Anonymous Communication On the Internet
Paperwork & Practical Presentation 03 July 2006 Ruben-Darius MOLDOVAN
Introduction Anonymous Communication On the Internet
• Why do we talk about anonymity? Anonymity = Privacy on Internet Big Brothers on Internet (e.g. Echelon, gov/nongov ITA(s)- Information Total Awareness) Google? Privacy Organizations (e.g.. EEF, EPIC, ACLU, GILC, other 14 important ones) Anonymous Services Over 23 known Commercial companies (e.g. Anonymizer) Over 17 popular anonymity projects (e.g. Tor, Remailers) • One by American Association for the Advancement of Science
Anonymity exits just in a certain degree Anonymity protects Freedom of Speech and other Human Rights
Introduction Anonymous Communication On the Internet Anonymity Agenda I
General Information
II
What does Anonymity
III
Short History
IV
Anonymity my Way
V
Bibliography
To communicate anonymously is a basic constitutional right. An anonymous telephone conversation or participating anonymously in a newsgroup or even sending an anonymous letter to the editor of a newspaper is allowed in a democratic society, even if the points of view expressed by someone are very controversial.
General Information Anonymous Communication On the Internet Agenda I
General Information
II
What does Anonymity
What is Anonymity
III
Short History
Anonymity terms
IV
Anonymity my Way
Anonymity gateways
V
Bibliography
General Information – What is Anonymity Anonymous Communication On the Internet
• Origin Greece: meaning “nameless” / “without a name” • Often confused with: privacy and confidence
• Anonymity is most known as the propriety of a certain person to have his credentials, personal identifiable information hidden, unknown. • The most used term is “anonymous message” referring typically to a message that does not carry any information about its sender and/or its intended recipient.
General Information – Anonymity Terms Anonymous Communication On the Internet
• • •
Pseudonymous classified as anonymous Unlinkability vs.Traceabilty Unobservability or indistinguishable
• • • • • •
Sender anonymity Recipient Anonymity Relationship Anonymity Full Anonymities k-Anonymity Degree of Anonymity
•
Eavesdropping, Wiretapping, Sniffing
General Information – Anonymity Gateways Anonymous Communication On the Internet
• • • • • • •
Web Proxy (Simple Anonymous, Distorting Proxies, Elite proxies) Remailers / Nym Servers (e.g. anon.penet.fi ) Socks, BNC (for chat services and not only) Anonymous Dial-ups VPN (virtual private networks) Wireless Anonymity (high usage degree) GPRS, EDGE
• •
Mixnet(s) - Onion Routing, Crowds, Hordes, Tor etc. Anonymous Payments Anonymous credit cards E-gold sites
What does Anonymity Anonymous Communication On the Internet Agenda I
General Information
II
What does Anonymity
III
Short History
IV
Anonymity my Way
V
Bibliography
Anonymous Protection Security Attribute Usage of Anonymity
What does Anonymity - Anonymous Protection Anonymous Communication On the Internet
• Who needs and why? You : • Where are you sending email (who is emailing you) • What web sites are you browsing • Where do you work, where are you from • What do you buy, what books do you read, … • Who else needs anonymity? Criminals? Yes. But they already have it, we need to protect everyone else
What does Anonymity - Security Attribute Anonymous Communication On the Internet
• Cryptography is not enough NSA – exits Code makers & Code breakers
• When you know the Sender and Recipient Speculate the content of information Try to break it Block or monitories the traffic (logging, sniffing)
• New ways to crypt the messages with anonymity There are projects in development which work to decrease cryptographic computations by increasing the anonymity
Short History Anonymous Communication On the Internet Agenda I
General Information
II
What does Anonymity
III
Short History
IV
Anonymity my Way
V
Bibliography
anonymity started with US Navy in WWII… anonymity from internet implementation concept
1981 Mixnets proposed 1988 posting/reply services 1993 anon.penet.fi 1998 Nymserver 2000+ Freenet 2004 Tor
Anonymity my Way Anonymous Communication On the Internet Agenda I
General Information
II
What does Anonymity
III
Short History
IV
Anonymity my Way
V
Bibliography
Spoofing is dead Achieve FromAnonymity Project SaMS (Send Anonymous Message Service)
Anonymity my Way - Spoofing is dead Anonymous Communication On the Internet
• New ISOs on IPv4 and Traffic Security have implemented policies to deny spoofing and drop suspect packets (e.g.. Source-Address = Recipient-Address) • Reasons:
Viruses, Trojan, Worms SYN Floods Packet Integrity Etc. As many resources you will find, in the end you will be redirected to a good read about network protocols.
Anonymity my Way - Achieve From-Anonymity Anonymous Communication On the Internet
• MAC address tool Some scan your local area network in search for valid ones (accepted by the DNS) providing real IP addresses – taking another’s PC IP can be illegal.
• Wireless hotspots • OS LiveCDs Anonym.OS This seems like a really important development: an anonymous operating system[2]
• Anonymous VPNs Findnot.com, Megaproxy.com, metropipe.net
• Other Proxy Server and Mixed Networks
Anonymity my Way - SaMS Anonymous Communication On the Internet
• Thought to provide: Recipient anonymity Unlinkability Unobservability (indistinguishable) Eavesdropping protection Future evolution implementation on: Anonymous local area Identification system Message Server or Action Server
Anonymity my Way – SaMS – Broadcasting to Server Anonymous Communication On the Internet AC – Anonymous Client AS – Anonymous Server
one Station form the same network
Sending Message to a Multicast
AS
AC
AC AS
Our Station
Anonymity my Way – SaMS – Broadcasting to Server Anonymous Communication On the Internet NS – Name Server MS – Message Server
1. Verifies credentials
AS
Server Broadcasts the messages(s)
NS
2. Replies the status If status is true 3. Sends the message or command
AS
MS 4. Replies with message(s) AC
AC
Anonymity my Way – SaMS – Message Flux Anonymous Communication On the Internet NS Green lines – send data
MS Red lines – received data LAN 1
LAN N ASN
AS1 AC1
ACN
Anonymity my Way – SaMS – General Case Anonymous Communication On the Internet
Anonymity my Way – SaMS – Send Sequence Anonymous Communication On the Internet
Anonymity my Way – SaMS – Receive Sequence Anonymous Communication On the Internet
Anonymity my Way – SaMS – Screenshots Anonymous Communication On the Internet
Anonymity my Way – SaMS – Screenshots Anonymous Communication On the Internet
Anonymity my Way – SaMS – Screenshots Anonymous Communication On the Internet
Anonymity my Way – SaMS – Screenshots Anonymous Communication On the Internet
Anonymity my Way – SaMS – Screenshots Anonymous Communication On the Internet
Anonymity my Way – SaMS – Screenshots Anonymous Communication On the Internet
Anonymity my Way – SaMS – Screenshots Anonymous Communication On the Internet
Bibliography Anonymous Communication On the Internet Agenda I
General Information
II
What does Anonymity
III
Short History
IV
Anonymity my Way
V
Bibliography
Most of the information on this presentation is taken from my graduation thesis, but there are still other information which can are reproduced from the following bibliography:
Bibliography Anonymous Communication On the Internet • Anonym.OS http://www.wired.com/news/technology/0,70017-0.html
• Big Brother versus anonymity on the internet, Jelke Nijboer
Paper presented at the 12th BOBCATSSS symposium in Riga (Latvia), Jan. 26-28, 2004. Accepted November 2003. Revised Febr.-March 2004.
• How To Make A Mint: The Cryptography of Anonymous Electronic Cash, Laurie Law, Susan Sabett, Jerry Solinas - NSA, 1996 •
Anonymity and Privacy on Intenet http://www.infosyssec.net/infosyssec/security/anon1.htm
•
Security Focus http://www.securityfocus.com/
Paperwork & Practical Presentation Anonymous Communication On the Internet
Thank you!
Thank you!
Communicati on On the Internet
Thank you!
Thank you!
Thank you!
Thank you!
Thank you!
Thank you!
Thank you!
Thank you!
Thank you!
Thank you!
Communicati on On the Internet