Privacy in the Internet (Without Giving up Everything Else)


March 13, 2017


David Naylor


Carnegie Mellon University


“Using the Internet inherently entails privacy risks. Each packet, potentially carrying information that users would rather keep private, is exposed to a network infrastructure operated by a number of third parties the user may not trust and likely cannot even identify. In some cases, the user may not even trust the recipient.
Techniques exist to protect user privacy, but they typically do so at the expense of other desirable properties. For example, anonymity services like Tor hide a packet’s true sender, but weaken accountability by making it
difficult for network administrators or law enforcement to track down malicious senders. Similarly, encryption hides application data from third parties, but prevents the use of middleboxes—devices that process packets in
the network to improve performance (like caches) or security (like intrusion detection systems). In this talk, I’ll present techniques for managing these “”Privacy vs. X”” conflicts, including a new network architecture that re-thinks basic networking building blocks like packet source addresses and new secure communication protocols that explicitly balance data privacy with the benefits of middleboxes. ”