research-article

The decoupling principle: a practical privacy framework

Authors:

Christopher Wood, and

Barath RaghavanAuthors Info & Claims

HotNets '22: Proceedings of the 21st ACM Workshop on Hot Topics in Networks

November 2022

Pages 213 - 220

https://doi.org/10.1145/3563766.3564112

Published: 14 November 2022 Publication History

Abstract

The three decade struggle to ensure Internet data confidentiality---a key aspect of communications privacy---is finally behind us. Encryption is fast, secure, and standard in all browsers, modern transports, and major protocols. Yet it has long seemed that network privacy is not unified by core principles but a grab bag of techniques and ideas applied to an equally wide range of applications, contexts, layers of infrastructure, and software stacks.

Here we attempt to distill a principle---one that is old but seldom discussed as such---for building privacy into Internet services. We explore what privacy properties are desirable and achievable when we apply this principle. We evaluate several classic systems and ones that have been recently deployed with this principle applied, and discuss future directions for network privacy building upon these efforts.

References

[1]

Apple. 2021. iCloud Private Relay Overview. https://www.apple.com/privacy/docs/iCloud_Private_Relay_Overview_Dec2021.PDF. (Dec. 2021).

[2]

Hari Balakrishnan, Sujata Banerjee, Israel Cidon, David Culler, Deborah Estrin, Ethan Katz-Bassett, Arvind Krishnamurthy, Murphy McCauley, Nick McKeown, Aurojit Panda, Sylvia Ratnasamy, Jennifer Rexford, Michael Schapira, Scott Shenker, Ion Stoica, David Tennenhouse, Amin Vahdat, and Ellen Zegura. 2021. Revitalizing the Public Internet by Making It Extensible. SIGCOMM Comput. Commun. Rev. 51, 2 (May 2021), 18--24.

Digital Library

[3]

M. Bishop. 2022. HTTP/3. Internet Engineering Task Force, Proposed RFC 9114 (2022).

[4]

David Chaum. 1983. Blind signatures for untraceable payments. In Advances in cryptology. Springer, 199--203.

[5]

David Chaum. 1984. Blind signature system. In Advances in cryptology. Springer, 153--153.

[6]

David L Chaum. 1981. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24, 2 (1981), 84--90.

Digital Library

[7]

Henry Corrigan-Gibbs and Dan Boneh. 2017. Prio: Private, robust, and scalable computation of aggregate statistics. In 14th USENIX symposium on networked systems design and implementation (NSDI 17). 259--282.

[8]

Joseph Cox. 2019. I Gave a Bounty Hunter $300. Then He Located Our Phone. https://motherboard.vice.com/en_us/article/nepxbz/i-gave-a-bounty-hunter-300-dollars-located-phone-microbilt-zumigo-tmobile. (Jan. 2019).

[9]

Joseph Cox. 2019. Stalkers and Debt Collectors Impersonate Cops to Trick Big Telecom Into Giving Them Cell Phone Location Data. https://www.vice.com/en_us/article/panvkz/stalkers-debt-collectors-bounty-hunters-impersonate-cops-phone-location-data. (March 2019).

[10]

Debajyoti Das, Sebastian Meiser, Esfandiar Mohammadi, and Aniket Kate. 2018. Anonymity trilemma: Strong anonymity, low bandwidth overhead, low latency-choose two. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 108--126.

[11]

Alex Davidson, Ian Goldberg, Nick Sullivan, George Tankersley, and Filippo Valsorda. 2018. Privacy Pass: Bypassing Internet Challenges Anonymously. Proceedings on Privacy Enhancing Technologies 2018 (06 2018), 164--180.

[12]

A. Davidson, J. Iyengar, and C. A. Wood. 2022. Privacy Pass Architectural Framework. Internet-Draft. Internet Engineering Task Force. https://www.ietf.org/archive/id/draft-ietf-privacypass-architecture-03.html Work in Progress.

[13]

R Dingledine, N Mathewson, and P Syverson. 2004. Tor: the second-generation onion router', USENIX Security Symposium. (2004).

Digital Library

[14]

Tim Geoghegan, Christopher Patton, Eric Rescorla, and Christopher A. Wood. 2022. Distributed Aggregation Protocol for Privacy Preserving Measurement. Internet-Draft draft-ietf-ppm-dap-00. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap-00 Work in Progress.

[15]

John Gilliom. 2001. Overseers of the poor: Surveillance, resistance, and the limits of privacy. University of Chicago Press.

[16]

Benjamin Greschbach, Tobias Pulls, Laura M. Roberts, Philipp Winter, and Nick Feamster. 2017. The Effect of DNS on Tor's Anonymity. In Network and Distributed System Security Symposium, NDSS. San Diego, CA.

[17]

Stephen Herwig, Christina Garman, and Dave Levin. 2020. Achieving Keyless {CDNs} with Conclaves. In 29th USENIX Security Symposium (USENIX Security 20). 735--751.

[18]

Austin Hounsel, Paul Schmitt, Kevin Borgolte, and Nick Feamster. 2021. Encryption without Centralization: Distributing DNS Queries across Recursive Resolvers. In Proceedings of the Applied Networking Research Workshop (ANRW '21).

Digital Library

[19]

Jana Iyengar and Martin Thomson. 2021. QUIC: A UDP-based multiplexed and secure transport. Internet Engineering Task Force, RFC 9000 (2021).

Digital Library

[20]

Kate Kaye. 2015. The $24 Billion Data Business That Telcos Don't Want to Talk About. https://adage.com/article/datadriven-marketing/24-billion-data-business-telcos-discuss/301058/?mod=article_inline. (26 Oct. 2015).

[21]

Craig Labovitz, Scott Iekel-Johnson, Danny McPherson, Jon Oberheide, and Farnam Jahanian. 2010. Internet Inter-Domain Traffic. In SIGCOMM 2010. New Delhi, India.

[22]

Adam Langley, Alistair Riddoch, Alyssa Wilk, Antonio Vicente, Charles Krasic, Dan Zhang, Fan Yang, Fedor Kouranov, Ian Swett, Janardhan Iyengar, et al. 2017. The quic transport protocol: Design and internet-scale deployment. In Proceedings of ACM SIGCOMM.

Digital Library

[23]

Tai Liu, Zain Tariq, Jay Chen, and Barath Raghavan. 2017. The barriers to overthrowing internet feudalism. In Proceedings of the 16th ACM Workshop on Hot Topics in Networks. 72--79.

Digital Library

[24]

Rebecca MacKinnon. 2013. Consent of the Networked: The Worldwide Struggle For Internet Freedom. Basic Books (AZ).

Digital Library

[25]

Robert W McChesney. 2013. Digital disconnect: How capitalism is turning the Internet against democracy. New Press, The.

[26]

Yoshimichi Nakatsuka, Ercan Ozturk, Andrew Paverd, and Gene Tsudik. 2021. {CACTI}: Captcha Avoidance via Client-side {TEE} Integration. In 30th USENIX Security Symposium (USENIX Security 21). 2561--2578.

[27]

Enric Pujol, Ingmar Poese, Johannes Zerwas, Georgios Smaragdakis, and Anja Feldmann. 2019. Steering Hyper-Giants' Traffic at Scale. In CoNEXT 2019. Orlando, FL.

Digital Library

[28]

Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher A. Wood. 2022. TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-14. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-14 Work in Progress.

[29]

Paul Schmitt, Anne Edmundson, Allison Mankin, and Nick Feamster. 2019. Oblivious DNS: Practical Privacy for DNS Queries. Proceedings on Privacy Enhancing Technologies 2019 (04 2019), 228--244.

[30]

Paul Schmitt and Barath Raghavan. 2021. Pretty Good Phone Privacy. In USENIX Security 2021. virtual.

[31]

Bruce Schneier. 2012. Liars and outliers: enabling the trust that society needs to thrive. John Wiley & Sons.

[32]

Bruce Schneier. 2012. When it comes to security, we're back to feudalism. Schneier on Security (2012).

[33]

Bruce Schneier. 2015. Data and Goliath: The hidden battles to collect your data and control your world. WW Norton & Company.

Digital Library

[34]

Bruce Schneier. 2018. Surveillance Kills Freedom By Killing Experimentation. https://www.wired.com/story/mcsweeneys-excerpt-the-right-to-experiment/. (Nov. 2018).

[35]

Sudheesh Singanamalla, Suphanat Chunhapanya, Jonathan Hoyland, Marek Vavruša, Tanya Verma, Peter Wu, Marwan Fayed, Kurtis Heimerl, Nick Sullivan, and Christopher Wood. 2021. Oblivious DNS over HTTPS (ODoH): A Practical Privacy Enhancement to DNS. Proceedings on Privacy Enhancing Technologies 2021 (10 2021), 575--592.

[36]

Paul F Syverson, David M Goldschlag, and Michael G Reed. 1997. Anonymous connections and onion routing. In Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No. 97CB36097). IEEE, 44--54.

Digital Library

[37]

Ken Thompson. 1984. Reflections on trusting trust. Commun. ACM 27, 8 (1984), 761--763.

Digital Library

[38]

Martino Trevisan, Danilo Giordano, Idilio Drago, Marco Mellia, and Maurizio Munafo. 2018. Five Years at the Edge: Watching Internet from the ISP Network. In CoNEXT 2018. Heraklion, Greece.

Digital Library

[39]

Zack Whittaker. 2018. US Cell Carriers are Selling Access to Your Real-Time Phone Location Data. https://www.zdnet.com/article/us-cell-carriers-selling-access-to-real-time-location-data/. (14 May 2018).

[40]

Shoshana Zuboff. 2015. Big other: surveillance capitalism and the prospects of an information civilization. Journal of information technology 30, 1 (2015), 75--89.

Cited By

De Coninck QKalantari SSion LHughes DEskicioglu RHuang PPatwari N(2023)URLink: Using Names As Sole Internet Addresses to Tackle Scanning Attacks in IoTProceedings of the First International Workshop on Security and Privacy of Sensing Systems10.1145/3628356.3630115(15-21)Online publication date: 12-Nov-2023
https://dl.acm.org/doi/10.1145/3628356.3630115
Wood C(2023)Not-So-Low Hanging FruitProceedings of the Applied Networking Research Workshop10.1145/3606464.3606481(41-43)Online publication date: 24-Jul-2023
https://dl.acm.org/doi/10.1145/3606464.3606481
Wood C(2023)Hot Topics in Security and Privacy Standardization at the IETF and BeyondIEEE Security and Privacy10.1109/MSEC.2023.323707121:2(57-62)Online publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1109/MSEC.2023.3237071
Show More Cited By

Index Terms

The decoupling principle: a practical privacy framework
1. Security and privacy
  1. Security services
    1. Privacy-preserving protocols
    2. Pseudonymity, anonymity and untraceability

Recommendations

Information revelation and internet privacy concerns on social network sites: a case study of facebook
C&T '09: Proceedings of the fourth international conference on Communities and technologies

Despite concerns raised about the disclosure of personal information on social network sites, research has demonstrated that users continue to disclose personal information. The present study employs surveys and interviews to examine the factors that ...
Read More
Freedom of Privacy: Anonymous Data Collection with Respondent-Defined Privacy Protection

The massive amount of sensitive survey data about individuals that agencies collect and share through the Internet is causing a great deal of privacy concerns. These concerns may discourage individuals from revealing their sensitive information. ...
Read More
Doxing: a conceptual analysis

Doxing is the intentional public release onto the Internet of personal information about an individual by a third party, often with the intent to humiliate, threaten, intimidate, or punish the identified individual. In this paper I present a conceptual ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HotNets '22: Proceedings of the 21st ACM Workshop on Hot Topics in Networks

November 2022

252 pages

ISBN:9781450398992

DOI:10.1145/3563766

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 November 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

HotNets '22

Sponsor:

SIGCOMM

HotNets '22: The 21st ACM Workshop on Hot Topics in Networks

November 14 - 15, 2022

Texas, Austin

Acceptance Rates

Overall Acceptance Rate 110 of 460 submissions, 24%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
437
Total Downloads

Downloads (Last 12 months)53
Downloads (Last 6 weeks)4

Other Metrics

View Author Metrics

Citations

Cited By

De Coninck QKalantari SSion LHughes DEskicioglu RHuang PPatwari N(2023)URLink: Using Names As Sole Internet Addresses to Tackle Scanning Attacks in IoTProceedings of the First International Workshop on Security and Privacy of Sensing Systems10.1145/3628356.3630115(15-21)Online publication date: 12-Nov-2023
https://dl.acm.org/doi/10.1145/3628356.3630115
Wood C(2023)Not-So-Low Hanging FruitProceedings of the Applied Networking Research Workshop10.1145/3606464.3606481(41-43)Online publication date: 24-Jul-2023
https://dl.acm.org/doi/10.1145/3606464.3606481
Wood C(2023)Hot Topics in Security and Privacy Standardization at the IETF and BeyondIEEE Security and Privacy10.1109/MSEC.2023.323707121:2(57-62)Online publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1109/MSEC.2023.3237071
Trevisan MDrago ISchmitt PBronzino F(2023)Measuring the Performance of iCloud Private RelayPassive and Active Measurement10.1007/978-3-031-28486-1_1(3-17)Online publication date: 21-Mar-2023
https://dl.acm.org/doi/10.1007/978-3-031-28486-1_1

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents