1 / 11

Deniable and Traceable Anonymity

Deniable and Traceable Anonymity. Andrew Bortz Joint work with: Luis von Ahn Nick Hopper Kevin O’Neill (Cornell). Anonymous Communication. Allow parties to communicate without anyone, including the two parties, knowing who is talking to whom

latriceb
Download Presentation

Deniable and Traceable Anonymity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Deniable and Traceable Anonymity Andrew Bortz Joint work with: Luis von Ahn Nick Hopper Kevin O’Neill (Cornell) Aladdin Center, Carnegie Mellon University

  2. Anonymous Communication • Allow parties to communicate without anyone, including the two parties, knowing who is talking to whom • We can imagine many different levels of anonymity, in many different models • Incredibly useful for privacy preservation in an increasingly digital world Aladdin Center, Carnegie Mellon University

  3. Motivation • So, great stuff! It would be great if we could use it, but: • Very complex • Very inefficient • Not even secure • Fix all of this! Aladdin Center, Carnegie Mellon University

  4. Previous Work • Onion Routing (Chaum) • DC-Nets (Chaum) • k-AMT (von Ahn, Bortz, Hopper) • DC-Nets Revisited (Juels, Golle) • And many more… Aladdin Center, Carnegie Mellon University

  5. Unfinished Business • We use models that simplify the world that these protocols operate in. • Approximate the real world • Easy to analyze • But we have found holes in these models where real-life problems are not analyzed correctly, and thus the protocols are insecure Aladdin Center, Carnegie Mellon University

  6. Deniability • Parties could be forced to prove they didn’t send a particular message • Even worse, can be done in zero-knowledge, so there is no plausible reason to refuse such a proof • Ideally, we’d like it to be impossible to prove that you didn’t send a message* Aladdin Center, Carnegie Mellon University

  7. Is Anything Deniable? • Well… yes: • DC-Nets and Onion Routing • And for two different reasons! • But interestingly: • k-AMT and DC-Nets Revisited are not! • And unfortunately it doesn’t seem easy at all to correct this • Very hard, but we’re working on it Aladdin Center, Carnegie Mellon University

  8. Traceability • Allow the group to vote to reveal the identity of the sender of a message • Useful in the case of particularly bad messages • Governments might prohibit truly anonymous communication unless it is traceable Aladdin Center, Carnegie Mellon University

  9. First Attempts • Use group signatures! • Members of the group can sign, no one can tell which signed unless the anonymity of a signature is revoked • Sign every message that is sent through the anonymous protocol, and when receiving a message, throw out those that don’t have a signature • Does anyone see the problem? Aladdin Center, Carnegie Mellon University

  10. Overall Goals • Theme of these two properties: • No one should know anything about the sender and receiver except • If a threshold has been reached, and then only precisely what the group votes to reveal • Very precise revelation of information Aladdin Center, Carnegie Mellon University

  11. Questions? Aladdin Center, Carnegie Mellon University

More Related