Slide title
In CAPITALS
50 pt
Slide subtitle
32 pt
Muhammad Rizwan Asghar
August 14, 2019
PRIVACY AND ANONYMITY
Lecture 11
COMPSCI 316
Cyber Security
Source of most slides: Northeastern University, USA
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
2
FOCUS OF THIS LECTURE
Understand privacy and anonymity
Discuss solutions that offer privacy and
anonymity
Learn attacks on privacy and anonymity
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
3
MOTIVATION FOR PRIVACY
People have the right to keep their personal
data private
– Right to privacy
Privacy also means not to reveal information
about who is communicating with whom
The use of online services can pose a threat to
our privacy!
– There is a possibility to link users’ actions
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
4
MOTIVATION FOR ANONYMITY
Hiding identities of communicating parties from
each other or from third parties
Anonymity is a tool to preserve privacy
For many applications, a user identity might
not be needed by the service provider
– E.g., web browsing
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
5
USE OF ANONYMITY
Free speech for political and other comments
Whistleblowers
Journalists
Human rights activists
Normal users for avoiding tracking
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
6
ABUSE OF ANONYMITY
Disclosure of trade secrets
DoS
Other illegal activities by cybercriminals
– Illegal downloads
E.g., copyright infringement
– Scams
– Hacking
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
7
ARE YOU ANONYMOUS
Your IP address can be linked directly to you
– ISPs store communications record
– Data retention laws
You are being tracked
– Cookies
– Browser fingerprinting
– Device fingerprinting
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
8
QUANTIFYING ANONYMITY
How can we calculate how anonymous we
are?
Who sent this
message?
Suspects (Anonymity Set)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
9
QUANTIFYING ANONYMITY
A larger anonymity set means stronger
anonymity
Source: pixabay.com
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
10
SOME TERMS
Unlinkability
– The inability of linking two or more items of
interest
E.g., packets, events, people, actions, etc.
– Three aspects
Sender anonymity: who sent?
Receiver anonymity: who is the destination?
Relationship anonymity: who communicates with
whom?
Unobservability
– The items of interest are indistinguishable from all
other items
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
11
PUBLIC KEY CRYPTO: REVISIT
Safe to distribute the public key KP
– Can only decrypt with the private key KS
– Computationally infeasible to derive KS from KP
<KP, KS>
KP
KP
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
12
ENCRYPTED DATA TRAFFIC
Content is unobservable
– Due to encryption
Source and destination are
trivially linkable
– No anonymity
Data Traffic
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
13
ANONYMISING PROXIES
Proxy Server
Using trusted centralised servers
Hides IP address of users
Users are not anonymous to proxy servers
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
14
ANONYMISING PROXIES:
SENDER ANONYMITY
Proxy Server
Source is unknown
Destination is known
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
15
ANONYMISING PROXIES:
RECEIVER ANONYMITY
Proxy Server
Source is known
Destination is unknown
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
16
ANONYMISING PROXIES:
MALICIOUS PROXY SERVER
Proxy Server
No anonymity
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
17
ANONYMISING PROXIES:
TRAFFIC ANALYSIS
Proxy Server
Statistical analysis of traffic patterns can compromise
anonymity, i.e., timing and/or volume of packets
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
18
SAMPLE QUESTION
Which one of the following statements is FALSE?
a) Data encryption provides unobservability
b) Anonymous proxy offers unlinkability
c) Both a & b
d) Data encryption guarantees anonymity
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
19
SAMPLE QUESTION: ANSWER
Which one of the following statements is FALSE?
a) Data encryption provides unobservability
b) Anonymous proxy offers unlinkability
c) Both a & b
d) Data encryption guarantees anonymity
Answer) d
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
20
DATA TO PROTECT
Personally Identifiable Information (PII)
– Name, address, phone number, etc.
OS and browser information
– Cookies
IP address
Amount of data sent and received
Traffic timing
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
21
MIX NETWORKS
Use a chain of anonymous proxies
Each proxy is known as a Mix
A mix receives messages from a set of
senders, shuffle them, and send to another mix
Originally designed for anonymous email
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
22
MIX PROXIES AND ONION ROUTING
Mixes form a cascade of anonymous proxies
Traffic is protected with layers of encryption
Mix
<KP, KS>
<KP, KS>
<KP, KS>
<KP, KS>
<KP, KS>
<KP, KS>
<KP, KS>
<KP, KS>[KP , KP , KP]
Encrypted
Tunnels
Non-encrypted
data
E(KP , E(KP , E(KP , M))) = C
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
23
ENCRYPTED PATH: ANOTHER VIEW
<KP, KS> <KP, KS> <KP, KS>
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
24
RETURN TRAFFIC
In a mix network, how can the destination respond to
the sender?
During path establishment, the sender places keys at
each mix along the path
– Data is re-encrypted as it travels the reverse path
<KP1 , KS1>
<KP2 , KS2>
<KP3 , KS3>
KP1 KP2KP3
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
25
TO BE CONTINUED
See the next lecture
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
26
Questions?
Thanks for your attention!