105,237 research outputs found
Single-qubit optical quantum fingerprinting
We analyze and demonstrate the feasibility and superiority of linear optical
single-qubit fingerprinting over its classical counterpart. For one-qubit
fingerprinting of two-bit messages, we prepare `tetrahedral' qubit states
experimentally and show that they meet the requirements for quantum
fingerprinting to exceed the classical capability. We prove that shared
entanglement permits 100% reliable quantum fingerprinting, which will
outperform classical fingerprinting even with arbitrary amounts of shared
randomness.Comment: 4 pages, one figur
How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services
Recent studies have shown that Tor onion (hidden) service websites are
particularly vulnerable to website fingerprinting attacks due to their limited
number and sensitive nature. In this work we present a multi-level feature
analysis of onion site fingerprintability, considering three state-of-the-art
website fingerprinting methods and 482 Tor onion services, making this the
largest analysis of this kind completed on onion services to date.
Prior studies typically report average performance results for a given
website fingerprinting method or countermeasure. We investigate which sites are
more or less vulnerable to fingerprinting and which features make them so. We
find that there is a high variability in the rate at which sites are classified
(and misclassified) by these attacks, implying that average performance figures
may not be informative of the risks that website fingerprinting attacks pose to
particular sites.
We analyze the features exploited by the different website fingerprinting
methods and discuss what makes onion service sites more or less easily
identifiable, both in terms of their traffic traces as well as their webpage
design. We study misclassifications to understand how onion service sites can
be redesigned to be less vulnerable to website fingerprinting attacks. Our
results also inform the design of website fingerprinting countermeasures and
their evaluation considering disparate impact across sites.Comment: Accepted by ACM CCS 201
Case study: disclosure of indirect device fingerprinting in privacy policies
Recent developments in online tracking make it harder for
individuals to detect and block trackers. This is especially true for de-
vice fingerprinting techniques that websites use to identify and track
individual devices. Direct trackers { those that directly ask the device
for identifying information { can often be blocked with browser configu-
rations or other simple techniques. However, some sites have shifted to
indirect tracking methods, which attempt to uniquely identify a device
by asking the browser to perform a seemingly-unrelated task. One type
of indirect tracking known as Canvas fingerprinting causes the browser
to render a graphic recording rendering statistics as a unique identifier.
Even experts find it challenging to discern some indirect fingerprinting
methods. In this work, we aim to observe how indirect device fingerprint-
ing methods are disclosed in privacy policies, and consider whether the
disclosures are sufficient to enable website visitors to block the track-
ing methods. We compare these disclosures to the disclosure of direct
fingerprinting methods on the same websites.
Our case study analyzes one indirect ngerprinting technique, Canvas
fingerprinting. We use an existing automated detector of this fingerprint-
ing technique to conservatively detect its use on Alexa Top 500 websites
that cater to United States consumers, and we examine the privacy poli-
cies of the resulting 28 websites. Disclosures of indirect fingerprinting
vary in specificity. None described the specific methods with enough
granularity to know the website used Canvas fingerprinting. Conversely,
many sites did provide enough detail about usage of direct fingerprint-
ing methods to allow a website visitor to reliably detect and block those
techniques.
We conclude that indirect fingerprinting methods are often technically
difficult to detect, and are not identified with specificity in legal privacy
notices. This makes indirect fingerprinting more difficult to block, and
therefore risks disturbing the tentative armistice between individuals and
websites currently in place for direct fingerprinting. This paper illustrates
differences in fingerprinting approaches, and explains why technologists,
technology lawyers, and policymakers need to appreciate the challenges
of indirect fingerprinting.Accepted manuscrip
One-qubit fingerprinting schemes
Fingerprinting is a technique in communication complexity in which two
parties (Alice and Bob) with large data sets send short messages to a third
party (a referee), who attempts to compute some function of the larger data
sets. For the equality function, the referee attempts to determine whether
Alice's data and Bob's data are the same. In this paper, we consider the
extreme scenario of performing fingerprinting where Alice and Bob both send
either one bit (classically) or one qubit (in the quantum regime) messages to
the referee for the equality problem. Restrictive bounds are demonstrated for
the error probability of one-bit fingerprinting schemes, and show that it is
easy to construct one-qubit fingerprinting schemes which can outperform any
one-bit fingerprinting scheme. The author hopes that this analysis will provide
results useful for performing physical experiments, which may help to advance
implementations for more general quantum communication protocols.Comment: 9 pages; Fixed some typos; changed order of bibliographical
reference
k-fingerprinting: a Robust Scalable Website Fingerprinting Technique
Website fingerprinting enables an attacker to infer which web page a client
is browsing through encrypted or anonymized network connections. We present a
new website fingerprinting technique based on random decision forests and
evaluate performance over standard web pages as well as Tor hidden services, on
a larger scale than previous works. Our technique, k-fingerprinting, performs
better than current state-of-the-art attacks even against website
fingerprinting defenses, and we show that it is possible to launch a website
fingerprinting attack in the face of a large amount of noisy data. We can
correctly determine which of 30 monitored hidden services a client is visiting
with 85% true positive rate (TPR), a false positive rate (FPR) as low as 0.02%,
from a world size of 100,000 unmonitored web pages. We further show that error
rates vary widely between web resources, and thus some patterns of use will be
predictably more vulnerable to attack than others.Comment: 17 page
The uncertainties associated with sediment fingerprinting suspended and recently deposited fluvial sediment in the Nene river basin
The use of tracers within a sediment fingerprinting framework has become a commonly used technique for investigating the sources of fine sediment. However, uncertainties associated with tracer behaviour have been cited as major potential limitations to sediment fingerprinting methodologies. This paper aims to determine the differences between fingerprinting results derived using different groups of tracer properties and to determine the role of organic matter content, particle size, and within-source variability in tracer concentrations on the observed differences. A mean difference of 24.1% between the predicted contributions of sediment originating from channel banks was found when using different tracer groups. Mean differences between tracer group predictions were lower, at between 8% and 11%, when fingerprinting contributions from urban street dusts. Organic matter content and / or particle size showed little indication that they caused differences between tracer group predictions. The within-source variability in tracer concentrations and small contrasts between the tracer concentrations of different source groups were identified as probable causes of inherent uncertainty in the fingerprinting predictions. We determined that the ratio of the percentage difference between median tracer concentrations in the source groups and the average within-source tracer concentration coefficient of variation could indicate the likely uncertainty in model predictions prior to tracer use
- …