Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz

advertisement 
CMSC 414
Computer and Network Security
Lecture 21
Jonathan Katz
Administrative items
 Midterm next week
– Based on everything from last midterm through today
 Discussion of HW2…
Anonymous communication
Anonymizers
 Single anonymizer proxy…
 How to achieve bidirectional communication
– Note: one side need not know the other
 Anonymizers already exist!
– Email
– http
Anonymizers
 Issues/drawbacks?
– Robustness
– Useful for hiding the source from the destination; less
useful for preventing full-fledged traffic analysis…
• Unless encryption is used, which it typically would not be
 Possible attacks
– Latency vs. timing correlation
• 0-latency solution using spurious messages?
– One user sending multiple messages to the same server
– Message sizes
– Replay attacks
Onion routing
 Use multiple servers…
 Send “onions”; strip off a layer at each hop
– Only the initiator knows the entire route!
 Bidirectional communication?
– Routing tables
– Reply onions (pre-compute keying material)
 Security issues?
– Payload sizes? (Use random padding)
– Forward secrecy
– Is it suspicious to contact an onion router?
Peer-to-peer anonymizers
 Every node can act as an onion router!
 Why does this improve anonymity?
Tor
 All nodes also act as proxies
 Negotiate pairwise keys between links
– Forward secrecy
 Routes maintained for ~10 minutes, then refreshed
 Even the initiator does not know the path
Mix Nets
 Useful as a tool within specific protocols
– Primarily voting
 Each mix-net server receives a set of encrypted
votes, “randomizes” and permutes them, and
forwards then along to the next server
– How to prove correctness?
Covert channels
 Anonymous communication is also possible using
covert channels
– May not even leak the fact that communication is
happening at all!
– May be a route for communication that is disallowed
 Examples
– Sending a print job
– TCP timestamps/sequence numbers
– Timeslicing
Steganography
 E.g., embed messages into low-order bits of
images
 More securely, use rejection sampling on any
source
Kleptography
 Embed a covert channel (into crypto
software/hardware) that leaks the secret key!
 Known to be possible for standard crypto
algorithms…
Related documents
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz
Midterm Study Guide
Midterm Study Guide
"Valentine" by Carol Ann Duffy
"Valentine" by Carol Ann Duffy
Microscope Lab Analysis Questions: 1. What is the advantage of
Microscope Lab Analysis Questions: 1. What is the advantage of
Onion Root Tip Online Lab Activity
Onion Root Tip Online Lab Activity
PPT - Kendriya Vidyalaya Sangathan
PPT - Kendriya Vidyalaya Sangathan
Onions-Layers of Health Benefits
Onions-Layers of Health Benefits
Midterm Practice Problems
Midterm Practice Problems
Download
advertisement