Network Forensics and Privacy Enhancing Technologies “living” together in harmony

Privacy Enhancing Technology (PET) is the technology responsible to hide the identification of Internet users, whereas network forensics is a technology responsible to reveal the identification of Internet users who perform illegal actions through the Internet. The paper identifies the collision of these opposite-goal technologies and describes what happens in case they come across. Can a Network Forensics protocol discover the identification of an Internet user who is trying to be anonymous behind a PET? The paper also proposes a way to bridge and eliminate the gap between these two technologies

Uncontrollable Privacy - The right that every attacker desires

The request of the Internet users enjoying privacy during their e-activities enforces the Internet society to develop techniques which offer privacy to the Internet users, known as Privacy Enhancing Technologies (PETs). Among the Internet users, there are attackers who desire more than anything else to enjoy privacy during their malicious actions, and a PET is what they were looking for. Thus, although a PET should offer privacy to the internet users, proper techniques should also be employed in order to help the victims during the investigation procedure and unveil the identification of the attackers. The paper summarizes the current design issues of PETs and introduces additional issues in order to offer forensic investigation services. To the best of our knowledge this is the first attempt which it proves (the obvious) that the existing PETs do not meet accountability requirements. By knowing explicitly the reasons the PETs are inefficient offering accountability, it is the most appropriate way to make PETs offering higher level of accountability without decreasing the level of the privacy offered

PPINA -A Forensic Investigation Protocol for Privacy Enhancing Technologies

Abstract. Although privacy is often seen as an essential right for internet users, the provision of anonymity can also provide the ultimate cover for malicious users. Privacy Enhancing Technologies (PETs) should not only hide the identity of legitimate users but also provide means by which evidence of malicious activity can be gathered. This paper proposes a forensic investigation technique, which can be embedded in the framework of existing PETs , thereby adding network forensic functionality to the PET. This approach introduces a new dimension to the implementation of Privacy Enhancing Technologies, which enhances their viability in the global network environment

PPINA -A Forensic Investigation Protocol for Privacy Enhancing Technologies

Abstract. Although privacy is often seen as an essential right for internet users, the provision of anonymity can also provide the ultimate cover for malicious users. Privacy Enhancing Technologies (PETs) should not only hide the identity of legitimate users but also provide means by which evidence of malicious activity can be gathered. This paper proposes a forensic investigation technique, which can be embedded in the framework of existing PETs , thereby adding network forensic functionality to the PET. This approach introduces a new dimension to the implementation of Privacy Enhancing Technologies, which enhances their viability in the global network environment

ANDaNA: Anonymous Named Data Networking Application

Content-centric networking -- also known as information-centric networking (ICN) -- shifts emphasis from hosts and interfaces (as in today's Internet) to data. Named data becomes addressable and routable, while locations that currently store that data become irrelevant to applications. Named Data Networking (NDN) is a large collaborative research effort that exemplifies the content-centric approach to networking. NDN has some innate privacy-friendly features, such as lack of source and destination addresses on packets. However, as discussed in this paper, NDN architecture prompts some privacy concerns mainly stemming from the semantic richness of names. We examine privacy-relevant characteristics of NDN and present an initial attempt to achieve communication privacy. Specifically, we design an NDN add-on tool, called ANDaNA, that borrows a number of features from Tor. As we demonstrate via experiments, it provides comparable anonymity with lower relative overhead.Comment: NDSS 2012 - Proceedings of the Network and Distributed System Security Symposium, San Diego, California, US

A Survey on Routing in Anonymous Communication Protocols

The Internet has undergone dramatic changes in the past 15 years, and now forms a global communication platform that billions of users rely on for their daily activities. While this transformation has brought tremendous benefits to society, it has also created new threats to online privacy, ranging from profiling of users for monetizing personal information to nearly omnipotent governmental surveillance. As a result, public interest in systems for anonymous communication has drastically increased. Several such systems have been proposed in the literature, each of which offers anonymity guarantees in different scenarios and under different assumptions, reflecting the plurality of approaches for how messages can be anonymously routed to their destination. Understanding this space of competing approaches with their different guarantees and assumptions is vital for users to understand the consequences of different design options. In this work, we survey previous research on designing, developing, and deploying systems for anonymous communication. To this end, we provide a taxonomy for clustering all prevalently considered approaches (including Mixnets, DC-nets, onion routing, and DHT-based protocols) with respect to their unique routing characteristics, deployability, and performance. This, in particular, encompasses the topological structure of the underlying network; the routing information that has to be made available to the initiator of the conversation; the underlying communication model; and performance-related indicators such as latency and communication layer. Our taxonomy and comparative assessment provide important insights about the differences between the existing classes of anonymous communication protocols, and it also helps to clarify the relationship between the routing characteristics of these protocols, and their performance and scalability

Walking Onions: Scaling Distribution of Information Safely in Anonymity Networks

Scaling anonymity networks offers unique security challenges, as attackers can exploit differing views of the network’s topology to perform epistemic and route capture attacks. Anonymity networks in practice, such as Tor, have opted for security over scalability by requiring participants to share a globally consistent view of all relays to prevent these kinds of attacks. Such an approach requires each user to maintain up-to-date information about every relay, causing the total amount of data each user must download every epoch to scale linearly with the number of relays. As the number of clients increases, more relays must be added to provide bandwidth, further exacerbating the total load on the network. In this work, we present Walking Onions, a set of protocols improving scalability for anonymity networks. Walking Onions enables constant-size scaling of the information each user must download in every epoch, even as the number of relays in the network grows. Furthermore, we show how relaxing the clients’ bandwidth growth from constant to logarithmic can enable an outsized improvement to relays’ bandwidth costs. Notably, Walking Onions offers the same security properties as current designs that require a globally consistent network view. We present two protocol variants. The first requires minimal changes from current onion-routing systems. The second presents a more significant design change, thereby reducing the latency required to establish a path through the network while providing better forward secrecy than previous such constructions. We evaluate Walking Onions against a generalized onion-routing anonymity network and discuss tradeoffs among the approaches

Combinatorial structures for anonymous database search

This thesis treats a protocol for anonymous database search (or if one prefer, a protocol for user-private information retrieval), that is based on the use of combinatorial configurations. The protocol is called P2P UPIR. It is proved that the (v,k,1)-balanced incomplete block designs (BIBD) and in particular the finite projective planes are optimal configurations for this protocol. The notion of n-anonymity is applied to the configurations for P2P UPIR protocol and the transversal designs are proved to be n-anonymous configurations for P2P UPIR, with respect to the neighborhood points of the points of the configuration. It is proved that to the configurable tuples one can associate a numerical semigroup. This theorem implies results on existence of combinatorial configurations. The proofs are constructive and can be used as algorithms for finding combinatorial configurations. It is also proved that to the triangle-free configurable tuples one can associate a numerical semigroup. This implies results on existence of triangle-free combinatorial configurations

Estudo e implementação de redes de comunicação anônima e aplicação ao sistema de votação digital OSTRACON

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico. Programa de Pós-Graduação em Ciência da Computação.Em muitos casos de uso de sistemas em rede o anonimato da comunicação apresenta-se como um requisito desejado. Este trabalho tem como tema principal as técnicas para comunicação anônima. Para um melhor conhecimento do problema do anonimato foram pesquisadas formas de ataque ao anonimato, e mecanismos de defesa para tais ataques. As técnicas para comunicação anônima foram estudadas e avaliadas quanto a eficácia no combate aos ataques, e quanto ao provimento de comunicação anônima. Com base nas técnicas pesquisadas, foi proposta uma implementação de uma rede para comunicação anônima. Com a implementação realizada foi possível medir a performance da rede com ênfase nas operações criptográficas necessárias, e avaliar a aplicação prática da técnica escolhida no Sistema Ostracon, um sistema de votação digital desenvolvido no Laboratório de Segurança em Computação da Universidade Federal de Santa Catarina