CIS-700: Topics on privacy and anonymity
Spring 2019
Instructor: Sebastian Angel
Room: Towne 305
Time: Tu/Th 12:00 - 1:30 PM
This course will cover selected topics on privacy-preserving technologies and anonymity. Some of the works that this course studies include the Tor anonymity network, Bitcoin, and the privacy-focused cryptocurrency zCash. The first half of each class will consist of a lecture providing the historical context and the general ideas of the papers assigned. The second half of each class will consist of a detailed discussion of the techniques, tradeoffs, and potential extentions of the papers assigned. Each student is expected to lead at least one discussion. In addition to lectures and discussions, this course includes a research project.
Research project
Propose and complete a research project in a related area (can be done in groups of at most 3 students). Example projects include (but are not limited to):
For those who prefer finding vulnerabilities in systems and protocols:
For those who prefer building systems:
For those who prefer the more theoretical aspects:
Students should submit a project proposal by February 14, and are encouraged to discuss with me their ideas prior to selecting a project. Students are expected to give an oral presentation of their project in class and turn in a final report by May 1.
While a large part of the material in this course is accessible to someone with a general CS background, familiarity with the content of either CIS 331, CIS 505, CIS 551, CIS 553, or CIS 556 (or their equivalent) is recommended.
Date | Topic | Required reading |
---|---|---|
Jan. 17 | Course overview and intro to anonymity | Anonymity terminology by Andreas Pfitzmann and Marit Hansen |
Jan. 22 | Mix networks |
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms by David Chaum Stop-and-Go-MIXes by Dogan Kesdogan, Jan Egner, and Roland Büschkes |
Jan. 24 | Traffic analysis attacks |
The disadvantages of free MIX routes and how to overcome them by Oliver Berthold, Andreas Pfitzmann, and Ronny Standtke Statistical Disclosure Attacks: Traffic Confirmation in Open Environments by George Danezis |
Jan. 29 | Peer-to-peer routing |
Crowds: Anonymity for Web Transactions by Michael K. Reiter and Aviel D. Rubin |
Jan. 31 | Attacks on peer-to-peer systems |
The Sybil attack by John R. Douceur Eclipse Attacks on Overlay Networks by Singh et al. |
Feb. 5 | Onion routing | Tor: The Second-Generation Onion Router by Roger Dingledine, Nick Mathewson, and Paul Syverson |
Feb. 7 | Attacks on onion routing | RAPTOR: Routing Attacks on Privacy in Tor by Sun et al. |
Feb. 12 | Mix networks (malicious mixes) |
Atom: Horizontally Scaling Strong Anonymity by Kwon et al. |
Feb. 14 | Dining cryptographer networks
Project proposal due |
The Dining Cryptographers Problem by David Chaum Dissent in Numbers: Making Strong Anonymity Scale by Wolinsky et al. |
Feb. 19 | Metadata-private messaging | Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis by van den Hooff et al. |
Feb. 21 | Dialing your friends |
Alpenhorn: Bootstrapping Secure Communication Without Leaking Metadata by David Lazar and Nickolai Zeldovich What's a little leakage between friends? by Sebastian Angel, David lazar, and Ioanna Tzialla |
Feb. 26 | Deniable participation | Deniable Upload and Download via Passive Participation by Sommer et al. |
Feb. 28 | Public key lookup and verification | CONIKS: Bringing Key Transparency to End Users by Melara et al. |
Mar. 5 | Spring break | |
Mar. 7 | Spring break | |
Mar. 12 | Secure two-party computation | A Gentle Introduction to Yao's Garbled Circuits by Sophia Yakoubov |
Mar. 14 | Censorship resistance | Blocking-resistant communication through domain fronting by Fifield et al. |
Mar. 19 | What does privacy mean to you? | Turtles, Locks, and Bathrooms: Understanding Mental Models of Privacy Through Illustration by Oates et al. |
Mar. 21 | Privacy in online advertising | Privad: Practical Privacy in Online Advertising by Saikat Guha, Bin Cheng, and Paul Francis |
Mar. 26 | Work on project (no lecture) | |
Mar. 28 | Work on project (no lecture) | |
Apr. 2 | Privacy in social networks | Persona: An Online Social Network with User-Defined Privacy by Baden et al. |
Apr. 4 | Privacy in location services | A Survey of Computational Location Privacy by John Krumm |
Apr. 9 | Privacy in media streaming services | Scalable and private media consumption with Popcorn by Gupta et al. |
Apr. 11 | Privacy in law enforcement | Open, privacy-preserving protocols for lawful surveillance by Aaron Segal, Joan Feigenbaum, and Bryan Ford |
Apr. 16 | Cryptocurrency |
Bitcoin by Satoshi Nakamoto SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies by Bonneau et al. |
Apr. 18 | Zero knowledge proofs |
Zero Knowledge proofs: An illustrated primer by Matthew Green Zero Knowledge proofs: An illustrated primer, Part 2 by Matthew Green |
Apr. 23 | Project presentations | |
Apr. 25 | Project presentations | |
Apr. 30 | Project presentations | |
May 1 | Project report due |