April 27, 2018, Amir Herzberg, University of Connecticut
Friday, April 27, 2018, 3pm-4pm
8 St. Mary’s Street, PHO 211
Refreshments at 2:45pm
University of Connecticut
Towards Practical Anonymous Messaging: AnonPoP and Beyond
Messaging applications are in wide use, but users are rightfully concerned about commercial and governmental surveillance. Popular messaging applications provide end-to-end encryption for data, but leave the sensitive metadata exposed – at least to the service providers. Existing proposals and systems for anonymous messaging are either impractical, due to excessive costs and complexity, or insecure, with anonymity depending on trusted provider(s).
We report on our research towards truly anonymous, yet practical, messaging systems. We present the Anonymous Post-office Protocol (AnonPoP), a messaging protocol ensuring strong anonymity to senders and recipients, even against powerful adversaries. AnonPoP utilizes two kinds of (possibly corrupt) servers: mixes and post-offices. AnonPoP is practical, scalable and efficient, with reasonable overhead in latency and communication. Furthermore, it is appropriate even for use in mobile devices, with modest, reasonable energy consumption (validated experimentally).
The AnonPoP design is not yet sufficient for a complete anonymous system. We discuss some of the additional required work, including several research directions (and some early results). These include an efficient anonymous notification protocol (AnoNotify), protocol to mitigate malicious mix servers, and investigation of mechanisms to securely setup the anonymous keying materials.
Joint work with George Danezis, Nethanel Gelernter, Hemi Leibowitz and Ania Piotrowska.
Amir Herzberg is the Comcast professor for Cybersecurity Innovation in the department of Computer Science and Engineering, University of Connecticut. His research focuses on cybersecurity, namely, protecting against abuse of Information and Communication Technologies. His research areas include: network security (esp. routing/DNS/transport, Denial-of-Service, Web), privacy and anonymity, applied cryptography, usable security, security for cyber-physical systems and social, economic and legal aspects of security.
Dr. Herzberg earned his Ph.D. in Computer Science in 1991 from the Technion in Israel. From 1991 to 1995, he worked at the IBM T.J. Watson Research Center, where he was a research staff member and the manager of the Network Security research group. From 1996 to 2000, Dr. Herzberg was the Manager of E-Business and Security Technologies at the IBM Haifa Research Lab. From 2002 to 2017, he was a professor in Bar Ilan University, Israel.
Dr. Herzberg is the author of more than 150 research papers, five book chapters, and 24 patents. He has served on technical program committees of over 40 conferences, delivered keynote and plenary addresses at ten conferences, organized multiple professional events, and served as editor in journals. Dr. Herzberg is recipient of the Internet Society’s Applied Networking Research award, 2017, and area chair, IEEE Conference on Communications and Network Security, 2013, 2014, 2016, and 2017.
Faculty Host: Ari Trachtenberg
Student Host: Rebecca Swaszek