Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz

advertisement 
CMSC 414
Computer and Network Security
Lecture 20
Jonathan Katz
Administrative items
 Midterm next week
– Based on everything from last midterm through today
Zero knowledge (ZK)
 ZK proofs can offer deniability and secrecy
 A zero-knowledge protocol for graph 3-
colorability
 Warning: the aim here is simplicity, and many
subtleties and details are purposely being ignored
Applications of zero-knowledge
 (Deniable) authentication
– Generalization of the protocol we saw last time
– Again, many subtleties and details omitted!
 Anonymous credentials
 Group signatures/trusted computing
Anonymity vs. pseudonymity
 Anonymity
– No one can identify the source of any messages
– Unlinkability – cannot even tell that messages
originated from the same person
 Pseudonymity
– No one can identify the source of a set of messages…
– …but they can tell that they all came from the same
person, with a known pseudonym
 There is a broad scale of achievable anonymity…
– Best you can hope for is limited by the network size!
Traffic analysis
 May be possible to learn who is communicating
with whom using traffic analysis
 Typically, even if communication is encrypted the
headers are not
– Need unencrypted headers for routing
 How is it possible to communicate anonymously?
Anonymous communication
 You are sitting around a table with n people
 How do you send an anonymous message to
another person?
 How do you broadcast a message to everyone
without revealing your identity?
– Linear-round protocol?
– Constant-round protocol (DC-nets)
 Is this secure only for “honest-but-curious”
behavior, or also for malicious behavior?
Anonymizers
 Single anonymizer proxy…
 How to achieve bidirectional communication
– Note: one side need not know the other
 Anonymizers already exist!
– Email
– http
Anonymizers
 Issues/drawbacks?
– Robustness
– Useful for hiding the source from the destination; less
useful for preventing full-fledged traffic analysis…
• Unless encryption is used, which it typically would not be
 Possible attacks
– Latency vs. timing correlation
• 0-latency solution using spurious messages?
– One user sending multiple messages to the same server
– Message sizes
– Replay attacks
Related documents
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz
Get Involved!
Get Involved!
Taxonomy of Identity, Anonymity and Pseudonymity
Taxonomy of Identity, Anonymity and Pseudonymity
7-3 Some things I enjoyed about this were . . .
7-3 Some things I enjoyed about this were . . .
3 Signs of a Miserable Job
3 Signs of a Miserable Job
lake area club schedule
lake area club schedule
Our objective ought to be to have a good army rather than a large one
Our objective ought to be to have a good army rather than a large one
Tradition Eleven - Alcoholics Anonymous
Tradition Eleven - Alcoholics Anonymous
Anonymity on the Internet Presented by Randy Unger
Anonymity on the Internet Presented by Randy Unger
Anonymity and Pseudonymity in Cyberspace
Anonymity and Pseudonymity in Cyberspace
The 29th Annual ACM-ICPC World Finals
The 29th Annual ACM-ICPC World Finals
Download
advertisement