• Home

  • Documents

  • Managing NymBoxes for Identity and Tracking Protection David Wolinsky, Daniel Jackowitz, and Bryan...

If you can't read please download the document

Managing NymBoxes for Identity and Tracking Protection David Wolinsky, Daniel Jackowitz, and Bryan Ford Yale University

Tags:

Embed Size (px)

Citation preview

  • Slide 1

Managing NymBoxes for Identity and Tracking Protection David Wolinsky, Daniel Jackowitz, and Bryan Ford Yale University Slide 2 Alice Internet Alices Laptop Surfing the Web Doesnt want her ISP to know her activities Wants to access some services under a pseudonym Others anonymously Slide 3 Alice Internet Alices Laptop Surfing the Web Anonymously Tor offers anonymous communication Adversary could target Tor Adversary prefers the user environment Slide 4 The Leaky Boat Adversary focuses on breaking the user environment not the tool. Slide 5 System enforced isolation Amnesiac browsing sessions Anonymous cloud storage Introducing Nymix Alice Internet Alices Laptop Cloud Storage Nym Slide 6 Outline Attacks Against Privacy Nymix Architecture Defending Against Privacy Attacks Evaluating Nymix Future Directions Slide 7 Application Level Attacks Eves Booby-trap Blog Alice Tor-based Secure Channel Unsecured Channel: Heres my IP Javascript Exploit Freetopia Repressistan Alices Laptop Alice in Repressistan Slide 8 Bob Correlation Attacks Internet Bobs Laptop Bob of Freetopia Slide 9 Confiscation Attacks Carol Carol the Landofopportunian Border patrol Slide 10 Attacks Recap Application-Level Correlation Confiscation Slide 11 Outline Slide 12 System enforced isolation Amnesiac browsing sessions Anonymous cloud storage Data Sanitization Nymix Alice Internet Alices Laptop Cloud Storage Nym Slide 13 Ephemeral Nym Alice Internet Alices Laptop AnonVM CommVM Nym Each Nym starts from the same base state Separate VMs to enforce sandboxing in AnonVM Securely erased upon exit Slide 14 Long-Lived Nyms Alice Internet Alices Laptop AnonVM CommVM Nym Desire persistent state Resetting CommVM state can weaken anonymity 1 Anonymously store/restore from cloud 1 A. Johnson, Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries, CCS 2013 Slide 15 Long-Lived Nyms Alice Internet Alices Laptop AnonVM CommVM Nym Retrieve disks from cloud Close Nym Restore long-lived nym Slide 16 Sharing Data Sanitization No local data directly in a Nym Each Nym has associated Sanitization VM Process: User selects file Prompted for cleaning method Results appear in Nym Alices Laptop User Data Slide 17 Outline Slide 18 Attacks Executed in Nymix Application-Level Correlation Confiscation Slide 19 Application Level Attacks Eves Booby-trap Blog Alice Tor-based Secure Channel Unsecured Channel: Heres my IP Javascript Exploit Freetopia Repressistan Alices Laptop Alice in Repressistan Slide 20 Application Level Attacks Eves Booby-trap Blog Alice Tor-based Secure Channel Javascript Exploit Freetopia Repressistan Alices Laptop Alice in Repressistan Secured Channel: Heres my Tor IP Slide 21 Attacks Executed in Nymix Application-Level Correlation Confiscation Slide 22 Bob Correlation Attacks Internet Bobs Laptop Bob of Freetopia Slide 23 Bob Internet Bobs Laptop Correlation Attacks Bobs Laptop Bob of Freetopia Nym Slide 24 Attacks Executed in Nymix Application-Level Correlation Confiscation Slide 25 Confiscation Attacks Carol Carol the Landofopportunian Border patrol Slide 26 Confiscation Attacks Carol Carol the Landofopportunian Border patrol X Slide 27 Attacks Executed in Nymix Application-Level Correlation Confiscation Slide 28 Outline Slide 29 Implementation Ubuntu 14.04 Qemu (KVM) for virtualization OverlayFS for union file system Google Chromium (required in order to support a circumvention software) Slide 30 Evaluation I7 4 cores at 2.7 GHz 8 GB Ram Connects to a test deployment of Tor 10 Mbit bandwidth 200 ms latency 3 relays Nym memory usage AnonVM 384 MB RAM, 128 MB Disk (stored in RAM) CommVM 128 MB RAM, 16 MB Disk (stored in RAM) Slide 31 CPU Evaluations Slide 32 Memory Usage Slide 33 Network Overhead Slide 34 Outline Slide 35 Nymix is Not a complete solution An exploration of pseudonymity potential with virtualization A research prototype Related work: Tails hardened, amnesiac Whonix, Qubes anonymity-enforced browsing Slide 36 Integration To CommVM or not CommVM Each VM is not cheap Must share a common Tor guard Sharing a common base image Existing approaches are well hardened Many configurations undesirable for AnonVM Persistence Models Store all data in the cloud Default encrypted volume header Slide 37 Further Challenges Fingerprintable CPU VMM timing channels Accessing local hardware Storing data retrieved from the Internet Slide 38 Conclusions Lots of attacks against identity on the Internet Nymix offers a practical solution to offering real pseudonymity on the Internet Lots of attacks outside scope, integrate Our website: http://dedis.cs.yale.edu/dissent/ Github https://github.com/DeDiS/WiNoNhttps://github.com/DeDiS/WiNoN


Heading Off Correlated Failures through …Heading Off Correlated Failures through Independence-as-a-Service Ennan Zhai†, Ruichuan Chen , David Isaac Wolinsky†, Bryan Ford† †Yale

Heading Off Correlated Failures through …Heading Off Correlated Failures through Independence-as-a-Service Ennan Zhai†, Ruichuan Chen , David Isaac Wolinsky†, Bryan Ford† †Yale

Documents
Exploring our World Mr. Sellinger & Mrs. Wolinsky Yarmouth Elementary School Yarmouth, Maine, USA

Exploring our World Mr. Sellinger & Mrs. Wolinsky Yarmouth Elementary School Yarmouth, Maine, USA

Documents
The Beginner's Guide to Quantum Psychology - Stephen H. Wolinsky

The Beginner's Guide to Quantum Psychology - Stephen H. Wolinsky

Documents
Bryan College, Bryan Life, Spring 2013

Bryan College, Bryan Life, Spring 2013

Documents
Quantum consciousness stephen wolinsky

Quantum consciousness stephen wolinsky

Technology
The Blue Cliff Records - Stephen H. Wolinsky Ph. D

The Blue Cliff Records - Stephen H. Wolinsky Ph. D

Documents
Yale University, License Amendment Request. · Yale University OFFICE OF THE PROVOST New Haven, Connecticut 06520 November 5,2008 Mr. Bryan Parker USNRC Region 1 475 Allendale Road

Yale University, License Amendment Request. · Yale University OFFICE OF THE PROVOST New Haven, Connecticut 06520 November 5,2008 Mr. Bryan Parker USNRC Region 1 475 Allendale Road

Documents
18 Wolinsky Tibial Shaft

18 Wolinsky Tibial Shaft

Documents
Reducing Latency in Tor Circuits with Unordered Delivery Michael F. Nowlan, David Wolinsky, and Bryan Ford Yale University Dedis Lab

Reducing Latency in Tor Circuits with Unordered Delivery Michael F. Nowlan, David Wolinsky, and Bryan Ford Yale University Dedis Lab

Documents
Under-investment due to Costly Experimentation - … · 2015-03-05 · Under-investment due to Costly Experimentation Gharad Bryan, Yale University Shyamal Chowdhury Univ of SydneyShyamal

Under-investment due to Costly Experimentation - … · 2015-03-05 · Under-investment due to Costly Experimentation Gharad Bryan, Yale University Shyamal Chowdhury Univ of SydneyShyamal

Documents
Jean-Paul Wolinsky, MD - Feinberg School of Medicine · Jean-Paul Wolinsky, MD The Department of Neurosurgery is pleased to announce that Dr. Jean-Paul Wolinsky, a leading author-ity

Jean-Paul Wolinsky, MD - Feinberg School of Medicine · Jean-Paul Wolinsky, MD The Department of Neurosurgery is pleased to announce that Dr. Jean-Paul Wolinsky, a leading author-ity

Documents
Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University

Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University

Documents
Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University

Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University

Documents
2019 Exceptional Children Services Summer Institute...Bryan School : 111 Bryan : School 112 Bryan : School 117 Bryan : School 121 Bryan : School 122 Bryan School : 132 ... Specialist

2019 Exceptional Children Services Summer Institute...Bryan School : 111 Bryan : School 112 Bryan : School 117 Bryan : School 121 Bryan : School 122 Bryan School : 132 ... Specialist

Documents
Beginners Guide to Quantum Psychology, The - Stephen Wolinsky

Beginners Guide to Quantum Psychology, The - Stephen Wolinsky

Documents
Certificate Cothority: Towards Trustworthy Collective CAs Ewa Syta, Iulia Tamas, Dylan Visher, David Wolinsky, Bryan Ford Yale University HotPETs 2015

Certificate Cothority: Towards Trustworthy Collective CAs Ewa Syta, Iulia Tamas, Dylan Visher, David Wolinsky, Bryan Ford Yale University HotPETs 2015

Documents
IBLINDA L. WOLINSKY, Plaintiff-Appellant, Dist. Ct. No. D ...coa.unm.edu/.../2018/05/docs/Wolinsky-Defendant-Appellees-Answer-Brief.pdf · J\IBLINDA L. WOLINSKY, Plaintiff-Appellant,

IBLINDA L. WOLINSKY, Plaintiff-Appellant, Dist. Ct. No. D ...coa.unm.edu/.../2018/05/docs/Wolinsky-Defendant-Appellees-Answer-Brief.pdf · J\IBLINDA L. WOLINSKY, Plaintiff-Appellant,

Documents
Notes From the "Inner" Bhagavad Geeta - Stephen H. Wolinsky Ph. D

Notes From the "Inner" Bhagavad Geeta - Stephen H. Wolinsky Ph. D

Documents
Vol II: More Notes from the Dream - Stephen H. Wolinsky Ph. D

Vol II: More Notes from the Dream - Stephen H. Wolinsky Ph. D

Documents
Teaching Portfolio Workshop€¦ · Teaching Portfolio Workshop Bryan E. Penprase Professor of Science, Yale-NUS College Director, Centre for Teaching and Learning Bryan.penprase@yale-nus.edu.sg

Teaching Portfolio Workshop€¦ · Teaching Portfolio Workshop Bryan E. Penprase Professor of Science, Yale-NUS College Director, Centre for Teaching and Learning [email protected]

Documents
Dissent in Numbers: Making Strong Anonymity Scale · 2013-04-25 · Dissent in Numbers: Making Strong Anonymity Scale David Isaac Wolinsky, Henry Corrigan-Gibbs, and Bryan Ford Yale

Dissent in Numbers: Making Strong Anonymity Scale · 2013-04-25 · Dissent in Numbers: Making Strong Anonymity Scale David Isaac Wolinsky, Henry Corrigan-Gibbs, and Bryan Ford Yale

Documents
Can You Hide in an Internet Panopticon? · 2020-05-09 · Can You Hide in an Internet Panopticon? Bryan Ford – Yale University working with: David Isaac Wolinsky, Joan Feigenbaum,

Can You Hide in an Internet Panopticon? · 2020-05-09 · Can You Hide in an Internet Panopticon? Bryan Ford – Yale University working with: David Isaac Wolinsky, Joan Feigenbaum,

Documents
The Gateless Gate - Stephen H. Wolinsky Ph. D

The Gateless Gate - Stephen H. Wolinsky Ph. D

Documents
1 WACHTELL, LIPTON, ROSEN & KATZ MARC WOLINSKY (pro …blogs.reuters.com/alison-frankel/files/2015/03/hpautonomy-hpbrief.pdf · WACHTELL, LIPTON, ROSEN & KATZ MARC WOLINSKY (pro hac

1 WACHTELL, LIPTON, ROSEN & KATZ MARC WOLINSKY (pro …blogs.reuters.com/alison-frankel/files/2015/03/hpautonomy-hpbrief.pdf · WACHTELL, LIPTON, ROSEN & KATZ MARC WOLINSKY (pro hac

Documents
1 SID WOLINSKY (California Bar No. 33716) ALISON … TOLLAFIELD (California Bar No. 221170) DISABILITY RIGHTS ADVOCATES 449 Fifteenth Street, Suite 303 ... Sid Wolinsky …

1 SID WOLINSKY (California Bar No. 33716) ALISON … TOLLAFIELD (California Bar No. 221170) DISABILITY RIGHTS ADVOCATES 449 Fifteenth Street, Suite 303 ... Sid Wolinsky …

Documents
Proactively Accountable Anonymous Messaging in Verdict · 2013-09-28 · Proactively Accountable Anonymous Messaging in Verdict Henry Corrigan-Gibbs, David Isaac Wolinsky, and Bryan

Proactively Accountable Anonymous Messaging in Verdict · 2013-09-28 · Proactively Accountable Anonymous Messaging in Verdict Henry Corrigan-Gibbs, David Isaac Wolinsky, and Bryan

Documents
Quantum Consciousness The Guide to Experiencing Quantum Psychology - Stephen Wolinsky

Quantum Consciousness The Guide to Experiencing Quantum Psychology - Stephen Wolinsky

Documents
Learning-by-Doing in Solar Photovoltaic Installations...Learning-by-Doing in Solar Photovoltaic Installations Bryan Bollingery Duke University Kenneth Gillinghamz Yale University April

Learning-by-Doing in Solar Photovoltaic Installations...Learning-by-Doing in Solar Photovoltaic Installations Bryan Bollingery Duke University Kenneth Gillinghamz Yale University April

Documents
Laura Koppes Bryan - University of Baltimore · Laura Koppes Bryan CONTACT INFORMATION Yale Gordon College of Arts and Sciences University of Baltimore 1420 North Charles Street

Laura Koppes Bryan - University of Baltimore · Laura Koppes Bryan CONTACT INFORMATION Yale Gordon College of Arts and Sciences University of Baltimore 1420 North Charles Street

Documents
A TorPath to TorCoin - Yale UniversityA TorPath to TorCoin: Proof-of-Bandwidth Altcoins for Compensating Relays Mainak Ghosh, Miles Richardson, Bryan Ford1, and Rob Jansen2 1 Yale

A TorPath to TorCoin - Yale UniversityA TorPath to TorCoin: Proof-of-Bandwidth Altcoins for Compensating Relays Mainak Ghosh, Miles Richardson, Bryan Ford1, and Rob Jansen2 1 Yale

Documents