VoIP Tracing Active De-anonymization of Streams. Timing Attacks [LRWW ’04] “Normal” flows...

VoIP Tracing

Active De-anonymization of Streams

Timing Attacks [LRWW ’04]

• “Normal” flows– e.g. HTTP, FTP, SSH– Think times dominate– Very easy to do timing analysis

• Constant rate flows– 10 pkts/sec = 1 pkt. every 0.1 sec– All streams look the same– Correlations are poor

• dropped pkts help

VoIP

• Similar to constant rate– high rate of pkts (every 20 or 30 ms)– steady flow– no “think times”

• Thus– hard to do end-to-end timing analysis

Key Results

• ?

A Simple Idea

Trent’s Anonymity Service

A

B

C

X

Y

Z

Caveats

• VoIP– time-critcal– Why do we care if we degrade the phone

service of the terrorists?

Watermarking

• No DRM– 1. Alice sells a song online– 2. Mallory & many others buy the song– 3. Mallory puts the song on Kazaa– 4. Alice gets angry

• But doesn’t know who did it

Watermarking

• DRM– 1. Alice sells a song online

• Each copy has a special, hard-to-see, hard-to-remove “stamp”

– 2. Mallory & many others buy the song– 3. Mallory puts the song on Kazaa– 4. Alice gets angry– 5. Alice checks the stamp– 6. Mallory goes to jail

Watermarking Packets

• Content-based– Embed the stamp in the data

• Ideally based on a key

– Very hard to remove the stamp• unless you have a key

• Cannot change the packet– Why not?

• What can you change?

Algorithm

• Select about 2r packets at random– independently selected

• Select a distance d• Look at delays

– between packet x and x+d

• Split the 2r delays into two sets– A and B

Algorithm 2

• The differences should be zero– A(i) - B(j) = 0, on average– The actual value is a random variable– distribution: symmetric, centered on 0

• redundancy: number of differences used

• Embedding the “stamp”– increase or decrease the average– which one = which bit (0 or 1)