DC-Area Anonymity, Privacy, and Security SeminarWinter 2017 Seminar
Friday, February 17th, 2017
9:30 a.m. - 1:00 p.m.
Lunch afterward nearby Location: Volgenau School of Engineering, Room 4201
George Mason University
Host: Dov Gordon
9:30 a.m. - 9:55 a.m.
Speaker: Hua Wu (The George Washington University)
Title: Apollo — End-to-end Verifiable Internet Voting with Recovery from Vote Manipulation [slides]
Abstract: The internet voting system Helios is a prominent end-to-end verifiable (E2E-V) system that is used for elections by the ACM and IACR. A key vulnerability is that a dishonest voting terminal can change the vote after it obtains the Voter's credential; though the voter can detect that the vote was changed, she can not prove this to a third party. This is a vulnerability common to most E2E-V voting protocols meant for use by remote voters. We propose Apollo, a modified version of Helios preventing such a client side attack.
9:55 a.m. - 10:20 a.m.
Speaker: Hooman Mohajeri (Princeton University)
Title: Challenges of Achieving Privacy at Network Level [slides]
Abstract: There are a number of anonymity solutions for communication networks. The Onion Routing network (Tor) is probably the most popular anonymity network with millions of users. Tor gained popularity partly because it can be used for real-time communication such as web surfing, instant messaging, etc. Tor provides relatively strong security guarantees, however, using Tor requires Tor's software to be installed on end users' computers and there is no out-of-box privacy protection for Internet users. This is mainly due to the fact that privacy was not a top priority design goal of many Internet protocols, such as TCP/IP. As a result, anonymity tools such as Tor resorted to overlay networks, i.e., a number of machines connected to each other through the underlying unprotected Internet, forming an overlay network.
Nevertheless, we could consider what it would look like if we built anonymity into the core protocols of the Internet, for instance TCP/IP. There have been a number of proposal for what is sometimes referred to as "Network Level Anonymity or Privacy". These solution involve redesigning Internet protocols to provide communication privacy. We will discuss some of these solutions, see why they have not seen any real world deployment and how we can solve the issues with them. In particular, we discuss why clean-slate Internet architectures, with no partial deployment are difficult to implement and propose an incremental deployment system that provides basic privacy protections to all customers of a service provider out-of-box without any additional software.
10:20 a.m. - 10:50 a.m.
10:50 a.m. - 11:15 a.m.
Speaker: Philipp Winter (Princeton University)
Title: The Effect of DNS on Tor's Anonymity [slides]
Abstract: Previous attacks that link the sender and receiver of traffic in the Tor network ("correlation attacks") have generally relied on analyzing traffic from TCP connections. The TCP connections of a typical client application, however, are often accompanied by DNS requests and responses. This additional traffic presents more opportunities for correlation attacks. This paper quantifies how DNS traffic can make Tor users more vulnerable to correlation attacks. We investigate how incorporating DNS traffic can make existing correlation attacks more powerful and how DNS lookups can leak information to third parties about anonymous communication. We (i) develop a method to identify the DNS resolvers of Tor exit relays; (ii) develop a new set of correlation attacks (DefecTor attacks) that incorporate DNS traffic to improve precision; (iii) analyze the Internet-scale effects of these new attacks on Tor users; and (iv) develop improved methods to evaluate correlation attacks. First, we find that there exist adversaries that can mount DefecTor attacks: for example, Google's DNS resolver observes almost 40% of all DNS requests exiting the Tor network. We also find that DNS requests often traverse ASes that the corresponding TCP connections do not transit, enabling additional ASes to gain information about Tor users' traffic. We then show that an adversary that can mount a DefecTor attack can often determine the website that a Tor user is visiting with perfect precision, particularly for less popular websites where the set of DNS names associated with that website may be unique to the site. We also use the Tor Path Simulator (TorPS) in combination with traceroute data from vantage points co-located with Tor exit relays to estimate the power of AS-level adversaries that might mount DefecTor attacks in practice.
11:15 a.m. - 11:40 a.m.
Speaker: Ellis Fenske (Tulane University)
Title: A bound on information leakage in Tor route selection [slides]
Abstract: I will present an adversarial model for Tor route selection where instead of capturing Tor relays the adversary captures the paths between specific relays in an attempt to identify a user's guard relay. This complicates risk estimation and allows us to analyze a new kind of information leakage that occurs in cases where the adversary could have observed specific events, but does not, and can use this fact to make inferences about behavior within the network over time. I will describe this phenomenon and provide examples, then give an information theoretic bound on the accuracy of inferences made in this setting given sane assumptions about the Tor network and the strength of the adversary.
11:40 a.m. - 12:10 p.m.
12:10 p.m. - 12:35 p.m.
Speaker: Kartik Nayak (University of Maryland, College Park)
Title: HOP: Hardware makes Obfuscation Practical [slides]
Abstract: Program obfuscation is a central primitive in cryptography and has important real-world applications in protecting software from IP theft. However, well-known results from the cryptographic literature have shown that software only virtual black box (VBB) obfuscation of general programs is impossible. In this paper we propose HOP, a system (with matching theoretic analysis) that achieves simulation-secure obfuscation for RAM programs, using secure hardware to circumvent previous impossibility results. To the best of our knowledge, HOP is the first implementation of a provably secure VBB obfuscation scheme in any model under any assumptions.
HOP trusts only a hardware single-chip processor. We present a theoretical model for our hardware design and prove its security in the UC framework. Our goal is both provable security and practicality. To this end, our theoretic analysis accounts for all optimizations used in our practical design, including the use of a hardware Oblivious RAM (ORAM), hardware scratchpad memories, instruction scheduling techniques and context switching. We then detail a prototype hardware implementation of HOP. The design requires 72% of the area of a V7485t Field Programmable Gate Array (FPGA) chip. Evaluated on a variety of benchmarks, HOP achieves an overhead of 8x - 76x relative to an insecure system. Compared to all prior (not implemented) work that strives to achieve obfuscation, HOP improves performance by more than three orders of magnitude. We view this as an important step towards deploying obfuscation technology in practice.
12:35 p.m. - 1:00 p.m.
Speaker: Angelos Stavrou (George Mason University)
Title: The Veiled Enemy: Privacy & Security Threats in Software Supply Chains
Abstract: We have identified pre-positioned and remotely activated software in multiple mobile devices that evades detection from modern malware and anti-virus systems. The offending software is delivered through firmware and firmware updates and poses a critical threat to privacy and security because it can stealthily collect sensitive personal data from millions of smartphones without any indication of activity, disclosure, or consumer consent. To make matters worse, this software is capable of actively exfiltrating user and device information including the full-body of text messages, call logs, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI) information about the use of applications installed on the monitored device Moreover, it gives a remote operator the capability to execute remote commands with escalated (system) privileges, and support the capability to reprogram the devices remotely.
In this talk, I will discuss the scope of the supply chain problem when it comes to privacy and how it can affect software ecosystems beyond the ones that involve mobile devices. I will show that although there are many challenges monitoring and analyzing software for millions of different devices, there are potential solutions that can deter future compromises. I will also discuss the regulatory and policy frameworks and how End User License Agreements (EULAs) can be abused to coerce end-users into surrendering private information without necessarily understanding the full implications of a single click.
Directions: The seminar will be held on the fourth floor of the Volgenau School of Engineering, in room 4201.Transportation
By Car: The closest visitor parking is in the Shenandoah parking deck, and the cost is $3/hour (max: $15). If you purchase and print a daily parking permit ahead of time, it will cost $8, but will require you to park a bit further away in the general parking areas. Check here for more information. By Metro: George Mason University provides a shuttle service between campus and the Vienna metro stop (Orange line) called the Sandy Creek - Vienna Metro shuttle. The shuttles run every 15 to 30 minutes from 6 a.m. to 11:30 p.m., Monday through Friday. When exiting the Metro, take the North exit, and find the bus at Bay C. Take the shuttle between the Vienna stop and the Sandy Creek Transit Center. Check here for more information.