Workshop Program

The privacy concerns associated with the popularity of online social networks have given rise to numerous research papers which focus on either storing the data in encrypted form, or decentralizing the network. However, without the incentive of being able to read private data, a centralized system cannot be sustained. A decentralized network does not rely on such incentives and can continue to operate based solely on user contributed resources. Unfortunately, current proposals either still rely on centralized components, a pre-existing friend-tofriend network, or incur substantial bandwidth overhead. This renders them useless for actual deployment.

ReClaim employs an existing technique to the PSI problem to build a semantic network wherein peers have connections to friends and friends-of-friends. This is achieved by a handshake which uses homomorphic encryption to privately determine which friends are shared amongst two peers. Afterwards, peers synchronize messages destined for friends, providing them with easy access to replicas. Moreover, storing those messages allows ReClaim to handle excessive churn (peers joining and leaving the network at a high rate), overcome NATfirewalls (by allowing for indirect communication), and allow friends to communicate without being online at the same time.

After describing the design of ReClaim, we implement a proof-of-concept application and show during extensive emulation that peers can connect to more than 60% of their friends within 10 minutes in a network consisting of 4000 peers. Moreover, within 10 minutes, peers using ReClaim can establish an indirect connection to 95% of their friends

Censorship circumvention systems that use HTTP as cover traffic make tradeoffs between deniability and performance by offering either deniability at the expense of performance (e.g., Infranet) or performance at the expense of deniability (e.g., StegoTorus). These systems do so because HTTP is typically very asymmetric, with very little capacity to carry covert data in each HTTP GET request; higher throughput channels achieve performance by generating sequences of HTTP GET requests that do not mimic normal user traffic patterns. Fortunately, the emergence of new web services makes it increasingly common for any individual HTTP GET requests to contain more entropy. For example, site-specific search services create GET requests that contain sequences of search terms that can encode more bits than a single deniable HTTP request otherwise would. In this paper, we design a new encoding technique that uses web search terms to encode hidden messages in an upstream channel for censorship circumvention; implement the encoding technique in a system that resists fingerprinting attacks; and compare the security and performance of Facade to existing censorship circumvention systems that use HTTP as cover traffic.

Motivated in part by the Snowden revelations, we address the question of whether intelligence and lawenforcement agencies can gather actionable, relevant information about unknown electronic targets without conducting dragnet surveillance. We formulate principles that we believe effective, lawful surveillance protocols should adhere to in an era of big data and global communication networks. We then focus on intersection of cell-tower dumps, a specific surveillance operation that the FBI has used effectively. As a case study, we present a system that computes such intersections in a privacy-preserving, accountable fashion. Preliminary experiments indicate that such a system could be efficient and usable, suggesting that privacy and accountability need not be barriers to effective intelligence gathering.

Data sovereignty, a catch-all term to describe different state behaviours towards data generated in or passing through national internet infrastructure, has become a topic of significant international debate in the wake of the Snowden revelations. A spectrum of approaches has emerged, with the United States and its allies viewing data 'localisation' as a threat to a free and open global internet and countries such as Russia, China and Brazil advocating for data sovereignty as a way of securing sensitive national data from foreign surveillance. This paper will examine BRICS-country approaches to data sovereignty, both by individual countries and as a group. Past participation by BRICS countries in internet governance forums will be examined, and a requirements analysis will be undertaken of data sovereignty needs. The risks posed by different interpretations of data sovereignty will be reviewed, with an assessment of whether the creation of a virtual 'BRICS bloc' would necessarily amount to full-scale internet Balkanisation.

Existing censorship measurement platforms frequently suffer from poor adoption, insufficient geographic coverage, and scalability problems. In order to outline an analytical framework and data collection needs for future ubiquitous measurements initiatives, we build on top of the existent and widely-deployed RIPE Atlas platform. In particular, we propose methods for monitoring the reachability of vital services through an algorithm that balances timeliness, diversity, and cost. We then use Atlas to investigate blocking events in Turkey and Russia. Our measurements identify under-examined forms of interference and provide evidence of cooperation between a well-known blogging platform and government authorities for purposes of blocking hosted content.

In this paper we demonstrate a side-channel technique to infer whether two machines are exchanging packets on the Internet provided that one of them is a Linux machine. For ICMP and UDP exchanges, we require that at least one machine is a Linux machine, and for TCP connections, we require that at least the server is a Linux machine. Unlike many side-channel measurement techniques, our method does not require that either machine be idle. That is, we make no assumptions about either machines’ traffic patterns with respect to other hosts on the Internet. We have implemented our technique, and we present the results of a proof-of-concept experiment showing that it can effectively measure whether hosts are communicating.