Enforcing Anonymity and Improving Pseudonymity in Tails David

What Is Nymix Nyms Cloud Storage Alice’s Laptop Internet Alice

Application Level Attacks Alice in Repressistan Alice’s Laptop l: e n n a h

Correlation Attacks Bob of Freetopia Bob’s Laptop Internet Bob

Confiscation Attacks Carol the Landofopportunian Carol Border patrol

Nymix – One Layer Deeper Cloud Storage Alice’s Laptop Internet Nym Manager Alice Anon.

Application Level Attacks Alice in Repressistan Alice’s Laptop Bob’s Booby-trap Blog Tor-based Secure Channel

Correlation Attacks Bob of Freetopia Alice’s Bob’s Laptop Internet Bob

Confiscation Attacks Carol the Landofopportunian Carol

Confiscation Attacks Carol the Landofopportunian Carol X Border patrol

Evaluation • I 7 – 4 cores at 2. 7 GHz • 8 GB

Nymix is not… It is… • Not a complete solution • An exploration of

Implementation • • Ubuntu 14. 04 Qemu (KVM) for virtualization Overlay. FS for union

Integration with Tails • To Comm. VM or not Comm. VM • Each VM

Futher Challenges • • Resolution of VMM Fingerprintable CPU VMM timing channels Accessing local

Going Forward • Tomorrow – 15: 00 – 16: 00 – Follow up discussion

Slides: 28

Download presentation

Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University

What Is Nymix Nyms Cloud Storage Alice’s Laptop Internet Alice

The Leaky Boat

Application Level Attacks Alice in Repressistan Alice’s Laptop l: e n n a h C P” d e I r y u c m e Bob’s Uns Here’s “ Booby-trap Blog Tor-based Secure Channel Alice Repressistan Freetopia Javascript Exploit

Correlation Attacks Bob of Freetopia Bob’s Laptop Internet Bob

Confiscation Attacks Carol the Landofopportunian Carol Border patrol

Attack Recap

Nymix – One Layer Deeper Cloud Storage Alice’s Laptop Internet Nym Manager Alice Anon. VM Comm. VM

Attacks Executed in Nymix

Application Level Attacks Alice in Repressistan Alice’s Laptop Bob’s Booby-trap Blog Tor-based Secure Channel Alice Repressistan Freetopia Javascript Exploit

Attacks Executed in Nymix

Correlation Attacks Bob of Freetopia Bob’s Laptop Internet Bob

Correlation Attacks Bob of Freetopia Alice’s Bob’s Laptop Internet Bob

Attacks Executed in Nymix

Confiscation Attacks Carol the Landofopportunian Carol Border patrol

Confiscation Attacks Carol the Landofopportunian Carol

Confiscation Attacks Carol the Landofopportunian Carol X Border patrol

Attacks Executed in Nymix

Evaluation • I 7 – 4 cores at 2. 7 GHz • 8 GB Ram • Connects to a test deployment of Tor • 10 Mbit bandwidth • 200 ms latency • 3 relays • Nym memory usage • Anon. VM – 384 MB RAM, 128 MB Disk (stored in RAM) • Comm. VM – 128 MB RAM, 16 MB Disk (stored in RAM)

CPU Evaluations

Memory Usage

Network Overhead

Nymix is not… It is… • Not a complete solution • An exploration of pseudonymity potential with virtualization • A ready to use system • A research prototype looking at potential integration with tails

Implementation • • Ubuntu 14. 04 Qemu (KVM) for virtualization Overlay. FS for union file system Google Chromium (required in order to support a circumvention software)

Integration with Tails • To Comm. VM or not Comm. VM • Each VM is not cheap • Must share a common Tor guard • Sharing a common base image with Tails • Tails is well hardened • Tails has many configurations undesirable for Anon. VM • Persistence Models • Store all data in the cloud • Encrypted (LUKS) volume, store header elsewhere

Futher Challenges • • Resolution of VMM Fingerprintable CPU VMM timing channels Accessing local hardware / data

Going Forward • Tomorrow – 15: 00 – 16: 00 – Follow up discussion • Slides available • PDF http: //goo. gl/XUVZm. C • PPTX http: //goo. gl/0 pk. HM 5 • Text available http: //arxiv. org/abs/1312. 3665 • Github https: //github. com/De. Di. S/Wi. No. N