adversary cannot observe communication Beyond suspicion: no user is more suspicious than any other Probable innocence: each user is more likely innocent than not Possible innocence: nontrivial probability that user is innocent Exposed (default on web): adversary learns responsible user Provably exposed: adversary can prove your actions to others Less 15 What achieves Attacker Sender Anonymity Receiver Anonymity Local eavesdropper exposed p(beyond suspicion) ->1 as n -> c collaborating jondos, where pf n pf 1/2 (c+1) probable innocence + p(absolute privacy) ->1 as n -> p(absolute privacy) ->1 as n -> End server beyond suspicion N/A 16 8

Probable innocence H k = first collaborator is at position k I = first collaborator is immediately preceded by initiator Path initiator has probable innocence if P(I H 1+ ) <= 1/2 p P(H i ) = ( f (n-c) i-1 n ) c ( n ) (prob. forwarding * prob. of noncollaborator )^ i-1 * prob of collab. 17 Probable innocence (cont.) P(H 1+ ) = P(H 2+ ) = c n c n S k=0 S k=1 p f (n-c) ( n ) k p f (n-c) ( n ) k P(H 1 ) = P(I H 2+ ) = I H 2+ means collabs. get from initiator on hop 2 P(I) = P(H 1 ) P(I H 1 ) + P(H 2+ ) P(I H 2+ ) c n 1 n - c 18 9

Number of collaborators P(I H 1+ ) = P(I H 1 ) P(H 1+ ) = P(I) P(H 1+ ) If n p f p f 1/2 (c+1), then P(I H 1+ ) <= 1/2 E.g. take p f = 3/4, then n 3(c+1) ensures probable innocence So, we can tolerate having almost 1/3 of the jondos in the crowd collaborating for this value of p f 19 Encryption Used to defend again local eavesdropper Path key used to encrypt request and replies Path key is re-encrypted with pairwise keys on each hop Fast stream cipher used to encrypt replies Requester/submitter build stream while waiting for reply 20 10

Static paths Dynamic paths enable collaborators to locate the initiator link different paths based on content, timing choose jondo from which paths are most often received Paths are rerouted only when a jondo fails (path is rerouted as to not risk anonymity) a new jondo joins joiner idle until join commit occurs at join commit all static paths are rerouted once all user are notified about path rerouting 21 Embedded images Automatically retrieved by browser Can lead to a timing attack first jondo realizes it is first due to timing of image requests To prevent submitting jondo sends images along with page requesting jondo does not request images of crowd, but reads them in reply 22 11

23 Performance tests Setup: 4 jondos moderately loaded 150 Mhz Sparc 20s, running SunOS 4.1.4 Web server 133 Mhz SGI running Irix 5.3 and Apache web server All machines at AT&T on the same LAN Tested different path lengths different page sizes different numbers of embedded images 24 12

Impact of page size 25 Impact of embedded images 26 13

Scale Expected number of appearances of a jondo on all paths is 1 ( 1 O( ) n ) (1 - p f ) 2 1 + So crowds scales well as crowd size grows Expected path length is 1 1 - p f 27 Deployment issues Firewalls jondos outside cannot connect to jondos inside insiders can still participate, with weaker anonymity Different speed connections separate crowds for slow modem users SSL cannot parse HTML, to avoid timing attacks Must disable Java and Javascript 28 14

Crowd membership - mechanism Security relies on ability to control crowd membership must maintain ratio of n to c We use a blender and user accounts authenticates crowd joining requests generates pairwise keys notifies jondos of new members Blender is NOT a central point for passive attack/failure Blender only assists in crowd membership, has nothing to do with browsing afterwards 29 Crowd membership - policy Two types of crowds 20-30 members, tight membership control huge membership, controlled by sheer size and some heuristics one jondo/machine limited machines/domain 30 15

Future directions Use Diffie-Hellman for pairwise keys blender does not get to know keys more resistance to passive attacks Replicated blender higher availability resistance to active attacks (e.g., Rampart) Address the mobile code problem have made some progress on this 31 Risks of Others requests may come from your machine people unaware of may think they are yours Web vendors that rely on IP address to avoid fraud gives fraudsters an anonymous web presence Target advertisers may be upset Any argument against anonymity... 32 16

Vision Wide-scale adoption of crowds on the Internet No more correlation between a web request the machine that made the request Less targeted advertising A step towards greater user privacy 33 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback