Upload
nat
View
33
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Privacy in Content Oriented Networking: Threats and countermeasures . Abdelberi Chaabane, Emiliano De Cristofaro , Mohamed Ali Kaafar , and Ersin Uzun. A brief History of networking. 3 Interconnecting information. Telephony. TCP/IP. 2 Interconnecting hosts. - PowerPoint PPT Presentation
Citation preview
Privacy in Content Oriented Networking: Threats and countermeasures
Abdelberi Chaabane, Emiliano De Cristofaro, Mohamed Ali Kaafar, and Ersin Uzun
2
3 Interconnecting information2 Interconnecting hosts1 Interconnecting wires
Telephony TCP/IP
A brief History of networking
3
Change in Communication Paradigm
• Today Internet struggles – Scalability– Mobility– Security
• Move to Content-oriented Network– Traffic is already content-oriented
• CDN, overlays, P2P– Users/applications care “what to receive”
• They don’t care “from whom”• Host based communication model is getting ‘’outdated’’
4
Notable Content Oriented Networking Architectures
NetInfNetwork of Information
DONA
5
Macro-building blocks
• Named Content– Objects are named to facilitate data dissemination and
search • Content Based Routing– Routing content rather than host
• Content Delivery– Using multipath routing and leveraging in network
caching• In Network caching– All components provide caching capability
6
CCN Operations
7
Contributions
• Systematic study of privacy challenges in CON– Exposing several worrisome issues– Proposing some countermeasures– Highlighting open problems
• Comparing CON to Today’s Internet (TI) from a privacy perspective
8
Outline
1. Privacy challenges in CONCache privacyContent PrivacyName privacySignature privacy
2. The potential of CON privacyAnonymityCensorship ResistanceUntraceabilityData authenticity and confidentiality
9
CON PrivacyCache Privacy
-Data is cached in every hop
-Infer who consumed what
Name Privacy
-Names are related to the content
- Infer what a user is consuming
Signature Privacy
-Content is signed
- Identify the communicating parties
Content Privacy
-Encryption is not mandatory
-Publicly available content spied on / censored
10
Timing attackRTTS
RTTCFetch the targetedcontent RTTt
1. If |RTTt -RTTc| < ε: Content has been fetched by a neighboring consumer
2. If RTTt > RTTc and RTTt < RTTs: Content has been recently fetched from the source
3. Otherwise: The target content has not been consumed
11
Potential Solution
• Wait before reply– When a content m is fetched, the corresponding RTTm is stored
– All subsequent requests to m are delayed with RTTm
1. Increased the delay1. It provably achieves perfect privacy[1]
2. No assumption about content correlation/ Network topology
3. Reduced bandwidth
1: Acs, G., Conti, M., Gasti, P., Ghali, C., & Tsudik, G. Cache Privacy in Named-Data Networking. ICDCS’13.
12
Potential Solution
• Delay the first K– When a content m is fetched, the corresponding RTTm is stored and a
random number K is chosen – K subsequent requests to m are delayed with RTTm
1. Assumption about content correlation
2. Increased delay for non popular content
1. Popular content is not delayed2. Formal model to quantify the
tradeoff privacy/latency [1]3. Reduced bandwidth
13
Potential Solution• Collaborative caching– Multiple caches collaborate to create a distributed cache
14
Potential Solution• Collaborative caching– Multiple caches collaborate to create a distributed cache
1. Administrative collaboration 2. Potential Delay
1. Increases the anonymity set2. Increases hit rate
15
Content Based Monitoring and Censorship
• CON routers – Long-term storage– Computationally powerful
• ‘Less’ powerful adversary is needed to perform censorship
16
Potential Solution
• Broadcast encryption– The producer send an encrypted message to a set of users N – Only users in N can decrypt the message
1. Producer generate/store N keys
2. Producer public key and cipher text are of size of O(√N)
1. Content is encrypted once2. Caching is preserved 3. Fine grained user control
(revocation)
17
Potential Solution
• Proxy re-encryption
18
Potential Solution
• Proxy re-encryption
1. Asymmetric encryption 1. Content is available for any user
2. Content is encrypted once3. Caching is preserved4. Fine grained user control
(revocation)
19
Monitoring/Tracking
• Content name are semantically correlated with the content– E.g. /US/WebMD/AIDS/Symptoms/html
• Unlike HTTPS, content name is not encrypted as they are used for routing
20
Potential Solution
• Bloom Filter– Using Bloom filter to obfuscate
the content name:• A hierarchical Bloom filter for routing table• A counting Bloom filter for each forwarding
interface
1. Introduce false positives2. BF require periodic resetting
1. Obfuscates content name2. Small architectural changes3. Reduce the size of
routing/forwarding tables
21
Censorship/ Monitoring
• Signature is used to provide guarantee on provenance and integrity
• This signature can be used to censor/monitor the content.
22
Potential Solution
• Group Signature
• Group Signature
23
Potential Solution
• Group Signature– Hide the signer in a set of potential signers (signer ambiguity)
Group Manager
Pub Key
Priv Key
24
Potential Solution
• Group Signature– Hide the signer in a set of potential signers (signer ambiguity)
1. Presence of a group manager2. Censorship possible
1. Signature still verifiable2. Efficient
25
Potential Solution
• Ring Signature– Hide the signer in a set of potential signers (signer ambiguity)– Signature is generated from the signer private key and a set of
public key
Pub Key
Priv Key
26
Potential Solution
• Ring Signature– Hide the signer in a set of potential signers (signer ambiguity)– Signature is generated from the signer private key and a set of
public key
1. Communication overhead linear in the size of the ring
2. Censorship possible
1. Signer anonymity protected2. Trustful content (as long as all signers are trustworthy)
3. No signers interaction / No group manager
27
Outline
1. Privacy challenges in CON1. Cache privacy2. Content Privacy3. Name privacy4. Signature privacy
2. The potential of CON privacy1. Anonymity2. Censorship Resistance3. Untraceability4. Data authenticity and confidentiality
28
Anonymity
A Trusted Anonymzing proxy Natively provided by the architecture (no SRC/DST)
- A single point of failure- A Local adversary could monitor all the traffic
Mix Networks e.g. Tor• 3 Hops to the source• Low latency
Mix Networks: ANDaNA[2]• 2 Hops to the source• Low latency• Partially disable CON
caching• CCNx specific
Internet CON
[2] ANDaNA: Anonymous named data networking application. DiBenedetto, S., Gasti, P., Tsudik, G., & Uzun, E. NDSS'12
29
Censorship
DNS Tempering Effective in some CON
Easier in CON:• Name/Content are not
encrypted• No need for specialized
hardware
At a single router, censorship appears to be easier in CON
Internet CON
Host blacklisting Content (name) blacklisting
DPI (Content blacklisting)• Strong adversary• specialized Hardware
30
Tracking
Cookies
• No same origin policy• Only dynamic content can
be tracked• Business model
migration ?
CON is more resilient to tracking but poses new challenges
Internet CON
-More difficult to carry (no addresses + caching)• How to handle security
incident ?
• Using IP and host fingerprinting
Stateless Tracking
• Widespread • Efficient • Tailored to the business
model
31
Data authenticity and confidentiality
One size fits all (SSL)• Well studied • Highly optimized
End to End trust model • Different consumer =
different trust model• Widely accepted (PKI) or
new trust management model
Internet CON
32
Take home messages
• Content Oriented Networking PrivacyMore resilient to tracking‘’Weak’’ anonymity as native feature
Possibly more vulnerable to censorship Some privacy challenges due to caches, naming, signatures
33