Anonymity and Privacy Enhancing Technologies

Privacy Policy, Law and Technology • Carnegie Mellon University • Fall 2004 • Lorrie Cranor • http://lorrie.cranor.org/courses/fa04/ 1

Anonymity and Privacy Anonymity and Privacy Enhancing TechnologiesEnhancing Technologies

Week 10 - November 2, 4


Cartoon dogs are anonymous on the InternetCartoon dogs are anonymous on the Internet


Real dogs are anonymous on the Internet too!Real dogs are anonymous on the Internet too!


The Internet can’t be censoredThe Internet can’t be censored

“The Net treats censorship as damage and routes around it.”

- John Gillmore


Actually, none of this is trueActually, none of this is trueIt is easy to adopt a pseudonym or a

persona on the Internet, but it is difficult to be truly anonymousIdentities can usually be revealed with

cooperation of ISP, local sys-admins, web logs, phone records, etc.

The Internet can put up a good fight against censorship, but in the end there is still a lot of Internet censorshipRepressive governments and intellectual

property lawyers have been pretty successful at getting Internet content removed


Degrees of anonymityDegrees of anonymity

Absolute privacy: adversary cannot observe communication

Beyond suspicion: no user is more suspicious than any other

Probable innocence: each user is more likely innocent than not

Possible innocence: nontrivial probability that user is innocent

Exposed (default on web): adversary learns responsible user

Provably exposed: adversary can prove your actions to others

More

Less


The AnonymizerThe Anonymizer

Acts as a proxy for users

Hides information from end servers

Sees all web traffic

Adds ads to pages (free service; subscription service also available)

http://www.anonymizer.com

Anonymizer

Request Request

ReplyReply

Client Server


Cryptography BasicsCryptography BasicsEncryption algorithm

used to make content unreadable by all but the intended receivers

E(plaintext,key) = ciphertextD(ciphertext,key) = plaintext

Symmetric (shared) key cryptographyA single key is used is used for E and D

D( E(p,k1), k1 ) = p

Management of keys determines who has access to contentE.g., password encrypted email


Public Key CryptographyPublic Key CryptographyPublic Key cryptography

Each key pair consists of a public and private component: k+ (public key), k- (private key)

D( E(p, k+), k- ) = pD( E(p, k-), k+ ) = p

Public keys are distributed (typically) through public key certificatesAnyone can communicate secretly with

you if they have your certificateE.g., SSL-base web commerce

Privacy Policy, Law and Technology • Carnegie Mellon University • Fall 2004 • Lorrie Cranor • http://lorrie.cranor.org/courses/fa04/10

B, kAC kB

Mixes [Chaum81]Mixes [Chaum81]

Sender routes message randomly through network of “Mixes”, using layered public-key encryption.

Mix A

dest,msg kC

C kBdest,msg kC

dest,msg kC

Sender Destination

msgMix C

kX = encrypted with public key of Mix X

Mix B


CrowdsCrowds Users join a Crowd of other users

Web requests from the crowd cannot be linked to any individual

Protection fromend serversother crowd memberssystem administratorseavesdroppers

First system to hide data shadow on the web without trusting a central authority

http://avirubin.com/cacm.pdf


CrowdsCrowds

1

2

6

3

5

4

3

5

1

6

24

Crowd members Web servers


Anonymous censorship-resistant Anonymous censorship-resistant publishingpublishing

The printing press and the WWW can be powerful revolutionary toolsPolitical dissentWhistle blowingRadical ideas

but those who seek to suppress revolutions have powerful tools of their ownStop publicationDestroy published materialsPrevent distributionIntimidate or physically or financially harm

author or publisher


Anonymity increases censorship-Anonymity increases censorship-resistanceresistance

Reduces ability to force “voluntary” self-censorship

Allows some authors to have their work taken more seriouslyReduces bias due to gender, race, ethnic

background, social position, etc.

Many historical examples of important anonymous publicationsIn the Colonies during Revolutionary War when

British law prohibited writings suggesting overthrow of the government

Federalist papers


Publius design goalsPublius design goals Censorship resistant

Tamper evident

Source anonymous

Updateable

Deniable

Fault tolerant

Persistent

Extensible

Freely Available


Publius OverviewPublius Overview

Publius Content – Static content (HTML, images, PDF, etc)

Publishers – Post Publius content

Servers – Host Publius content

Retrievers – Browse Publius content

Publishers Servers Retrievers


Publishing a Publius documentPublishing a Publius document

Generate secret key and use it to encrypt document

Use “secret splitting” to split key into n shares This technique has special property that only k out of n shares

are needed to put the key back together

Publish encrypted document and 1 share on each of n servers

Generate special Publius URL that encodes the location of each share and encrypted document – example: http://!publius!/1e6adsg673h0==hgj7889340==345lsafdfg

Publishers Servers


Retrieving a Publius documentRetrieving a Publius document

Break apart URL to discover document locations

Retrieve encrypted document and share from k locations

Reassemble key from shares

Decrypt retrieved document

Check for tampering

View in web browser



Publius proxiesPublius proxies

Publius proxies running on a user’s local machine or on the network handle all the publish and retrieve operations

Proxies also allow publishers to delete and update content


PROXY

PROXY


Threats and limitationsThreats and limitations Attacks on server resources

100K Content Limit (easy to subvert)Server limits # of files it will storePossibility: use a payment scheme

Threats to publisher anonymity

“Rubber-Hose Cryptanalysis”Added “don’t update” and don’t delete bit

Logging, network segment eavesdropping

Collaboration of servers to censor contentA feature?


DiscussionDiscussionTechnology that can protect “good”

speech also protects “bad” speech

What if your dog does publish your secrets to the Internet and you can't do anything about it?

Is building a censorship-resistant publishing system irresponsible?

If a tree falls in a forest and nobody hears it….


For further readingFor further readingPublius web site http://cs.nyu.edu/waldman/publius.html

Publius chapter in Peer-to-Peer: Harnessing the Power of Disruptive Technologies edited by Andy Oram

The Architecture of Robust Publishing Systems. ACM Transactions on Internet Technology 1(2):199-230 http://doi.acm.org/10.1145/502152.502154


Anonymous Anonymous eemailmailAnonymous remailers allow people to

send email anonymously

Similar to anonymous web proxiesSend mail to remailer, which strips out

any identifying information (very controversial)

Johan (Julf) Helsingius ~ Penet

Some can be chained and work like mixes

http://anon.efga.org/Remailers


Regulatoryand

self-regulatoryframework

Regulatoryand

self-regulatoryframework

ServiceUser

The Internet

Secure channel

P3P user agent

Cookie cutter

Anonymizing agent

Privacy toolsPrivacy tools


Anonymity tool applicationsAnonymity tool applicationsCommunication

Publishing

Payments

Voting

Surveys

Credentials


Homework 10 discussionHomework 10 discussionhttp://lorrie.cranor.org/courses/fa04/h

w10.html


Homework 11Homework 11http://lorrie.cranor.org/courses/fa04/h

w11.html


Guest speakerGuest speakerAnn Cavoukian

Anonymity and Privacy Enhancing Technologies

Documents

Transcript of Anonymity and Privacy Enhancing Technologies