1 / 12

CMSC 414 Computer and Network Security Lecture 21

CMSC 414 Computer and Network Security Lecture 21. Jonathan Katz. Administrative items. Midterm next week Based on everything from last midterm through today Discussion of HW2…. Anonymous communication. Anonymizers. Single anonymizer proxy… How to achieve bidirectional communication

dknisley
Download Presentation

CMSC 414 Computer and Network Security Lecture 21

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CMSC 414Computer and Network SecurityLecture 21 Jonathan Katz

  2. Administrative items • Midterm next week • Based on everything from last midterm through today • Discussion of HW2…

  3. Anonymous communication

  4. Anonymizers • Single anonymizer proxy… • How to achieve bidirectional communication • Note: one side need not know the other • Anonymizers already exist! • Email • http

  5. Anonymizers • Issues/drawbacks? • Robustness • Useful for hiding the source from the destination; less useful for preventing full-fledged traffic analysis… • Unless encryption is used, which it typically would not be • Possible attacks • Latency vs. timing correlation • 0-latency solution using spurious messages? • One user sending multiple messages to the same server • Message sizes • Replay attacks

  6. Onion routing • Use multiple servers… • Send “onions”; strip off a layer at each hop • Only the initiator knows the entire route! • Bidirectional communication? • Routing tables • Reply onions (pre-compute keying material) • Security issues? • Payload sizes? (Use random padding) • Forward secrecy • Is it suspicious to contact an onion router?

  7. Peer-to-peer anonymizers • Every node can act as an onion router! • Why does this improve anonymity?

  8. Tor • All nodes also act as proxies • Negotiate pairwise keys between links • Forward secrecy • Routes maintained for ~10 minutes, then refreshed • Even the initiator does not know the path

  9. Mix Nets • Useful as a tool within specific protocols • Primarily voting • Each mix-net server receives a set of encrypted votes, “randomizes” and permutes them, and forwards then along to the next server • How to prove correctness?

  10. Covert channels • Anonymous communication is also possible using covert channels • May not even leak the fact that communication is happening at all! • May be a route for communication that is disallowed • Examples • Sending a print job • TCP timestamps/sequence numbers • Timeslicing

  11. Steganography • E.g., embed messages into low-order bits of images • More securely, use rejection sampling on any source

  12. Kleptography • Embed a covert channel (into crypto software/hardware) that leaks the secret key! • Known to be possible for standard crypto algorithms…

More Related