Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is...
Transcript of Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is...
![Page 1: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/1.jpg)
Anonymous CommunicationMartijn Terpstra & Max Tijssen
![Page 2: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/2.jpg)
Introduction1. Definition of anonymity
2. Reasons
3. Problems
4. Legal issues and implications
5. PETs
6. Crowds
7. I2P
![Page 3: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/3.jpg)
Definition of anonymity
● The state or quality of being anonymous (Dictonary.com).
● Level of anonymity
![Page 4: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/4.jpg)
Definition of anonymity● Anonymity vs pseudonymity
● K - anonymity (Harvard)
● Untraceability
● Unlinkability
![Page 5: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/5.jpg)
Uses of AC
![Page 6: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/6.jpg)
Uses of AC
- Privacy protection- Bypassing oppressive regimes- Whistleblowers (Wikileaks, Snowden)
![Page 7: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/7.jpg)
Uses of AC
- Ability to discuss taboo subjects- Cybercrime (Silk Road)
![Page 8: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/8.jpg)
Issues with AC
● Law enforcement
● Legitimate aims of service providers
● Lack of repercussions for the users
![Page 9: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/9.jpg)
Legal issues and implications
● Certain rights have to be constrained in a society
● Untraceable and unreadable communication
● Produces legal issues and solutions
![Page 10: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/10.jpg)
Art 8. Convention of Fundamental Rights of the European Union
Article 8 – Right to respect for private and family life1. Everyone has the right to respect for his private and family life, his home and his correspondence.
2. There shall be no interference by a public authority with the exercise of this right except such as is in
accordance with the law and is necessary in a democratic society in the interests of national security, public
safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of
health or morals, or for the protection of the rights and freedoms of others.
![Page 11: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/11.jpg)
Whistleblower laws● Recommendation CM/Rec(2014)7 on the protection of whistleblowers
● Council of europe. Not european union! Up to members how and if to implement.
12. The national framework should foster an environment that encourages reporting or disclosure in an open manner. Individuals should feel safe to freely raise public interest concerns.
18. Whistleblowers should be entitled to have the confidentiality of their identity maintained, subject to fair trial guarantees.
![Page 12: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/12.jpg)
Implementation whistleblower legislation
● Dutch (Adviespunt klokkenluiders)○ Anonymous whistleblowing strongly discouraged. Information received
from such a source has lower chance of being acted on.
● UK○ Not (or less likely) protected by Public Interest Disclosure Act
● Portugal○ Anonymity waived if a suspected person is charged.
![Page 13: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/13.jpg)
Data Retention DirectiveArticle 3
Obligation to retain data
1. By way of derogation from Articles 5, 6 and 9 of Directive
2002/58/EC, Member States shall adopt measures to ensure that
the data specified in Article 5 of this Directive are retained in
accordance with the provisions thereof, to the extent that those
data are generated or processed by providers of publicly available
electronic communications services or of a public communica-
tions network within their jurisdiction in the process of supply-
ing the communications services concerned.
![Page 14: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/14.jpg)
Data Retention Directive1. Member States shall ensure that the following categories of
data are retained under this Directive:
(a) data necessary to trace and identify the source of acommunication
(b) data necessary to identify the destination of acommunication
(f) data necessary to identify the location of mobile communi-
cation equipment:
2. No data revealing the content of the communication may be
retained pursuant to this Directive.
![Page 15: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/15.jpg)
Legislation changesHow to deal with anonymity?
● French law (proposed but not enacted)○ Force people to register with their true identity
● US○ U.S. Supreme Court Justice Scalia :“The very purpose of anonymity is
to facilitate wrong by eliminating accountability”[Framkin 1995]. ● UK
○ Banning Tor is neither acceptable nor technically feasible● Sweden
○ Service providers only responsible if messages are clearly illegal.
![Page 16: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/16.jpg)
PETs
Server based Peer to Peer
TOR GNUnet
Crowds I2P
ShadowWalker
Freenet
NetCamo
![Page 17: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/17.jpg)
Crowds
- Users are grouped into crowds- Provides k-anonymity
![Page 18: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/18.jpg)
Crowds
- A user is represented as a Jondo- Jondos contact a server called a Blender- Once a Blender has formed a crowd of
random users, the Blender informs the Jondo's of the crowd they are in
![Page 19: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/19.jpg)
Crowds
- A Jondo will then send his request to a random user in the crowd (possibly himself)
- Any Jondo receiving a request will randomly either send it to yet another Jondo or send it to its destination
- Encryption of messages between Jondos with a key shared by only those two Jondos
![Page 20: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/20.jpg)
![Page 21: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/21.jpg)
Crowds
- The endpoint does not know the origin of a request
- Malicious users could do a denial of service attack
![Page 22: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/22.jpg)
I2P
- Invisible Internet Project- Layered encryption- Garlic routing
![Page 23: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/23.jpg)
I2P
- Mostly focused on hidden services
- Both sender and receiver are anonymous
![Page 24: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/24.jpg)
I2P
- Unidirectional tunnels
- Each node build an inbound and outbound tunnel
![Page 25: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/25.jpg)
Tunnels
- All tunnels are unidirectional- Each party builds 2 tunnels, one inbound,
one outbound- Tunnel creators may use any peers in the
network in any order (and even any number of times) in a single tunnel
![Page 26: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/26.jpg)
I2P
![Page 27: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/27.jpg)
I2P
- Communication through garlic messages- Multiple garlic cloves can be combined into a
single garlic message- Each garlic cloves comes with its own
delivery instructions
![Page 28: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/28.jpg)
Tunnel creation
- List of peers is made based on speed and capacity, updated regularly
- Client picks top tier peers randomly for tunnel creation
![Page 29: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/29.jpg)
Servers
- Identified by cryptographic keys- No DNS
![Page 30: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/30.jpg)
NetDB
- NetDb is distributed via the floodfill algorithm- Floodfill routers- RouterInfos- LeaseSets
![Page 31: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/31.jpg)
RouterInfo
- The router's identity- The contact addresses- When this was published- A set of arbitrary text options- The signature of the above, generated by
the identity's DSA signing key
![Page 32: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/32.jpg)
LeaseSet
- documenting a group of tunnel entry points (leases) for a particular client destination.- The tunnel gateway router (by specifying its identity)- The tunnel ID on that router to send messages with (a 4 byte number)- When that tunnel will expire.
![Page 33: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/33.jpg)
I2P compared to tor
- I2P is designed for hidden services- Unidirectional tunnels- No clear distinction between client and
server- Less popular (k-anonymity), not much
research compared to tor
![Page 34: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/34.jpg)
Conclusion
AC has many uses, both legitimate and illegitimate.
Produces and helps with legal issues.
Many different PETs, all with their own advantage and disadvantages.
![Page 35: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/35.jpg)
TOR refresher- Uses layered encryption to pass through several nodes before reaching destination
- With enough nodes (3) between start and end no single node knows both the start and end.
![Page 36: Communication Anonymousjhh/secsem/2015/anonymous... · Anonymity waived if a suspected person is charged. Data Retention Directive Article 3 Obligation to retain data 1. By way of](https://reader034.fdocuments.net/reader034/viewer/2022050107/5f456709c6b59a4960528234/html5/thumbnails/36.jpg)
TOR refresher
- Prevent man in the middle sniffing
- Hides identity
- Uses own protocol: use of tor is obvious to third party
- End point vulnerability
- (Perhaps explanation of current technical attacks)