Transcript Document
Nym: An anonymous, secure, peer-to-peer instant messenger By Seth Cooper, Adam Hoel, Elliott Hoel, Jeff Holschuh, and Hilde Schmitt AOL Instant Messenger IP Addresses Dan Rather: 162.27.1.102 Bill O’Reilly: 24.26.105.25 AOL Server John Doe: 137.22.4.60 Dan Rather 162.27.1.102 John Doe Bill O’Reilly 24.26.105.25 137.22.4.60 AOL Instant Messenger IP Addresses Dan Rather: 162.27.1.102 Bill O’Reilly: 24.26.105.25 AOL Server John Doe: 137.22.4.60 Confidential Information Dan Rather John Doe Bill O’Reilly AOL Instant Messenger AOL IP Addresses Dan Rather: 162.27.1.102 Bill O’Reilly: 24.26.105.25 Server John Doe: 137.22.4.60 Confidential Information Dan Rather John Doe Bill O’Reilly AOL Instant Messenger Lawsuit IP Addresses Dan Rather: 162.27.1.102 Bill O’Reilly: 24.26.105.25 AOL Big Tobacco Server John Doe: 137.22.4.60 Dan Rather John Doe Bill O’Reilly AOL Instant Messenger IP Addresses Dan Rather: 162.27.1.102 Bill O’Reilly: 24.26.105.25 AOL Server Big Tobacco John Doe: 137.22.4.60 John Doe: 137.22.4.60 Dan Rather John Doe Bill O’Reilly AOL Instant Messenger IP Addresses Dan Rather: 162.27.1.102 Bill O’Reilly: 24.26.105.25 AOL Big Tobacco Server John Doe: 137.22.4.60 Lawsuit and job loss Dan Rather John Doe Bill O’Reilly Nym: Not just another AIM John Doe Dan Rather Amy Csizmar Dalal Jeff Ondich Bill O’Reilly Nym: Not just another AIM John Doe 137.22.4.60 Dan Rather 162.27.1.102 Amy Csizmar Dalal 207.251.23.142 Jeff Ondich 82.65.100.55 Bill O’Reilly 24.26.105.25 Nym: Not just another AIM John Doe john_doe Dan Rather dan_rather Amy Csizmar Dalal amy_csizmar_dalal Jeff Ondich jeff_ondich Bill O’Reilly bill_oreilly Nym: Not just another AIM John Doe john_doe Dan Rather dan_rather To dan_rather To bill_oreilly Bill O’Reilly bill_oreilly Confidential Information Nym: Not just another AIM John Doe john_doe Dan Rather dan_rather Confidential Information To bill_oreilly Bill O’Reilly bill_oreilly Nym: Not just another AIM John Doe john_doe Dan Rather dan_rather Big Tobacco Job = Safe Lawsuit ? Bill O’Reilly bill_oreilly Goals Implement a peer-to-peer network that provides: Decentralization Anonymity Security Reliability Scalability Decentralization Significantly minimize the application’s reliance on a central server Peer-to-peer communication Normally centralized tasks are distributed among nodes Decentralization in Nym Message routing, searching, presence updates and text messaging functionality occurs between peers without the help of any central servers. However, on first launch a client connects to a node that caches the IP addresses of other Nym clients. Anonymity Anonymity is the state of having an undisclosed identity. On a network, anonymous communication must ensure that information related to the source of a message (e.g. the originating machine’s IP address) cannot be determined. Why is anonymity important? According to the Electronic Frontier Foundation: “Anonymity is a shield from the tyranny of the majority...It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation…at the hand of an intolerant society.” Anonymity in Nym Pseudonyms Virtual addressing Decentralization Security Nondeterministic/probabilistic routing Routing Demo Node B Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan Node B Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan Packet sent Node B Broadcast Nym Network Node A John Doe Packet sent Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan Broadcast Packet sent Packet sent Node B Broadcast Nym Network Node A John Doe Packet sent Broadcast Node D Dan Rather Packet sent Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan Broadcast Packet sent Packet sent Node B Broadcast Nym Network Node A John Doe Packet received Packet sent Broadcast Node D Dan Rather Packet sent Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan Node B Nym Network Response packet sent Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan Packet sent Node B Nym Network Response packet sent Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan Packet sent Packet sent Node B Nym Network Response packet sent Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B Packet sent Packet sent Node B Packet received Nym Network Response packet sent Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B Node B Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B Node B Nym Network Packet sent Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B Node B Nym Network Packet sent Node A John Doe Node D Dan Rather Packet sent Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B Node B Nym Network Node A John Doe Packet sent Packet sent Node D Dan Rather Packet sent Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B C Node B Packet received Node A John Doe Nym Network Packet sent Packet sent Node D Dan Rather Packet sent Node C Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B C Packet sent Node B Broadcast Nym Network Node A John Doe Packet sent Node D Dan Rather Node C Node E Bill O'Reilly Routing Demo Broadcast Packet sent Packet sent Node A’s Channel List Bill Dan B C Node B Broadcast Nym Network Node A John Doe Packet sent Broadcast Packet sent Node C Node D Dan Rather Packet received Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B C Node B Nym Network Node A John Doe Node C Node D Dan Rather Response packet sent Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B C Node B Nym Network Node A John Doe Node C Packet sent Node D Dan Rather Response packet sent Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan B C Node B Nym Network Node A John Doe Packet sent Node C Packet sent Node D Dan Rather Response packet sent Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan C B C Node B Packet received Nym Network Node A John Doe Packet sent Node C Packet sent Node D Dan Rather Response packet sent Node E Bill O'Reilly Routing Demo Node A’s Channel List Bill Dan C B C Node B Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly The channel list builds up… Node A’s Channel List Bill Dan C B B C C C B C Node B Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Now, we can route! Node A’s Channel List Bill Dan C B B C C C B C Node B Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Now, we can route! Select a node at random from the Dan column: Node B Node A’s Channel List Bill Dan C B B C C C B C Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Now, we can route! Node A’s Channel List Bill Dan C B B C C C B C So send to node C: Node B Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Note that there is a natural weighting of nodes in the list This means that there are preferred routes. Node B Node A’s Channel List Bill Dan C B B C C C B C Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Sometimes, we pick at random from an unweighted channel list This prevents any routing patterns that may occur. Node B Node A’s Channel List Bill Dan C B B C C C B C Nym Network Node A John Doe Node D Dan Rather Node C Node E Bill O'Reilly Security Confidentiality Information should be kept secret from unauthorized parties. Integrity Information should be tamper evident. The authenticity of the source of information should be verifiable. Availability Services should be resilient to malicious attacks Security in Nym Link-to-link encryption Digital signing and verifying of text messages Link-to-link versus end-to-end Link-to-link encryption Messages are encrypted and decrypted at each node in the network Messages intercepted by parties outside the network will be unable to read the encrypted text End-to-end encryption Messages are encrypted with a secret key by the sender and are not decrypted until they reach the recipient The Man-in-the-Middle Secure end-to-end encryption is impossible in an anonymous network An intermediary node between the sender and recipient can easily intercept a key exchange. Link-to-link encryption More robust against man in the middle attacks Link to link (Symmetric key) A 56-bit DES key is generated and exchanged when a connection is made with a neighbor Both parties share this key, but no one else knows it Much quicker than asymmetric encryption RSA public/private key pair RSA key pair is generated from username and password Public key is essentially the virtual address Asymmetric key pair is only used for digital signatures To send a message to someone, sign it with your private key The recipient uses your public key to validate it Digital Signatures Allow us to verify who a message is from that the message has not been changed since it was sent Use the SHA-1 hash algorithm Takes the message (under 2^64 bits) Returns 160 bit “message digest” Use RSA key pair How digital signatures work User A At Login User B Public Key A Username A Public Key B Username B Private Key A Password A Virtual Address A Private Key B Password B Virtual Address B How digital signatures work User A User B Public Key A Private Key A Public Key B Private Key B How digital signatures work User A Message text User B How digital signatures work User A Message text SHA-1 Message digest User B How digital signatures work User A User B Message text SHA-1 Message digest Encrypt with Private key A Digital signature How digital signatures work User A User B Message Message text SHA-1 Message digest Encrypt with Private key A Digital signature How digital signatures work User A User B Message Message text Message Message text SHA-1 Message digest Encrypt with Private key A Digital signature Digital signature How digital signatures work User A User B Message Message text Message Message text SHA-1 SHA-1 Message digest Encrypt with Private key A Digital signature Message digest Digital signature How digital signatures work User A User B Message Message text Message Message text SHA-1 SHA-1 Message digest Encrypt with Private key A Digital signature Message digest Digital signature Decrypt with Public key A Message digest How digital signatures work User A User B Message Message text Digital signature Decrypt with Public key A Message Message text SHA-1 SHA-1 Message digest Encrypt with Private key A Digital signature Message digest Message digest Compare Instant Messaging Text communication Presence notification Contact list maintenance Distributed search User friendly interface DEMO Tradeoffs and Limitations Anonymity Statistical analysis Textual analysis Accidental disclosure Scalability Test results and predictions Reliability Routing loop avoidance Extensions Increased fault tolerance for dropped packets and routing loops Group chat Testing and research on anonymity scheme Acknowledgements Amy Csizmar Dalal and the CS department for guidance and support Michael N. Tie and ITS for helping make our equipment work MUTE and Jason Rohrer Our friends and family for putting up with us You all for being here today References Rohrer, Jason. “MUTE Technical Details” http://mute-net.sourceforge.net/technicalDetails.shtml http://www.bouncycastle.org/ Sun Microsystems http://java.sun.com Freenet http://freenet.sourceforge.net RFC 3921: XMPP http://www.xmpp.org “The Gnutella Protocol Specification v0.4” http://www9.limewire.com/developer/gnutella_protoc ol_0.4.pdf