Nym: An anonymous, secure, peertopeer instant messenger - PowerPoint PPT Presentation

About This Presentation
Title:

Nym: An anonymous, secure, peertopeer instant messenger

Description:

Nym: Not just another AIM. John Doe 137.22.4.60. Dan Rather 162.27.1.102 ... Messages are encrypted and decrypted at each node in the network ... – PowerPoint PPT presentation

Number of Views:79
Avg rating:3.0/5.0
Slides: 72
Provided by: Carl144
Category:

less

Transcript and Presenter's Notes

Title: Nym: An anonymous, secure, peertopeer instant messenger


1
(No Transcript)
2
Nym An anonymous, secure, peer-to-peer instant
messenger
  • By Seth Cooper, Adam Hoel, Elliott Hoel, Jeff
    Holschuh, and Hilde Schmitt

3
AOL Instant Messenger
AOL
IP Addresses
Dan Rather 162.27.1.102 Bill OReilly
24.26.105.25 John Doe 137.22.4.60
Server
Dan Rather 162.27.1.102
John Doe 137.22.4.60
Bill OReilly 24.26.105.25
4
AOL Instant Messenger
AOL
IP Addresses
Dan Rather 162.27.1.102 Bill OReilly
24.26.105.25 John Doe 137.22.4.60
Server
Confidential Information
Dan Rather
John Doe
Bill OReilly
5
AOL Instant Messenger
AOL
IP Addresses
Dan Rather 162.27.1.102 Bill OReilly
24.26.105.25 John Doe 137.22.4.60
Server
Confidential Information
Dan Rather
John Doe
Bill OReilly
6
AOL Instant Messenger
Lawsuit
Big Tobacco
AOL
IP Addresses
Dan Rather 162.27.1.102 Bill OReilly
24.26.105.25 John Doe 137.22.4.60
Server
Dan Rather
John Doe
Bill OReilly
7
AOL Instant Messenger
Big Tobacco
AOL
IP Addresses
Dan Rather 162.27.1.102 Bill OReilly
24.26.105.25 John Doe 137.22.4.60
Server
John Doe 137.22.4.60
Dan Rather
John Doe
Bill OReilly
8
AOL Instant Messenger
Big Tobacco
AOL
IP Addresses
Dan Rather 162.27.1.102 Bill OReilly
24.26.105.25 John Doe 137.22.4.60
Server
Lawsuit and job loss
Dan Rather
John Doe
Bill OReilly
9
Nym Not just another AIM
John Doe
Dan Rather
Amy Csizmar Dalal
Jeff Ondich
Bill OReilly
10
Nym Not just another AIM
John Doe 137.22.4.60
Dan Rather 162.27.1.102
Amy Csizmar Dalal 207.251.23.142
Jeff Ondich 82.65.100.55
Bill OReilly 24.26.105.25
11
Nym Not just another AIM
John Doe john_doe
Dan Rather dan_rather
Amy Csizmar Dalal amy_csizmar_dalal
Jeff Ondich jeff_ondich
Bill OReilly bill_oreilly
12
Nym Not just another AIM
John Doe john_doe
Dan Rather dan_rather
Confidential Information
To dan_rather
To bill_oreilly
Bill OReilly bill_oreilly
13
Nym Not just another AIM
John Doe john_doe
Dan Rather dan_rather
Confidential Information
To bill_oreilly
Bill OReilly bill_oreilly
14
Nym Not just another AIM
John Doe john_doe
Dan Rather dan_rather
Big Tobacco
Job Safe
Lawsuit
?
Bill OReilly bill_oreilly
15
Goals
  • Implement a peer-to-peer network that provides
  • Decentralization
  • Anonymity
  • Security
  • Reliability
  • Scalability

16
Decentralization
  • Significantly minimize the applications reliance
    on a central server
  • Peer-to-peer communication
  • Normally centralized tasks are distributed among
    nodes

17
Decentralization in Nym
  • Message routing, searching, presence updates and
    text messaging functionality occurs between peers
    without the help of any central servers.
  • However, on first launch a client connects to a
    node that caches the IP addresses of other Nym
    clients.

18
Anonymity
  • Anonymity is the state of having an undisclosed
    identity.
  • On a network, anonymous communication must ensure
    that information related to the source of a
    message (e.g. the originating machines IP
    address) cannot be determined.

19
Why is anonymity important?
  • According to the Electronic Frontier Foundation
  • Anonymity is a shield from the tyranny of the
    majority...It thus exemplifies the purpose behind
    the Bill of Rights, and of the First Amendment in
    particular to protect unpopular individuals from
    retaliationat the hand of an intolerant society.

20
Anonymity in Nym
  • Pseudonyms
  • Virtual addressing
  • Decentralization
  • Security
  • Nondeterministic/probabilistic routing

21
Routing Demo
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
22
Routing Demo
Node As Channel List Bill Dan
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
23
Routing Demo
Node As Channel List Bill Dan
Node B
Packet sent
Broadcast
Nym Network
Node A John Doe
Packet sent
Node D Dan Rather
Node C
Node E Bill O'Reilly
24
Routing Demo
Node As Channel List Bill Dan
Broadcast
Packet sent
Node B
Packet sent
Broadcast
Nym Network
Node A John Doe
Packet sent
Broadcast
Node D Dan Rather
Packet sent
Node C
Node E Bill O'Reilly
25
Routing Demo
Node As Channel List Bill Dan
Broadcast
Packet sent
Node B
Packet sent
Broadcast
Nym Network
Node A John Doe
Packet received
Packet sent
Broadcast
Node D Dan Rather
Packet sent
Node C
Node E Bill O'Reilly
26
Routing Demo
Node As Channel List Bill Dan
Node B
Nym Network
Response packet sent
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
27
Routing Demo
Node As Channel List Bill Dan
Packet sent
Node B
Nym Network
Response packet sent
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
28
Routing Demo
Node As Channel List Bill Dan
Packet sent
Packet sent
Node B
Nym Network
Response packet sent
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
29
Routing Demo
Node As Channel List Bill Dan B
Packet sent
Packet sent
Node B
Nym Network
Packet received
Response packet sent
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
30
Routing Demo
Node As Channel List Bill Dan B
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
31
Routing Demo
Node As Channel List Bill Dan B
Node B
Nym Network
Packet sent
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
32
Routing Demo
Node As Channel List Bill Dan B
Node B
Nym Network
Packet sent
Node A John Doe
Node D Dan Rather
Packet sent
Node C
Node E Bill O'Reilly
33
Routing Demo
Node As Channel List Bill Dan B
Node B
Nym Network
Packet sent
Node A John Doe
Packet sent
Node D Dan Rather
Packet sent
Node C
Node E Bill O'Reilly
34
Routing Demo
Node As Channel List Bill Dan B C
Node B
Nym Network
Packet received
Packet sent
Node A John Doe
Packet sent
Node D Dan Rather
Packet sent
Node C
Node E Bill O'Reilly
35
Routing Demo
Node As Channel List Bill Dan B C
Node B
Packet sent
Broadcast
Nym Network
Node A John Doe
Packet sent
Node D Dan Rather
Node C
Node E Bill O'Reilly
36
Routing Demo
Node As Channel List Bill Dan B C
Broadcast
Packet sent
Node B
Packet sent
Broadcast
Nym Network
Node A John Doe
Packet sent
Broadcast
Node D Dan Rather
Packet sent
Node C
Packet received
Node E Bill O'Reilly
37
Routing Demo
Node As Channel List Bill Dan B C
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Response packet sent
Node C
Node E Bill O'Reilly
38
Routing Demo
Node As Channel List Bill Dan B C
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Packet sent
Response packet sent
Node C
Node E Bill O'Reilly
39
Routing Demo
Node As Channel List Bill Dan B C
Node B
Nym Network
Node A John Doe
Packet sent
Node D Dan Rather
Packet sent
Response packet sent
Node C
Node E Bill O'Reilly
40
Routing Demo
Node As Channel List Bill Dan C B C
Node B
Nym Network
Packet received
Node A John Doe
Packet sent
Node D Dan Rather
Packet sent
Response packet sent
Node C
Node E Bill O'Reilly
41
Routing Demo
Node As Channel List Bill Dan C B C
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
42
The channel list builds up
Node As Channel List Bill Dan C B B
C C C B C
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
43
Now, we can route!
Node As Channel List Bill Dan C B B
C C C B C
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
44
Now, we can route!
Node As Channel List Bill Dan C B B
C C C B C
Select a node at random from the Dan column
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
45
Now, we can route!
Node As Channel List Bill Dan C B B
C C C B C
So send to node C
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
46
Note that there is a natural weighting of nodes
in the list
Node As Channel List Bill Dan C B B
C C C B C
This means that there are preferred routes.
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
47
Sometimes, we pick at random from an unweighted
channel list
Node As Channel List Bill Dan C B B
C C C B C
This prevents any routing patterns that may occur.
Node B
Nym Network
Node A John Doe
Node D Dan Rather
Node C
Node E Bill O'Reilly
48
Security
  • Confidentiality
  • Information should be kept secret from
    unauthorized parties.
  • Integrity
  • Information should be tamper evident.
  • The authenticity of the source of information
    should be verifiable.
  • Availability
  • Services should be resilient to malicious attacks

49
Security in Nym
  • Link-to-link encryption
  • Digital signing and verifying of text messages

50
Link-to-link versus end-to-end
  • Link-to-link encryption
  • Messages are encrypted and decrypted at each node
    in the network
  • Messages intercepted by parties outside the
    network will be unable to read the encrypted text
  • End-to-end encryption
  • Messages are encrypted with a secret key by the
    sender and are not decrypted until they reach the
    recipient

51
The Man-in-the-Middle
  • Secure end-to-end encryption is impossible in an
    anonymous network
  • An intermediary node between the sender and
    recipient can easily intercept a key exchange.
  • Link-to-link encryption
  • More robust against man in the middle attacks

52
Link to link (Symmetric key)
  • A 56-bit DES key is generated and exchanged when
    a connection is made with a neighbor
  • Both parties share this key, but no one else
    knows it
  • Much quicker than asymmetric encryption

53
RSA public/private key pair
  • RSA key pair is generated from username and
    password
  • Public key is essentially the virtual address
  • Asymmetric key pair is only used for digital
    signatures
  • To send a message to someone, sign it with your
    private key
  • The recipient uses your public key to validate it

54
Digital Signatures
  • Allow us to verify
  • who a message is from
  • that the message has not been changed since it
    was sent
  • Use the SHA-1 hash algorithm
  • Takes the message (under 264 bits)
  • Returns 160 bit message digest
  • Use RSA key pair

55
How digital signatures work
At Login
User A
User B
Public Key A
Public Key B
Username A
Username B
Private Key A
Private Key B
Password A
Password B
Virtual Address A
Virtual Address B
56
How digital signatures work
User A
User B
Public Key A
Private Key A
Private Key B
Public Key B
57
How digital signatures work
User A
User B
Message text
58
How digital signatures work
User A
User B
Message text
SHA-1
Message digest
59
How digital signatures work
User A
User B
Message text
SHA-1
Encrypt with Private key A
Message digest
Digital signature
60
How digital signatures work
User A
User B
Message
Message text
SHA-1
Encrypt with Private key A
Message digest
Digital signature
61
How digital signatures work
User A
User B
Message
Digital signature
Message text
Message
Message text
SHA-1
Encrypt with Private key A
Message digest
Digital signature
62
How digital signatures work
User A
User B
Message
Digital signature
Message text
Message
Message text
SHA-1
SHA-1
Message digest
Encrypt with Private key A
Message digest
Digital signature
63
How digital signatures work
User A
User B
Message
Digital signature
Message text
Decrypt with Public key A
Message
Message text
SHA-1
SHA-1
Message digest
Message digest
Encrypt with Private key A
Message digest
Digital signature
64
How digital signatures work
User A
User B
Message
Digital signature
Message text
Decrypt with Public key A
Message
Message text
SHA-1
SHA-1
Message digest
Message digest
Encrypt with Private key A
Message digest
Digital signature
Compare
65
Instant Messaging
  • Text communication
  • Presence notification
  • Contact list maintenance
  • Distributed search
  • User friendly interface

66
DEMO
67
Tradeoffs and Limitations
  • Anonymity
  • Statistical analysis
  • Textual analysis
  • Accidental disclosure
  • Scalability
  • Test results and predictions
  • Reliability
  • Routing loop avoidance

68
Extensions
  • Increased fault tolerance for dropped packets and
    routing loops
  • Group chat
  • Testing and research on anonymity scheme

69
Acknowledgements
  • Amy Csizmar Dalal and the CS department for
    guidance and support
  • Michael N. Tie and ITS for helping make our
    equipment work
  • MUTE and Jason Rohrer
  • Our friends and family for putting up with us
  • You all for being here today

70
(No Transcript)
71
References
  • Rohrer, Jason. MUTE Technical Details
    http//mute-net.sourceforge.net/technicalDetails.s
    html
  • http//www.bouncycastle.org/
  • Sun Microsystems http//java.sun.com
  • Freenet http//freenet.sourceforge.net
  • RFC 3921 XMPP http//www.xmpp.org
  • The Gnutella Protocol Specification v0.4
    http//www9.limewire.com/developer/gnutella_protoc
    ol_0.4.pdf
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Nym: An anonymous, secure, peertopeer instant messenger" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!