Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Privacy in Content Oriented Networking: Threats and countermeasures Abdelberi Chaabane, Emiliano De Cristofaro, Mohamed Ali Kaafar, and Ersin Uzun A brief History of networking Telephony 1 Interconnecting wires TCP/IP 2 Interconnecting hosts 3 Interconnecting information 1 Change in Communication Paradigm • Today Internet struggles – Scalability – Mobility – Security • Move to Content-oriented Network – Traffic is already content-oriented • CDN, overlays, P2P – Users/applications care “what to receive” • They don’t care “from whom” • Host based communication model is getting ‘’outdated’’ 2 Notable Content Oriented Networking Architectures DONA NetInf Network of Information 3 Macro-building blocks • Named Content – Objects are named to facilitate data dissemination and search • Content Based Routing – Routing content rather than host • Content Delivery – Using multipath routing and leveraging in network caching • In Network caching – All components provide caching capability 4 CCN Operations 5 Contributions • Systematic study of privacy challenges in CON – Exposing several worrisome issues – Proposing some countermeasures – Highlighting open problems • Comparing CON to Today’s Internet (TI) from a privacy perspective 6 Outline 1. Privacy challenges in CON Cache privacy Content Privacy Name privacy Signature privacy 2. The potential of CON privacy Anonymity Censorship Resistance Untraceability Data authenticity and confidentiality 7 CON Privacy Cache Privacy Name Privacy -Data is cached in every hop -Names are related to the content -Infer who consumed what - Infer what a user is consuming Content Privacy Signature Privacy -Encryption is not mandatory -Content is signed -Publicly available content spied on / censored - Identify the communicating parties 8 Timing attack RTTS Fetch the targeted content RTTt RTTC 1. If |RTTt -RTTc| < ε: Content has been fetched by a neighboring consumer 2. If RTTt > RTTc and RTTt < RTTs: Content has been recently fetched from the source 3. Otherwise: The target content has not been consumed 9 Potential Solution • Wait before reply – When a content m is fetched, the corresponding RTTm is stored – All subsequent requests to m are delayed with RTTm 1. It provably achieves perfect privacy[1] 2. No assumption about content correlation/ Network topology 3. Reduced bandwidth 1. Increased the delay 10 1: Acs, G., Conti, M., Gasti, P., Ghali, C., & Tsudik, G. Cache Privacy in Named-Data Networking. ICDCS’13. Potential Solution • Delay the first K – When a content m is fetched, the corresponding RTTm is stored and a random number K is chosen – K subsequent requests to m are delayed with RTTm 1. Popular content is not delayed 2. Formal model to quantify the tradeoff privacy/latency [1] 3. Reduced bandwidth 1. Assumption about content correlation 2. Increased delay for non popular content 11 Potential Solution • Collaborative caching – Multiple caches collaborate to create a distributed cache 12 Potential Solution • Collaborative caching – Multiple caches collaborate to create a distributed cache 1. Increases the anonymity set 2. Increases hit rate 1. Administrative collaboration 2. Potential Delay 13 Content Based Monitoring and Censorship • CON routers – Long-term storage – Computationally powerful • ‘Less’ powerful adversary is needed to perform censorship 14 Potential Solution • Broadcast encryption – The producer send an encrypted message to a set of users N – Only users in N can decrypt the message 1. Content is encrypted once 2. Caching is preserved 3. Fine grained user control (revocation) 1. Producer generate/store N keys 2. Producer public key and cipher text are of size of O(√N) 15 Potential Solution • Proxy re-encryption 16 Potential Solution • Proxy re-encryption 1. Content is available for any user 2. Content is encrypted once 3. Caching is preserved 4. Fine grained user control (revocation) 1. Asymmetric encryption 17 Monitoring/Tracking • Content name are semantically correlated with the content – E.g. /US/WebMD/AIDS/Symptoms/html • Unlike HTTPS, content name is not encrypted as they are used for routing 18 Potential Solution • Bloom Filter – Using Bloom filter to obfuscate the content name: • A hierarchical Bloom filter for routing table • A counting Bloom filter for each forwarding interface 1. Obfuscates content name 2. Small architectural changes 3. Reduce the size of routing/forwarding tables 1. Introduce false positives 2. BF require periodic resetting 19 Censorship/ Monitoring • Signature is used to provide guarantee on provenance and integrity • This signature can be used to censor/monitor the content. 20 Potential Solution • Group Signature 21 Potential Solution • Group Signature – Hide the signer in a set of potential signers (signer ambiguity) Pub Key Priv Key Group Manager 22 Potential Solution • Group Signature – Hide the signer in a set of potential signers (signer ambiguity) 1. Signature still verifiable 2. Efficient 1. Presence of a group manager 2. Censorship possible 23 Potential Solution • Ring Signature – Hide the signer in a set of potential signers (signer ambiguity) – Signature is generated from the signer private key and a set of public key Pub Key Priv Key 24 Potential Solution • Ring Signature – Hide the signer in a set of potential signers (signer ambiguity) – Signature is generated from the signer private key and a set of public key 1. Signer anonymity protected 2. Trustful content (as long as all signers are trustworthy) 3. No signers interaction / No group manager 1. Communication overhead linear in the size of the ring 2. Censorship possible 25 Outline 1. Privacy challenges in CON 1. 2. 3. 4. Cache privacy Content Privacy Name privacy Signature privacy 2. The potential of CON privacy 1. 2. 3. 4. Anonymity Censorship Resistance Untraceability Data authenticity and confidentiality 26 Anonymity Internet A Trusted Anonymzing proxy CON Natively provided by the architecture (no SRC/DST) - A single point of failure - A Local adversary could monitor all the traffic Mix Networks e.g. Tor • 3 Hops to the source • Low latency Mix Networks: ANDaNA[2] • 2 Hops to the source • Low latency • Partially disable CON caching • CCNx specific [2] ANDaNA: Anonymous named data networking application. DiBenedetto, S., Gasti, P., Tsudik, G., & Uzun, E. NDSS'12 27 Censorship Internet DNS Tempering CON Effective in some CON Host blacklisting Content (name) blacklisting DPI (Content blacklisting) • Strong adversary • specialized Hardware Easier in CON: • Name/Content are not encrypted • No need for specialized hardware At a single router, censorship appears to be easier in CON 28 Tracking Internet Cookies • Widespread • Efficient • Tailored to the business model • Using IP and host fingerprinting CON • No same origin policy • Only dynamic content can be tracked • Business model migration ? Stateless Tracking -More difficult to carry (no addresses + caching) • How to handle security incident ? CON is more resilient to tracking but poses new challenges 29 Data authenticity and confidentiality Internet One size fits all (SSL) • Well studied • Highly optimized CON End to End trust model • Different consumer = different trust model • Widely accepted (PKI) or new trust management model 30 Take home messages • Content Oriented Networking Privacy More resilient to tracking ‘’Weak’’ anonymity as native feature Possibly more vulnerable to censorship Some privacy challenges due to caches, naming, signatures 31 32