CMSC 414 Computer and Network Security Lecture 20 - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

CMSC 414 Computer and Network Security Lecture 20

Description:

CMSC 414 Computer and Network ... Based on everything from last midterm through today Zero knowledge (ZK) ZK proofs can offer deniability and secrecy A zero ... – PowerPoint PPT presentation

Number of Views:137
Avg rating:3.0/5.0
Slides: 10
Provided by: jka144
Learn more at: http://www.cs.umd.edu
Category:

less

Transcript and Presenter's Notes

Title: CMSC 414 Computer and Network Security Lecture 20


1
CMSC 414Computer and Network SecurityLecture 20
  • Jonathan Katz

2
Administrative items
  • Midterm next week
  • Based on everything from last midterm through
    today

3
Zero knowledge (ZK)
  • ZK proofs can offer deniability and secrecy
  • A zero-knowledge protocol for graph
    3-colorability
  • Warning the aim here is simplicity, and many
    subtleties and details are purposely being ignored

4
Applications of zero-knowledge
  • (Deniable) authentication
  • Generalization of the protocol we saw last time
  • Again, many subtleties and details omitted!
  • Anonymous credentials
  • Group signatures/trusted computing

5
Anonymity vs. pseudonymity
  • Anonymity
  • No one can identify the source of any messages
  • Unlinkability cannot even tell that messages
    originated from the same person
  • Pseudonymity
  • No one can identify the source of a set of
    messages
  • but they can tell that they all came from the
    same person, with a known pseudonym
  • There is a broad scale of achievable anonymity
  • Best you can hope for is limited by the network
    size!

6
Traffic analysis
  • May be possible to learn who is communicating
    with whom using traffic analysis
  • Typically, even if communication is encrypted the
    headers are not
  • Need unencrypted headers for routing
  • How is it possible to communicate anonymously?

7
Anonymous communication
  • You are sitting around a table with n people
  • How do you send an anonymous message to another
    person?
  • How do you broadcast a message to everyone
    without revealing your identity?
  • Linear-round protocol?
  • Constant-round protocol (DC-nets)
  • Is this secure only for honest-but-curious
    behavior, or also for malicious behavior?

8
Anonymizers
  • Single anonymizer proxy
  • How to achieve bidirectional communication
  • Note one side need not know the other
  • Anonymizers already exist!
  • Email
  • http

9
Anonymizers
  • Issues/drawbacks?
  • Robustness
  • Useful for hiding the source from the
    destination less useful for preventing
    full-fledged traffic analysis
  • Unless encryption is used, which it typically
    would not be
  • Possible attacks
  • Latency vs. timing correlation
  • 0-latency solution using spurious messages?
  • One user sending multiple messages to the same
    server
  • Message sizes
  • Replay attacks
Write a Comment
User Comments (0)
About PowerShow.com