Padded uniform random blobs: a metadata hiding format to provide deniability and protection from side channel attacks.
Event details
| Date | 25.08.2016 |
| Hour | 14:00 › 16:00 |
| Speaker | Matthew Underwood |
| Location | |
| Category | Conferences - Seminars |
EDIC Candidacy Exam
Exam President: Prof. James Larus
Thesis Director: Prof. Bryan Ford
Co-examiner: Prof. Serge Vaudenay
Background papers:
Effective Attacks and Provable Defenses for Website Fingerprinting, by T. Wang et al.
Elligator: Elliptic-curve points indistinguishable from uniform random
strings, by D.J. Bernstein et al.
Compression and Information Leakage of Plaintext, by J. Kelsey
Abstract
Unencrypted metadata and various side channels leak a lot of unintended
information. We look at website fingerprinting, a type of traffic-analysis attacks on protocols that attempt to protect the privacy and anonymity of their users, such as tor. We examine attacks that use how compression algorithms when combined with encryption work to gain additional information from encrypted communications. Elliptic curve cryptography is increasingly used, but has some problems when used in conjunction with systems designed to circumvent censors.
Elliptic curve points can easily be identified from an otherwise random looking traffic stream, which potentially allows a protocol to be identified and blocked. We examine ways to encode elliptic curve points so they are indistinguishable from uniform random bit strings.
In this proposal we present Padded Uniform Random Blobs, a communication system that eliminates all unencrypted metadata and reduces information leakage from side-channels, like message length and timings. Then we propose how this work can be extended, and what the next research
steps are for analyzing and improving the system.
Exam President: Prof. James Larus
Thesis Director: Prof. Bryan Ford
Co-examiner: Prof. Serge Vaudenay
Background papers:
Effective Attacks and Provable Defenses for Website Fingerprinting, by T. Wang et al.
Elligator: Elliptic-curve points indistinguishable from uniform random
strings, by D.J. Bernstein et al.
Compression and Information Leakage of Plaintext, by J. Kelsey
Abstract
Unencrypted metadata and various side channels leak a lot of unintended
information. We look at website fingerprinting, a type of traffic-analysis attacks on protocols that attempt to protect the privacy and anonymity of their users, such as tor. We examine attacks that use how compression algorithms when combined with encryption work to gain additional information from encrypted communications. Elliptic curve cryptography is increasingly used, but has some problems when used in conjunction with systems designed to circumvent censors.
Elliptic curve points can easily be identified from an otherwise random looking traffic stream, which potentially allows a protocol to be identified and blocked. We examine ways to encode elliptic curve points so they are indistinguishable from uniform random bit strings.
In this proposal we present Padded Uniform Random Blobs, a communication system that eliminates all unencrypted metadata and reduces information leakage from side-channels, like message length and timings. Then we propose how this work can be extended, and what the next research
steps are for analyzing and improving the system.
Practical information
- General public
- Free
Contact
- Cecilia Chapuis EDIC