PriFi: Tracking-Resistant, Intra-Organizational Networking

Abstract

As the most serious cyber-attack threats shift from untargeted toward targeted, it is becoming correspondingly more crucial for organizations to protect the identity and locationprivacy of their members against malicious tracking and surveillance. In prior work with collaborator Bryan Ford of EPFL, the PI has developed PriFi, an anti-tracking and locationprivate network-access mechanism to protect members of an organization both while on-site (viaprivacy-protected WiFi networking) and while off-site (via privacy-protected Virtual Private Networking or VPN). PriFi builds on the state-of-the-art accountable-anonymity technology developed in the DARPA-funded DISSENT project,which is the only tracking-resistance foundation currently in existence that (a) offers formally provable cryptographic security guarantees against both outsider and insider threats, (b) can in principle provide this strong security with???single-hop??? network latencies where traffic passes through only one intermediate relay or VPN server, and (c) incorporates anonymous authentication and strong multi-layer defenses against anonymous abuse. PriFi is incrementally deployable within an organization or across organizations as software-based extensions to WiFi networking and VPN services, with client-side software that currently runs on PC/Mac laptops. The objectives of thisproject are to develop PriFi clients for Android and other open mobile platforms, while preserving compatibility provisions for other unmodified mobile WiFidevices, and to deploy and test the mobile-device version of PriFi in relevant organizational settings. Particularly suitable settings include government and financial organizations, in which wireless connections are often disallowedprecisely because of concerns about tracking. As in earlier work on PriFi, technical approaches will comprise formal design and analysis, implementation of and experimentation with prototype systems, and partnership with organizations that can benefit from using the systems.

Document Details

Document Type
DoD Grant Award
Publication Date
Jul 27, 2018
Source ID
N000141812743

Entities

People

  • Joan Feigenbaum

Organizations

  • Office of Naval Research
  • United States Navy
  • Yale University

Tags

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Computer Networking
  • Emergency Management and Homeland Security.

Technology Areas

  • Cyber