Anonymity on the Internet

Presented by Randy Unger

Types of Anonymity

Pseudonymity– Susceptible to subpoenas

Sender– Receiver / observer can’t

identify sender Receiver

– Observer can’t identify receiver Sender-receiver

– Observer can’t identify that communication has been sent

Uses of Anonymity

Positive Free speech for political claims as well as non-political

comments engage in whistle-blowing conduct commercial transactions freedom from detection, retribution, and embarrassment New York Times Co. vs. Sullivan, 1964

"an author's decision to remain anonymous...is an aspect of the freedom of speech protected by the First Amendment"

Uses of Anonymity

Negative Spam DoS - Illegal activity – anonymous bribery,

copyright infringement, harassment, financial scams, disclosure of trade secrets

Assumptions

Weak attacker– Eavesdrops on first and last hop– Can introduce messages here

Strong attacker– Eavesdrops on all links– Can introduce messages anywhere

Attacker has finite time, computing power Multiple users

Types of Attackers

Local eavesdropper– Observes inbound and outbound messages on

user’s computer

Administrator– Operator or group of operators of anonymizing

systems attempting to foil their own system

Remote attack– Observation at the remote end by eavesdropper or

attack by the remote host

Attacks

Timing Attack, Volume Attack– Watches shape of traffic instead of content

Flooding Attack– With batch size n, attacker sends n-1 messages

Usage Pattern Attack– Consistent usage patterns leads to predictability

Levels of Anonymity

AbsolutePrivacy

BeyondSuspicion

ProbableInnocence

PossibleInnocence

Exposed ProvablyExposed

•Beyond Suspicion•Attacker can see evidence of a sent message, but the sender appears no more likely to be the originator than any other potential sender in the system

•Probable Innocence•The sender is more likely the originator than any other potential sender, but there is equal likelihood the sender is not the originator

•Possible Innocence•The sender appears more likely to be the originator than to not be the originator, but there’s still a non-trivial probability that the originator is someone else

Capabilities

Latency, Bandwidth, Anonymity– Pick 2

Human element– Repetitive usage patterns make attacks easier– Pizza effect

Proxy Anonymizers

Use trusted centralized servers Anonymous remailers - Helsingius Anonymizer.com

Hides IP address - NAT Users not anonymous to proxy server Susceptible to traffic analysis

Mixes

Source routing chosen by user Shuffles order of packets Mix cascade consists of several mixes under

separate operators Encrypted for each mix in the path Processes packets in batches Used to counter traffic analysis

Mixes

A1, C1(A3, C3(A2, C2(S, M, r2), r3), r1)

A3, C3(A2, C2(S, M, r2), r3)

A2, C2(S, M, r2)

S, M

Mix 1

Mix 4Mix 3

Mix 2

1.

2.

3.

4.

1.

2.

3.

4.

Ai = Next Hop AddressCi = Message encrypted with public key of Mix iS = Destination Host addressM = Original message

Mixes

Fine for non real-time (email) Not sufficient for VoIP, video, web Mix waits to accumulate inputs to process as

a batch (especially slow for low traffic)

Enhancements

Messages all the same length Buffers messages until several can be sent at

once Dummy messages inserted

– Between mixes– Between mixes and user

Balance end to end throughput with anonymity– Duration to wait for mixes to accumulate traffic– Percentage of dummy traffic

P5

Decentralized– Harder to attack

Allows choice of tradeoff between anonymity / throughput

Encrypted with public key of each node in route Nodes change packet order Fixed message size Users have broadcast map and route map Noise packets counter statistical traffic analysis

User A

User B

User A can send an anonymous message to User B via group */0, 1/1, 111/3, etc

User A can route messages between 00/2 and 01/2

Broadcast hierarchy independent of network topology

01/2 is a subset of */0 – more efficient but less anonymous

Hash of User’s public key provides choice of groups.

P5

Within a channel, P5 functions as a mix cascade Between channels, P5 provides greater anonymity per

bandwidth– For 8192 users, 1.5 Mbps provides 200Kbps with 40% loss

Resistant to Timing/Volume and DoS attacks Susceptible to Flood Attack (Mob Attack)

– User’s channel is flooded, prompting him to reveal more of his mask to gain efficiency, thereby reducing his anonymity

Conclusion

Costly to be anonymous– Tradeoff with throughput

Can not be completely anonymous anyway– No protection from monitoring usage patterns

Aside from this, practical anonymity can be achieved