Rachna Dhamija (rachna@sims.berkeley.edu)
CS 261 - Fall 2000
Project Proposal

Dave- I have included two proposals. Both are user studies (of a sort) that I plan to work on this semester, but I'm not sure which project is most suitable for this class. Also, I have discussed working with Ka-Ping Yee and Miriam Walker, but this will be decided when Ping returns from his trip this week. As soon as we decide, I'll update you and this proposal accordingly. I'd appreciate any feedback you might have. Thanks.

Proposal 1: Freenet security analysis and visualization

The idea for this project is based on ongoing discussions with Brandon Wiley of the Freenet project.
I plan to work on parts of this project in conjunction with the Information Visualization course taught by Marti Hearst.

Team members: Rachna Dhamija [possibly also Danyel Fisher, Ka-Ping Yee and Miriam Walker]

Project Description:

The first goal of this project is to conduct a security analysis of one peer to peer system (preferably Freenet, but Gnutella is also a possibility discussed below), theoretically and in practice. In particular I am interested in trust establishment, mechanisms for dealing with the existence of hostile nodes within the network and the insertion of bogus malicious/files. For example, Freenet aims to use positive and negative feedback loops that bring requests for information to a node, or to keep requests away from bad nodes. Thus far no solutions to accomplish this have been successfully implemented. Potential mechanisms to foster trust in peer to peer environments (for example allowing clients to vote on the validity of the information returned on requests, enforcing that all documents be indexed by a content hash, and web of trust type metrics) will be explored.

The second goal is to conduct an experiment to analyze the security of Freenet in practice by collecting usage data from participating Freenet nodes. The point of this study is to detect security and routing problems in a real, running network which can not be detected through simulation. Currently the Freenet project uses a simulator to generate statistics based on hypothetical network topologies and events. The system designers desire a visualization that is based on real nodes (instead of simulated ones) to discover patterns of use (network topologies formed, degree of repetition in the keys that are requested) so that the effectiveness of various algorithms under various usage patterns can be analyzed. In particular, we would like to be able to answer questions such as:

network topology- what topologies are formed? how do they change over time?
information flow- how do files propagate within and across networks? how often do key/file collisions occur? (Freenet has no mechanism to deal with collisions that occur with two previously unconnected networks)
survivability- what is the degree of connectedness? how tolerant is the network to error and attack?
scalability- where do bottlenecks occur, how can routing algorithms be optimized?
queries- what percentage of queries are satisfied? how long does it take?

We are currently exploring mechanisms to collect data from Freenet nodes about what nodes they see and other logging data. In the event that we are not able to do so in a reasonable amount of time, our fallback will be to analyze the Gnutella network first for the purpose of this project (it is possible to instrument a Gnutella client to log data).

Long term goal: Ultimately, we would like to build a visualization tool that will allow running Freenet nodes to connect to a server. Nodes will tell the server what nodes they know about so that we can graph the portion of the network which chooses to participate in visualization. The nodes can also feed in logging data (connection established, file transferred, etc.) and then the visualizer can display event information and statistical information. So, for instance, you could ask it to "show the path that a request for key X takes" or "show the success rate of requests on different nodes" and the results will be visually displayed.

Plan of Attack: [grey entries are related milestones for the infoviz class]

References:

Freenet: A Distributed Anonymous Information Storage and Retrieval System, Clarke Workshop on Design Issues in Anonymity and Unobservability July 25-26, 2000 International Computer Science Institute (ICSI), Berkeley, California [postscript , gzip]

Security Aspects of Napster and Gnutella, an overview talk given by Steve Bellovin, June 2000 (HTML slides)

Free Riding on Gnutella- Eytan Adar and Bernardo Huberman, Xerox PARC- An example of an experiment which sampled user traffic on Gnutella over a 24-hour period to show a significant amount of free riding in the system.

Proposal 2: Deja Vu Implementation & User Study

Team Members: Rachna Dhamija, in collaboration with Adrian Perrig and possibly a URO student

History of this project: Last semester, I worked with Adrian Perrig on a project to address weaknesses of knowledge-based authentication schemes. The system we developed, Déjà Vu, authenticates users through their ability to recognize previously seen images, rather than having to precisely remember a PIN or password. To authenticate, the user is asked to select his own images from a challenge set (the users portfolio + some decoy images). We developed a prototype of Déjà Vu and then conducted a user study that compared it to traditional password and PIN authentication. We found that it was more reliable and easier to use than traditional schemes. It also has the advantage that it prevents users from choosing weak passwords and makes it difficult to write down or share passwords with others.

Next steps: Rather than just a prototype, we would like to implement a secure working version of the system (based on EKE -- we originally proposed a Kerberos based scheme). In particular this version will address a vulnerability that exists with the current prototype, susceptibility to intersection attacks (which occur when an attacker tries to take the intersection of challenge sets seen to discover the portfolio). One solution is to always present the same challenge set to the user (so that the intersection of several challenge sets reveals nothing). This method has a number of other advantages, however we are not certain if users will start to remember decoy images as their own after repeatedly viewing them. A multi-stage authentication is an other way to overcome intersection attacks (asking the user in several stages to determine if any of his portfolio images is present and only showing more images if the answer is correct). How do these methods compare in practice? We propose to conduct a user study to find out.

The user study will be designed to answer the following questions:

If the same challenge is repeatedly presented to the user, will a user mistake decoy images for his own?

What is the the effect of the same challenge set authentication vs. multi-stage authentication?

What are the effects of long term repeated use and of multiple portfolios? (this will require a long term study)

How do image portfolios compare to passwords and PINs?

Measurements will include time to create passwords/portfolios, login time, errors made, number of failed logins and qualitative measures such as comfort level.

Plan of Attack (milestones and dates):

References:

Deja Vu: A User Study. Using Images for Authentication, Rachna Dhamija and Adrian Perrig, proceedings of the 9th USENIX Security Symposium, August 2000, Denver, Colorado

Hash Visualization in User Authentication, Rachna Dhamija, CHI 2000 shortpaper proceedings, April 2000, The Hague, Netherlands

Hash Visualization: a way to improve real world security, Adrian Perrig and Dawn Song. International Workshop on Cryptographic Techniques and E-Commerce CrypTEC '99.