CS 4740 / CS 6740 - baixardoc

10
CS 4740 / CS 6740 Network Security Lecture 11: Anonymous Communications (Wave Hi to the NSA)

Transcript of CS 4740 / CS 6740 - baixardoc

Page 1: CS 4740 / CS 6740 - baixardoc

CS 4740 / CS 6740Network Security

Lecture 11: Anonymous Communications

(Wave Hi to the NSA)

Page 2: CS 4740 / CS 6740 - baixardoc

2

Page 3: CS 4740 / CS 6740 - baixardoc

You Are Not Anonymous3

Your IP address can be linked directly to you

ISPs store communications records

Usually for several years (Data Retention Laws)

Law enforcement can subpoena these records

Your browser is being tracked

Cookies, Flash cookies, E-Tags, HTML5 Storage

Browser fingerprinting

Your activities can be used to identify you

Unique websites and apps that you use

Types of links that you click

Page 4: CS 4740 / CS 6740 - baixardoc

Wiretapping is Ubiquitous4

Wireless traffic can be trivially intercepted

Airsnort, Firesheep, etc.

Wifi and Cellular traffic!

Encryption helps, if it’s strongWEP and WPA are both vulnerable!

Tier 1 ASs and IXPs are compromised

NSA, GCHQ, “5 Eyes” ~1% of all Internet traffic

Focus on encrypted traffic

Page 5: CS 4740 / CS 6740 - baixardoc

Who Uses Anonymity Systems?5

“If you’re not doing anything wrong, you shouldn’t have anything to hide.” Implies that anonymous communication is for criminals

The truth: who uses Tor?

Journalists

Law enforcement

Human rights activists

Normal people

Fact: Tor was/is developed by the Navy

Business executives

Military/intelligence personnel

Abuse victims

Page 6: CS 4740 / CS 6740 - baixardoc

Why Do We Want Anonymity?6

To protect privacy

Avoid tracking by advertising companies

Viewing sensitive content

Information on medical conditions

Advice on bankruptcy

Protection from prosecution

Not every country guarantees free speech

Downloading copyrighted material

To prevent chilling-effects

It’s easier to voice unpopular or controversial opinions if you are anonymous

Page 7: CS 4740 / CS 6740 - baixardoc

Anonymity Layer7

Function:

Hide the source, destination, and content of Internet flows from eavesdroppers

Key challenge:

Defining and quantifying anonymity

Building systems that are resilient to deanonymization

Maintaining performance

Application

Presentation

Session

Transport

Network

Data Link

Physical

Anonymity

Page 8: CS 4740 / CS 6740 - baixardoc

Definitions and Examples

Crowds

Chaum Mix / Mix Networks

Tor

Outline8

Page 9: CS 4740 / CS 6740 - baixardoc

Quantifying Anonymity9

How can we calculate how anonymous we are?

Anonymity Sets

Larger anonymity set = stronger anonymity

Who sent this message?

Suspects (Anonymity Set)

Page 10: CS 4740 / CS 6740 - baixardoc

CS Options - Dorset Council

CS Options - Dorset Council

Megadeth - baixardoc

Megadeth - baixardoc

Code profiling - CS | Karlstads universitet

Code profiling - CS | Karlstads universitet

The Four-Year Career Plan for CS Majors CS 191 Fall 2021

The Four-Year Career Plan for CS Majors CS 191 Fall 2021

T6. COURSE SPECIFICATIONS (CS)

T6. COURSE SPECIFICATIONS (CS)

User Manual DPS 1200B_2000B-48-12_8 CS ... - baixardoc

User Manual DPS 1200B_2000B-48-12_8 CS ... - baixardoc

nitesh kr. jaiswal cs classes

nitesh kr. jaiswal cs classes

Can Fin cs Ltd - WVB

Can Fin cs Ltd - WVB

ELECTRONI CS TECHNOLOGY4 COMPUTER PROJECTS

ELECTRONI CS TECHNOLOGY4 COMPUTER PROJECTS

CS-ETSO (A - EASA

CS-ETSO (A - EASA

Scratch Programming - Rutgers CS

Scratch Programming - Rutgers CS

CS Foundation Course - ICSI

CS Foundation Course - ICSI

agradecimientos - baixardoc

agradecimientos - baixardoc

Fellows Program - CS Lewis Institute

Fellows Program - CS Lewis Institute

Dave Cliff - CS Archive

Dave Cliff - CS Archive

08. Imron cs

08. Imron cs

CS Kids Magazine - August 2013

CS Kids Magazine - August 2013

HCP - CS - Hitachi Vantara Knowledge

HCP - CS - Hitachi Vantara Knowledge

CS-Cart Professional Reference Guide

CS-Cart Professional Reference Guide

DATA CS DI BATANG

DATA CS DI BATANG