The Main Objectives
To provide a theoretical background for the development implementation and security evaluation of security and privacy enhancing protocols.
To develop multilateral security applications
To evaluate the performance of the new protocols.
Computer aided communication is exerting increasing influence on business and private life. Companies use computers to exchange strategic information or to transfer payments. Private users ordering and paying over the Internet. Even 'classic' telephone calls are transmitted by computers. Although security of the technology is a prerequisite for trustworthy usage of telecommunication. In their current form many networks, e.g. the Internet, offer neither privacy of correspondence nor secure identification of the sender of a message. Depending on the parties who require security e.g. users, service providers or network operators, security requirements differ and may even conflict. As a result an essential element for the design of communication systems is to balance the security requirements of all parties in an acceptable way. Multilateral Security offers a solution by allowing users to individually define and enforce their security requirements.
Location Based Services (LBS) are personalized distributed applications, that provide a context dependent service. The service relies on additional information about the user. As the name suggests it, this especially constitutes his current position. But in some cases extensive user profiles can also be required. As the different entities involved in the service can not be assumed to be trustworthy, misuse of the provided personal data can occur. Therefore privacy enhancing techniques have to be developed, that enable the service without endangering the users privacy.
While some parts of secure communication are already well understood, like e.g. encryption, there are others that are new and need basic research. This especially applies to network address anonymity. Topics of special interest in this area include measurements for provided security, user side and developer side usability, performance and quality of service.
Voice-over-IP is used to transfer voice and signaling over packet-switched IP-networks instead of circuit-switched networks like in classical telephony. The advantages of this are lower per-call costs and less need of infrastructure. Since data and voice share the same network lines, the security problems of data-networks are passed to the telephony-services (see Security in VoIP). Formerly only with difficulty feasible attacks on privacy or denial-of-service can now be accomplished with the help of already existing tools, for example packet sniffers. On the side of the network-carrier it is also probable that long solved problems like toll fraud arise again. A further problem is the spoofing of identification, that allow phishing attacks.
The solution of these security problems is made difficult by the high requirements of VoIP on quality of service and the lack of computational power in small embedded devices as IP-telephones are.
The transaction-based approach is in general similar to the specification-based approach as it formally describes positive behaviour. In contrast to the specification based-approach it specifies the desired actions and sequence of actions by the definition of transactions. This explicit definition of allowed transactions becomes an integral part of the local security policy. On the one hand, the expected behavior of the network protocol stack is well defined. This allows the application of non-intelligent techniques to monitor it. On the other hand, users are less predictable in their behavior and therefore complex techniques must be applied.
The application of an IDS (Intrusion Detection System) explicitly introduces a surveillance facility, which weakens the security and privacy of the monitored users. Obviously, there is a conflict between the organizations need for security on the one side, and individuals need for privacy on the other. This conflict can be avoided by the application of a multilateral secure IDS, i.e. an IDS which allows all involved parties to protect their own interests. A multilateral secure IDS must obey two major design principles: data avoidance and data reduction. Following the principle of data avoidance a user should only be forced to disclose the minimum of information necessary to the IDS. Data avoidance is especially relevant in the context of identification and authentication. An IDS does not need to know the identity of a monitored user, until it provably detects an abuse. Data reduction stresses the fact, that an audit stream contains a lot of unsuspicious events. There is no need - at least from a security point of view to store these events or to make them accessible to a human operator.
The goal of the 'old' theory is to suggest techniques providing complete and possibly even perfect anonymity. In our work we show that this can only be achieved if the number of users is restricted and their identities are well known (closed environment). However, we need these techniques for an open environment, e.g. the Internet, with millions of users. Where up to now it has not been possible to provide perfect security. Therefore, we suggested probabilistic anonymity. This new anonymity evaluation model requires a publicly known security parameter, which determines the security of the protocol. Therefore, the insecurity of the protocol should approach zero at an exponential rate as the security parameter is changed linearly (compare this also with cryptography). We have demonstrated probabilistic anonymity by suggesting a new protocol called SG-MIXes.
Today, anonymity has become a hot topic on the Internet, as illustrated by several recent publications and implementations (see Freehaven Bibliography). However, anonymity is not a new topic at all. While the main goal of the former, mostly theoretical works was to provide full or even perfect protection, the focus of current research has moved towards practical anonymity. Consequently, most existing systems reduce the security to achieve higher performance.
Within the project PRIME we were developing an anonymity system that is secure against a strong attacker model. Therefore, we evaluate the feasibility and costs of anonymity in the Internet and explore several deployment opportunities. Our goal is to develop, implement and evaluate a secure and scalable anonymity technique that withstands traffic analysis.