Upload File

andana: onion routing for ndn steve dibenedetto colorado state university andana: anonymous named...

  • Home
  • Documents
  • ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,
7
ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto, Paolo Gasti, Gene Tsudik, Ersin Uzun

Upload: cameron-lane

Post on 17-Dec-2015

213 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,

ANDaNA: Onion Routing for NDN

Steve DiBenedettoColorado State University

ANDaNA: Anonymous Named Data Networking Application NDSS ’12

Steven DiBenedetto, Paolo Gasti, Gene Tsudik, Ersin Uzun

http://arxiv.org/find/cs/1/au:+DiBenedetto_S/0/1/0/all/0/1
http://arxiv.org/find/cs/1/au:+Gasti_P/0/1/0/all/0/1
http://arxiv.org/find/cs/1/au:+Tsudik_G/0/1/0/all/0/1
http://arxiv.org/find/cs/1/au:+Uzun_E/0/1/0/all/0/1
Page 2: ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,

D: /omh/blood-pressure/steveLoc: /fitbit/key { mmHg: 100 }

D: /omh/blood-pressure/steve { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve

I: /omh/blood-pressure/steveNonce: <rand-int>Lifetime: <int>Loc: /fitbit/key

• Encrypted names, payloads, and header fields may link requester to sensitive content or leak information

Page 3: ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,

3

Onion Routing in NDN

/OR-1

/OR-2

I: /omh/blood-pressure/steveNonce: <rand-int>Loc: /fitbit/keyI: /omh/blood-pressure/steve

Nonce: <rand-int>Loc: /fitbit/key

I: /OR-2

I: /OR-1

I: /omh/blood-pressure/steveNonce: <rand-int>Loc: /fitbit/key

I: /OR-2I: /omh/blood-pressure/steveNonce: <rand-int>Loc: /fitbit/key

D: /omh/blood-pressure/steveLoc: /fitbit/key { mmHg: 100 }

D: /omh/blood-pressure/steveLoc: /fitbit/key

{ mmHg: 100 }

D: /OR-2

D: /omh/blood-pressure/steveLoc: /fitbit/key

{ mmHg: 100 }

D: /OR-2

D: /OR-1

Page 4: ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,

4

Improvements Over Tor• Need fewer relays than Tor (2 vs 3)

– Potentially 1 less Internet-wide RTT

• ANDaNA paths are HIGHLY ephemeral– No path setup cost– Change keys and relays at will during a Data stream without interruption– Tor sets up much longer lived circuits in comparison (~ 10 minutes)

• Symmetric key session-based mode also available– Can be freely intermixed with public key crypto mode for the same Data stream.

• NDN gives us a lot for free– CS improves retransmission and chance for cache hit at exit node– OR prefixes can refer to multiple relays– OR directory more robust to attacks thanks to signed Data

Page 5: ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,

5

The Exit Node Problem

/OR-1

/OR-2

I: /omh/blood-pressure/steveExclude: <name-comp>Loc: /fitbit/key

D: /omh/blood-pressure/steveLoc: /fitbit/key { mmHg: 100 }

NDN-NP environments are not the general case: both are privacy/security aware

Page 6: ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,

6

Summary

• ANDaNA provides a Tor-like service for NDN, but new tradeoffs to consider

• ANDaNA is fundamentally a proxy: use as many (or few) relays as needed

Page 7: ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,

7

Thoughts

• What’s the threat model for NDN-NP?

• Tradeoffs:– ANDaNA provides low latency anonymity– Mix networks could be used if NDN-NP can tolerate

latency

• Implementing confidentiality:– Confidentially must be left to applications.– Users don’t own the network, but can own overlays


THIN BRICK APPLICATIONS - Endicott ... - Andana · PDF fileThin Brick Cladding Benefits: • Design freedom • Lightweight construction • Quick installation • Economical in-place

dibenedettolaw.comdibenedettolaw.com/.../Corriere_Della_Sera-DiBenedetto-Amanda_Knox.pdf · una copia di backup del computer. ... libro-inchiesta sul mostro di Firenze. Preston non

Ajith Suresh - NDSS Symposium

Does Counting Still Count? - NDSS Symposium...NDSS 2013 Does Counting Still Count? Revisiting the Security of Counting based User Authentication Protocols against Statistical Attacks

L'estratègia del pingüí- Presentació de Ricard Peris / Andana Editorial

[Emmanuele DiBenedetto (Auth.)] Real Analysis(BookZa.org) Pages155,156,157,Etc

1 Andana Lucrare de Diploma

Absorption NDSS

I AM: Joy DiBenedetto

Andana Editorial Novetats 2012

YOU ARE WHAT YOU LIKE - NDSS Symposium · YOU ARE WHAT YOU LIKE INFORMATION LEAKAGE THROUGH USERS’ INTERESTS Abdelberi (Beri) Chaabane, Gergely Acs, Mohamed Ali Kaafar NDSS Symposium

Guide Me & Watch Me Succeed - NDSS

2020 Annual Report - NDSS

Valors Propostes didàctiques - Andana Editorial · Andana Editorial / Algemesí, 2010 Col·lecció: «VALORS», núm. 2 Format: 20×14,5 cm, 126 pàgs. Enquadernació en rústica

Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

CV Silvia Dibenedetto Pilates sito · CV_Silvia_Dibenedetto_Pilates_sito Created Date: 3/12/2018 10:16:20 PM

Social Engineering - nii.ac.jp · ... (analytics, advertising products ... In Network and Distributed System Security Symposium (NDSS 2012),

NDSS Ambassador Sargent Shriver International Global ...€¦ · David Egan 1 NDSS Ambassador Sargent Shriver International Global Messenger. JP Kennedy Jr. Public Policy Fellow

National Down Syndrome Society - NDSS · National Down Syndrome Society NDSS Community Support Programs NDSS is committed to providing the Down syndrome community with quality support

NDSS Registration Form - Diabetes Australia · PDF fileRegistration Form The National Diabetes Services Scheme (NDSS) is an initiative of the Australian Government administered by

Metamorph: Injecting Inaudible Commands ... - NDSS Symposium

Steve DiBenedetto: Edge Dwelling

CloudLeak - NDSS Symposium

Hyper-Cube - NDSS Symposium

NDSS 2007 Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, Giovanni Vigna

Jiap luis dibenedetto

SECTION 11 LEAGUE 6 TOURNAMENT 2014 @ SWRlongislandwrestling.org/liwa/hs/result14/league6bkts.pdfJack Taddeo SWR Champion Dec 10-1 DiBenedetto-JG Taddeo-SWR Dec 13-1 DiBenedetto-JG

ANDaNA: Anonymous Named Data Networking Application · tool, called ANDaNA, that borrows a number of features from Tor. As we demonstrate via experiments, it provides comparable anonymity

Phinding Phish: An Evaluation of Anti-Phishing Toolbars, at NDSS 2007

NDSS Symposium

ANDaNA Anonymous Named Data Networking Application.pdf

REALIZZATO DA : GAETANO DIBENEDETTO 2°D I.T.I.S. PER LA MATERIA TECNOLOGIA & DISEGNO REALIZZATO DA : GAETANO DIBENEDETTO 2°D I.T.I.S. PER LA MATERIA TECNOLOGIA

BotSniffer Ndss Slides

Polypyus – The Firmware Historian - NDSS Symposium

J19 DiBenedetto Al JCN03