1 / 11

Privacy-Preserving Attribution and Provenance

Privacy-Preserving Attribution and Provenance. UC San Diego & University of Washington Alex C. Snoeren & Yoshi Kohno, PIs. Stefan Savage, Amin Vahdat, Geoff Voelker (UCSD). Privacy-respecting forensics. Privacy : No extra information to “bad guys”.

caroun
Download Presentation

Privacy-Preserving Attribution and Provenance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy-PreservingAttribution and Provenance UC San Diego & University of Washington Alex C. Snoeren & Yoshi Kohno, PIs Stefan Savage, Amin Vahdat, Geoff Voelker (UCSD)

  2. Privacy-respecting forensics • Privacy: No extra information to “bad guys”. • Attributable / trackable: Can track the “bad guys” with special “properties” • Violate privacy: “Bad guys” can “track” the “good guys” without intended “special properties” • Avoid attribution / tracking: “Bad guys” can circumvent “tracking”

  3. Evidence-based security research • Pursue a two-pronged research agenda • Long-term “clean slate” architectural design, grounded in • Principled work on today’s concrete security environment • Obvious analogy to the medical field • Ongoing, fundamental research into biological processes • Continuously developing treatments for prevalent disease • Each independent process informs and guides the other

  4. A vision for a future Internet Strong anonymity Strong forensics We are here Can we get here and here simultaneously?

  5. What we have today A • Each hop and destination might: • Inspect/influence payload • Fingerprint OS • Fingerprint application • Fingerprint physical device • Ad hoc; easy to fool if skilled attacker; but loss of privacy if average user B

  6. A What we want A • Attributable: Trusted third party can attribute physical origin of every single packet • Verifiable: Every hop and destination can verify that the trusted third party can attribute origin • Anonymous: Unauthorized parties cannot attribute physical origin of packets B

  7. Our System: Clue • Dual Pentium 3.4GHz, 4GB RAM;Dual Pentium 3GHz, 1GB RAM

  8. Lost/stolen Internet devices • CSI/FBI Computer Crime and Security Survey: • Laptop and mobile device theft prevalent and expensive problem: $30k per incident • 10% of laptops are lost or stolen in first year • 97% of lost or stolen laptops never recovered

  9. Privacy-respecting recovery • Goal: Recover locations of lost or stolen devices • Timeline • Owner possession (not lost nor stolen) • Lost or stolen but unmodified • State erased or reset • Machine destroyed • Recoverability: Loss or flea market thief • Location privacy: Tracking service, thief, outsider

  10. Lookup IKi(T) IKi(T),EKi(LocationInfo) Adeona • Forward secure PRG to evolve keys over time • Use shared key to compute indices as well as encrypt data • Use DHT to prevent traffic profiling

  11. Politics and technology • Our goal: Determine feasibility of putting privacy-respecting attribution into the network • But lots of issues, including: Who should be the trusted third pary? • Internet is multi-national • Remember the Clipper Chip? • Intel’s Processor Serial Number?

More Related