Upload File

class 13 introduction to anonymity cis 755: advanced computer security spring 2014 eugene vasserman...

  • Home
  • Documents
  • Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14
21
Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman http://www.cis.ksu.edu/~eyv/CIS755_S 14/

Upload: anastasia-jackson

Post on 23-Dec-2015

214 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Class 13Introduction to Anonymity

CIS 755: Advanced Computer SecuritySpring 2014

Eugene Vasserman

http://www.cis.ksu.edu/~eyv/CIS755_S14/

http://www.cis.ksu.edu/~eyv/CIS755_S14/
Page 2: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Administrative stuff

• Quizzes and Exam II– Scheduling– Format

Page 3: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Anonymity Concepts

• Privacy– Confidentiality

• Anonymity/Pseudonymity– Unobservability– Unlinkability

Page 4: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Dining Cryptographers

• Three people toss coins: heads=1, tails=0• Menus hide right-hand coin• XOR your coin flip result and left

neighbor’s result• Report value to everyone• Report opposite value to send a single bit• If the sum is odd, someone sent a message

Page 5: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Dining Cryptographers II

• Slow• Error-prone• Needs tamper detection• Does not scale• Provides unobservability

Page 6: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Unobservability

• k-anonymity (scalable dining cryptographers)– Must be implemented very carefully

• Link padding– Inefficient– Cover traffic knowledge

Page 7: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Unlinkability

• Sender can’t identify receiver• Receiver can’t identify sender• Neither knows who the other is

– How do we handle authentication?

• Unobservability implies unlinkability (?)

Page 8: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

For Bob For Bob from Alicefrom AliceFor Carol For Carol from Alicefrom AliceFor David For David from Alicefrom Alice

Onion Encryption

Page 9: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Message for BobWrapping for CarolWrapping for Doug

Onion Encryption IIBob

Alice

Wrapping for Edward

Edward

Doug

Carol

Page 10: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Chaum MixesBob

Alice

Output in lexographic order

Page 11: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Global AdversaryBob

Alice

Page 12: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Chaum Mix CascadeBob

Alice

Page 13: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Anonymous Reply

• Address for replies:

• Reply:

• Mix0 decrypts N,A; sends:

• Mix decrypting reply does not know destination• Mix encrypting reply does not know source

Page 14: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Mixminion

A

B

C

D

E Bob

A,B,C,D,E

Alice

Bob

Page 15: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Problems with MixMinon

• Centralized entities required– Availability failure– Anonymity failure (how?)

• Malicious nodes:– Control entry and exit– Unlikely

Page 16: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Anonymous Email

• High-latency• Low-throughput• Provides unlinkability

– Have to be careful about authentication

• No default end-to-end confidentiality (PGP)– Actually, there is for replies

• Secure against global adversary

Page 17: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Anonymous Web Browsing

• Low-latency• Medium-throughput• Server does not know client• Provides sender unlinkability

– Have to be careful about authentication

• No default end-to-end confidentiality (SSL)• NOT secure against global adversary

Page 18: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Tor

A

B

C

TCP over TCP (UGH!)

Page 19: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Anonymous Web Services

• Web service does not know client• Client does not know web service• Provides sender and receiver unlinkability

• Rendezvous

Page 20: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Tor Hidden Services

A

B

C

D

E

F

Page 21: Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Questions?

Reading discussion


Class 5 Practical Considerations and Physical Security CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

Class 4 Secure Channels and Practical Considerations CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

5th edition July 11th > 17th 2017fidmarseille.org/pdf/CatalogueFIDCampus2017.pdf · dYV [`Z_VU eYV >`fZd >f^ZVcV dTY``] Z_ >j`_ EYV Îc h`c\VU Sd 6 A B hZeY S VTZS] Z_eVcV Z_ d`f_U

20 a 14 : 16 : 30 EM V —BE ! 03-6825-5503 37-18 eyV H P ... · 20 a 14 : 16 : 30 EM V —BE ! 03-6825-5503 37-18 eyV H P : http:l 12 : : 05 F453-0015 8-12 7— IF TEL: 052-452-6036

EYV 2011 - VOLUNTEERING MATTERS Impact of Youth ... · Several universities are members of AIESEC, an international youth run organisation present in 110 countries. It facilitates

0*)$rbdi.bruylant.be/public/modele/rbdi/content/rbdi_2016... · 2016-09-26 · `eYVc h`cUd%eYV Z_ZeZR] RZ^ `W eYZd RceZT]V Zd e` R_R]jdV eYV VT`_`^ZT%d`TZR] R_U a`]ZeZTR] T`_eVie

8RjU` C`RU m 3ZdY`ad :eTYZ Xe` m 4G%( #BH @WWVcd Z eYV ... · a`eV_eZR] W`c R_ R__ViV hYZ]V eYV WfceYVc U`fS]V SVUc``^ YRd R gZVh `W eYV UV]ZXYeWf] cVRc XRcUV_ R_U eYV eYZcU SVUc``^

Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

One-way indexing for plausible deniability in censorship resistant storage Eugene Vasserman, Victor Heorhiadi, Nicholas Hopper, and Yongdae Kim

6 ,(,!,&- ,%)*. )# )$&- #)*'!,&)(hRcUd eYV YVRU `W eYVdV ZTV WR]]d Zd _`c^R]]j decReZWZVU Rd dVV_ Z_ eYV UVVa TcVgRddVd Z^^VUZReV]j RS`gV eYV ZTV WR]]d( HYV YZXY gV]`TZej `W W]`h%,%***

Retrofitting Communication Security into a Publish ...people.cs.ksu.edu/~eyv/papers/mdcf-sehc14.pdf · Retrofitting Communication Security into a Publish/Subscribe Middleware Platform

Towards freedom of speech on the Internet: Censorship ...people.cs.ksu.edu/~eyv/papers/thesis_draft-Vasserman.pdfthat censorship by governments, ISPs, and corporations represents a

European Commission The European Year of Volunteering 2011 Ekaterini Karanika Policy Officer EYV 2011 Task Force European Commission DG COMM C.2

Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

EYV 2011 - VOLUNTEERING MATTERS Impact of Youth [email protected]. 4 In the school we learnt about it Dayanishma (solidarity, cooperation)…maybe IMECE they are still

Michael Schliep*, Eugene Vasserman, and Nicholas Hopper ...hoppernj/sym_gotr_pets18.pdfConsistentSynchronousGroupOff-The-RecordMessagingwithSYM-GOTR 183 – Message RepudiationThere

Proceedings of the 14th ACM Conference on …NicholasHopper,Eugene Y. Vasserman,EricChan-Tin(UniversityofMinnesota) • DenialofService orDenialof Security? 92 NikitaBorisov (Universityof

European Commission The European Year of Volunteering 2011 – progress so far John Macdonald Head of EYV 2011 Task Force European Commission DG COMM – C.2

European Commission The European Year of Volunteering 2011 John Macdonald Head of EYV 2011 Task Force European Commission DG COMM – C.2

Bloque 4 eyv

EYV 2011 - VOLUNTEERING MATTERS Impact of Youth ... · PDF fileEYV 2011 - VOLUNTEERING MATTERS Impact of Youth Volunteering in Philippines April - October 2011 By Mimmi Viviana Clase

Class 11 Enterprise Network Protection CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Van Gogh I - jackooij.nl · Van Gogh I • • • • • • EYV Rce `W dV]]Z_X j`fc W]`cR 9VRU ^`Uf]V EYV Rce `W dV]]Z_X j`fc W]`cR DZUV ^`Uf]V "#! EYV Rce `W dV]]Z_X j`fc W]`cR

Sasha Vasserman. Two triangles are similar if two pairs of corresponding angles are congruent

Class 8 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

“Helping Hands” Hope for Europe! Conference Report · “Helping Hands” Hope for Europe! Conference Report 8-9 October 2015, Brussels Five years after EYV 2011, volunteers continue

GRAPEVIN TUSCANY’S E · eYV TYRcT`R] XcZ]]+ 3ZdeVTTR R]]R 7Z`cV_eZ_R E 3`_V deVR\ ]R^S ^ZiVU XcZ]] DaVTZR]ZkVU Z_ dVRW``U UZdYVd hZeY WcVdY WZdY VgVcj URj :_ eYV XcVV_ =fTTR T`f_ecjdZUV

Class 13 Review CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

Combating Double-Spending Using Cooperative P2P Systems Author : Ivan Osipkov, Eugene Y. Vasserman, Nicholas Hopper, Yongdae Kim Source : International

One-way indexing for plausible deniability in censorship ... · One-way indexing for plausible deniability in censorship resistant storage Eugene Vasserman, Victor Heorhiadi, Nicholas

Web Security Sankar Roy 1. Acknowledgement While preparing the presentation slides and the demo, I received help from Professor Eugene Vasserman Professor

Disclaimer - Seoul National Universitys-space.snu.ac.kr/bitstream/10371/122336/1/000000140736.pdf · dVbfVnTVd Woc eYV XVnVd ingo]gVU in UcfX aYRcmRTokinVeiTd (GB) RnU aYRcmRToUjnRmiTd

Class 7 Network Protection and Digital Currency CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

Class 5 Channels and Preview CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

9^]cT]cb · @_ cV]ReZ‘_ e‘ eYV Z_T‘^V deReV^V_e W‘c -+,0 R_U W‘c eYV WZcde bfRceVc ‘W -+,1’ eYV V_ecj Z_e‘ W‘cTV ‘W 8R_\ ‘W JaRZ_ 9ZcTf]Rc 0*-+,/ Z_ eYV WZcde