1 / 27

A Tale of Research: From Crowds to Deeper Understandings

A Tale of Research: From Crowds to Deeper Understandings. Matthew Wright Jan. 25, 2006 6392-017: Adv. Network Security. Overview. Act I: Hordes Applying a tool elsewhere Act 2: The “Predecessor Attack” How it works Proof Analysis Simulation Act 3: (then) Future Directions.

bnocera
Download Presentation

A Tale of Research: From Crowds to Deeper Understandings

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Tale of Research:From Crowds to Deeper Understandings Matthew Wright Jan. 25, 2006 6392-017: Adv. Network Security

  2. Overview • Act I: Hordes • Applying a tool elsewhere • Act 2: The “Predecessor Attack” • How it works • Proof • Analysis • Simulation • Act 3: (then) Future Directions

  3. A New Application • Brian Levine & Clay Shields • Multicast & Networking • Properties of Multicast • many receivers • tree structure • subscription model • Status is unknown to routers and hosts • Bad for maintenance • efficient for streaming

  4. One Issue w/ Crowds • Crowds • Network costs are high • TCP over multiple hops is bad for streams R X Y I W Z

  5. Hordes • Crowds 4 outgoing • (requests, ACKs) • Multicast 4 incoming streams • Everyone joins multiple trees • Don’t know who’s on each tree • Don’t know who’s listening

  6. Act I Lessons • Understanding Prior Work • Find problems & try to solve them • Apply New Tools • Rather, old tools, but new to the area

  7. Act II: Another Issue w/ Crowds • What does 5.3.2 say? • What does it not say?

  8. Adding New Members • If paths are maintained indefinitely, any member joining the group would be immediately identifiable as the initiator. • Because of this, group joins occur in batches (e.g., once every hour). • Each time new members are allowed in, new paths are created for all members.

  9. Intuitive notion of passive attacks A A Z B W E D Y T C X

  10. Attacking Crowds I • Paths change • Attacker sees session-identifying info • Responder’s IP address • Cookie, login name, specific content X A Y Z R

  11. Attacking Crowds I • Paths change • Attacker sees session-identifying info • Responder’s IP address • Cookie, login name, specific content X A Y Z R

  12. When in this positionprob=1 that initiator ispredecessor. When in any of these positions, prob=1/n for any node as predecessor. Attacking Crowds • Log the node before the attacker • nCrowds nodes … I 1 2 3 L

  13. Question • What are the contributions of WALS02?

  14. Attacking in General • Attack applies to any protocol for anonymity, provided that: • Paths* of proxies change • Uniformly random selection of paths • There exists a position of attackers: • see the initiator send messages in the session • determine the session information

  15. Crowds Analysis • Goal: Quantify time required for attack to succeed • Notation • nis the number of Crowds nodes • c is the number of attackers nodes (c < n) • Observations • Probability of selecting an attacker for a given position: (c / n ) n- nodes c - attackers

  16. 1/2 E(I) Crowds Analysis • T rounds (path reformations) No. of times each node is seen by the attackers … … A B I X Y Z

  17. Crowds Analysis • Chernoff bounds • Q: How big does T have to be? • A: The attacker must be in the first position on the initiator’s path several times • c/n chance • n/c expectation • O(n/c log n) times to get a high probability (n-2)/n n- nodes c - attackers

  18. Onion Routing (GRS96) • Initiator-chosen paths • Instead of flipping a coin, the Initiator chooses the entire path and builds an onion. IàXàYàZàR • Layered encryption of data using the public key of each proxy in the path. {Z,{R,data}Kz+}Ky+ {Y,{Z,{R,data}Kz+}Ky+}Kx+ {R,data}Kz+ data • Sending the onion • I àX: {Y,{Z,{R,data}Kz+}Ky+}Kx+ • XàY: {Z,{R,data}Kz+}Ky+ • YàZ: {R,data}Kz+ • ZàR: data

  19. 17 ms 12 ms Onion Routing R X Y I A1 A2

  20. Mix-Nets (Ch81+) • Same as Onion Routing • Added • Dummy messages • Batching • Message reordering • Stops Timing attacks

  21. Attacking Onion Routing • Insufficient to have just one node • Timing analysis allows two attackers to link I and R • The exponent is intuitively related to the number of positions on the path needed to mark an entry. • O( (n/c)2 log n) path resets R X Y I A1 A2 n- nodes c - attackers

  22. Attacking Mix-Nets • Mixing • Reordering messages • Dummy messages • Delay • Stops timing attacks • O.R. attack no longer works • Need the entire path to trace the message • To attack Mix-nets, if the path is L nodes long, then L attackers have to appear in sequence. • In each round, chances are (c/n)L. • O( (n/c)L log n) path resets n- nodes c - attackers

  23. Summary of Predecessor Attacks • Attack effects all systems of anonymous communications. • Apparent trade-off between performance and security. n- nodes c - attackers

  24. Act II Lessons • Answer open questions • Is it efficient enough for X application? • What are the tradeoffs here? • Generalize solutions (or attacks) • Where else does this apply? • Can it be modified to apply to a group? • With what costs/issues?

  25. Act III: The next step • What did WALS02 leave unanswered?

  26. Questions (II) • Consequences for users? • You’re not secure forever • How tight are these bounds? • Are there defenses?

  27. Assumptions that can be broken • We assumed that all nodes are chosen for each spot on the path with equal probability • What if nodes are chosen with a bias?

More Related