Transcript Diapositive 1

Privacy in Content Oriented
Networking:
Threats and countermeasures
Abdelberi Chaabane, Emiliano De Cristofaro,
Mohamed Ali Kaafar, and Ersin Uzun
A brief History of networking
Telephony
1 Interconnecting wires
TCP/IP
2 Interconnecting hosts
3 Interconnecting information
1
Change in Communication Paradigm
• Today Internet struggles
– Scalability
– Mobility
– Security
• Move to Content-oriented Network
– Traffic is already content-oriented
• CDN, overlays, P2P
– Users/applications care “what to receive”
• They don’t care “from whom”
• Host based communication model is getting ‘’outdated’’
2
Notable Content Oriented Networking
Architectures
DONA
NetInf
Network of Information
3
Macro-building blocks
• Named Content
– Objects are named to facilitate data dissemination
and search
• Content Based Routing
– Routing content rather than host
• Content Delivery
– Using multipath routing and leveraging in network
caching
• In Network caching
– All components provide caching capability
4
CCN Operations
5
Contributions
• Systematic study of privacy challenges in CON
– Exposing several worrisome issues
– Proposing some countermeasures
– Highlighting open problems
• Comparing CON to Today’s Internet (TI) from a
privacy perspective
6
Outline
1. Privacy challenges in CON
Cache privacy
Content Privacy
Name privacy
Signature privacy
2. The potential of CON privacy
Anonymity
Censorship Resistance
Untraceability
Data authenticity and confidentiality
7
CON Privacy
Cache Privacy
Name Privacy
-Data is cached in
every hop
-Names are related
to the content
-Infer who
consumed what
- Infer what a user
is consuming
Content Privacy
Signature Privacy
-Encryption is not
mandatory
-Content is signed
-Publicly available
content spied on /
censored
- Identify the
communicating
parties
8
Timing attack
RTTS
Fetch the targeted
content RTTt
RTTC
1. If |RTTt -RTTc| < ε: Content has been fetched by a
neighboring consumer
2. If RTTt > RTTc and RTTt < RTTs: Content has been
recently fetched from the source
3. Otherwise: The target content has not been
consumed
9
Potential Solution
• Wait before reply
– When a content m is fetched, the corresponding RTTm is
stored
– All subsequent requests to m are delayed with RTTm
1. It provably achieves perfect
privacy[1]
2. No assumption about content
correlation/ Network topology
3. Reduced bandwidth
1. Increased the delay
10
1: Acs, G., Conti, M., Gasti, P., Ghali, C., & Tsudik, G. Cache Privacy in Named-Data Networking. ICDCS’13.
Potential Solution
• Delay the first K
– When a content m is fetched, the corresponding RTTm is
stored and a random number K is chosen
– K subsequent requests to m are delayed with RTTm
1. Popular content is not delayed
2. Formal model to quantify the
tradeoff privacy/latency [1]
3. Reduced bandwidth
1. Assumption about content
correlation
2. Increased delay for non
popular content
11
Potential Solution
• Collaborative caching
– Multiple caches collaborate to create a distributed cache
12
Potential Solution
• Collaborative caching
– Multiple caches collaborate to create a distributed cache
1. Increases the anonymity set
2. Increases hit rate
1. Administrative collaboration
2. Potential Delay
13
Content Based Monitoring and
Censorship
• CON routers
– Long-term storage
– Computationally powerful
• ‘Less’ powerful adversary is needed to
perform censorship
14
Potential Solution
• Broadcast encryption
– The producer send an encrypted message to a set of users N
– Only users in N can decrypt the message
1. Content is encrypted once
2. Caching is preserved
3. Fine grained user control
(revocation)
1. Producer generate/store N
keys
2. Producer public key and
cipher text are of size of O(√N)
15
Potential Solution
• Proxy re-encryption
16
Potential Solution
• Proxy re-encryption
1. Content is available for any
user
2. Content is encrypted once
3. Caching is preserved
4. Fine grained user control
(revocation)
1. Asymmetric encryption
17
Monitoring/Tracking
• Content name are semantically correlated
with the content
– E.g. /US/WebMD/AIDS/Symptoms/html
• Unlike HTTPS, content name is not encrypted
as they are used for routing
18
Potential Solution
• Bloom Filter
– Using Bloom filter to obfuscate
the content name:
• A hierarchical Bloom filter for routing table
• A counting Bloom filter for each forwarding
interface
1. Obfuscates content name
2. Small architectural changes
3. Reduce the size of
routing/forwarding tables
1. Introduce false positives
2. BF require periodic resetting
19
Censorship/ Monitoring
• Signature is used to provide guarantee on
provenance and integrity
• This signature can be used to censor/monitor
the content.
20
Potential Solution
• Group Signature
21
Potential Solution
• Group Signature
– Hide the signer in a set of potential signers (signer ambiguity)
Pub Key
Priv Key
Group
Manager
22
Potential Solution
• Group Signature
– Hide the signer in a set of potential signers (signer ambiguity)
1. Signature still verifiable
2. Efficient
1. Presence of a group manager
2. Censorship possible
23
Potential Solution
• Ring Signature
– Hide the signer in a set of potential signers (signer ambiguity)
– Signature is generated from the signer private key and a set
of public key
Pub Key
Priv Key
24
Potential Solution
• Ring Signature
– Hide the signer in a set of potential signers (signer ambiguity)
– Signature is generated from the signer private key and a set
of public key
1. Signer anonymity protected
2. Trustful content
(as long as all signers are
trustworthy)
3. No signers interaction / No
group manager
1. Communication overhead
linear in the size of the ring
2. Censorship possible
25
Outline
1. Privacy challenges in CON
1.
2.
3.
4.
Cache privacy
Content Privacy
Name privacy
Signature privacy
2. The potential of CON privacy
1.
2.
3.
4.
Anonymity
Censorship Resistance
Untraceability
Data authenticity and confidentiality
26
Anonymity
Internet
A Trusted Anonymzing proxy
CON
Natively provided by the
architecture (no SRC/DST)
- A single point of failure
- A Local adversary could monitor all the traffic
Mix Networks e.g. Tor
• 3 Hops to the source
• Low latency
Mix Networks: ANDaNA[2]
• 2 Hops to the source
• Low latency
• Partially disable CON
caching
• CCNx specific
[2] ANDaNA: Anonymous named data networking application. DiBenedetto, S., Gasti, P.,
Tsudik,
G., & Uzun, E. NDSS'12
27
Censorship
Internet
DNS Tempering
CON
Effective in some CON
Host blacklisting
Content (name) blacklisting
DPI (Content blacklisting)
• Strong adversary
• specialized Hardware
Easier in CON:
• Name/Content are not
encrypted
• No need for specialized
hardware
At a single router, censorship appears to be easier in CON
28
Tracking
Internet
Cookies
• Widespread
• Efficient
• Tailored to the business
model
• Using IP and host
fingerprinting
CON
• No same origin policy
• Only dynamic content can
be tracked
• Business model migration
?
Stateless Tracking
-More difficult to carry (no
addresses + caching)
• How to handle security
incident ?
CON is more resilient to tracking but poses new challenges 29
Data authenticity and confidentiality
Internet
One size fits all (SSL)
• Well studied
• Highly optimized
CON
End to End trust model
• Different consumer =
different trust model
• Widely accepted (PKI) or
new trust management
model
30
Take home messages
• Content Oriented Networking Privacy
More resilient to tracking
‘’Weak’’ anonymity as native feature
Possibly more vulnerable to censorship
Some privacy challenges due to caches, naming,
signatures
31
32