Transcript Anonymous Communication -

Anonymous Communication
-- a brief survey
Pan Wang
North Carolina State University
1
Outline
•
•
•
•
Why anonymous communication
Definitions of anonymities
Traffic analysis attacks
Some anonymous communication protocols for
Internet
• Some anonymous communication schemes for
MANET and sensor networks
• Potential research problems
2
Why Anonymous Communication
• Privacy issue
• Some covert missions may require anonymous
communication
• In hostile environments, end-hosts may need
hidden their communications to against being
captured
3
Anonymity in terms of unlinkability*
• Sender anonymity
– A particular message is not linkable to any sender and that
to a particular sender, no message is linkable
• Recipient anonymity
– A particular message cannot be linked to any recipient and
that to a particular recipient, no message is linkable
• Relationship anonymity
– The sender and the recipient cannot be identified as
communicating with each other, even though each of them
can be identified as participating in some communication.
•
A. Pfizmann and M. Waidner, Networks without User Observability.
Computers & Security 6/2 (1987) 158-166
4
Traffic Analysis Attacks against an
Anonymous Communication System
• Contextual attacks
– Communication pattern attacks
– Packet counting attacks
– Intersection attack
•
•
•
•
•
Brute force attack
Node flushing attack
Timing attacks
Massage tagging attack
On flow marking attack
5
Some Anonymous Communication
Protocols for Internet
• Mix-NET
– Feb 1981, D. Chaum
• Crowd
– June 1997, Michael K. Reiter and Aviel D. Rubin
• Tarzan
– Nov 2002, Michael J. Freedman and Robert Morris
• K-Anonymous Message Transmission
– Oct, 2003, Luis von Ahn, Andrew Bortz and
Nicholas J. Hopper
6
Mix-NET*
• Basic idea:
– Traffic sent from sender to destination should pass one or
more Mixes
– Mix relays data from different end-to-end connections,
reorder and re-encrypt the data
– So, incoming and outgoing traffic cannot be related
•
*D. Chaum, Untraceable Electric Mail, Return Address and Digital Pseudonyms,
Communication of A.C.M 24.2 (Feb 1981), 84-88
7
Mix-NET (cont-1)
8
Mix-NET (cont-2)
•MIX1
•MIX2
•MIX3
Trust one mix server: the entire
Mix-NET provides anonymity
9
Crowds*
•
P2P anonymizer network for Web
Transactions
•
Uses a trusted third party (TTP) as
centralized crowd membership server
(“blender”)
•
Provides sender anonymity and relationship
anonymity
*M. Reiter and A. Rubin, Crowd: Anonymity for Web Transactions. ACM
Transactions on Information and System Security, 1(1) June 1998
10
Crowd (cont)
A nodes decide randomly whether to forward the
request to another node or to send it to the server
Webserver
11
Tarzan*
• All nodes act as relays, Mix-net encoding
• Each node selects a set of mimics
• Tunneling data traffic through mimics
• Exchanging cover traffic with mimics
– Constant packet sending rate and uniformed packet size
• Network address translator
• Anonymity against corrupt relays and global
eavesdropping
M. Freedman and R. Morris, Tarzan: A Peer-to-Peer Anonymizing Network Layer,
CCS 2002, Washington DC
12
Tarzan (cont-1)
PNAT
User
13
Tarzan (Cont-2)
PNAT
User
Real
IP
Address
Tunnel Private Address
Public
Alias
Address
14
k-Anonymous Message Transmission*
• Based on secure multiparty sum protocol
• Local group broadcast
• The adversaries, trying to determine the
sender/receiver of a particular message, cannot
narrow down its search to a set of k suspects
• Robust against selective non-participations
•
L.Ahn, A.Bortz and N.Hopper, k-Anonymous Message Transmission, CCS 2003,
Washington DC
15
k-Anonymous Message Transmission (cont)
•Group-D
•Group-S
16
Some anonymous communication schemes
for MANET and sensor networks
• Anonymous on demand routing (ANODR)
– Jun 2003, Jiejun Kong and Xiaoyan Hong
• Phantom flooding protocol
– Jun 2005, Pandurang Kamat, Yanyong Zhang,
Wade Trappe and Celal Ozturk
17
ANODR*
• Assuming salient adversaries
• Broadcast with trapdoor
• Route pseudonym
•
J.Kong and X.Hong, ANODR: Anonymous On Demand Routing with Untraceable for
Mobile Ad-hoc Networks, MobiHoc, 2003, Annapolis, MD
18
ANODR (cont)
19
Source-Location Privacy in Sensor network
• Network model:
– A sensor reports its measurement to a centralized
base station (sink)
• Attack model:
– Adversaries may use RF localization to hop-byhop traceback to the source’s location
• Why location privacy
20
Phantom Flooding Protocol*
• Random work plus local broadcast
P. Kamat, et. al., Enhancing Source-Location Privacy in Sensor Network Routing,
ICDCS 2005, Columbus, OH
21
Potential Research Problems
• Anonymity vs accountability
• Detect malicious users
• Efficiency vs anonymity
• More?
22
Questions?
23