Our networks were not designed with privacy in mind, but protecting the privacy of network communications is critical for free and open communication in a democratic society. In this talk, two vulnerabilities in today’s network infrastructure will be introduced, these allow malicious entities to surveil online communications and infer sensitive information about citizens. It will also showcase our recent efforts to reimagine network communications to protect the privacy of both communication data and communication meta-data.
The internet’s public key infrastructure will be discussed, this infrastructure helps bootstrap encryption of our online communications. It will be demonstrated how adversaries, such as repressive regimes, can exploit vulnerabilities in Internet routing to attack the public key infrastructure and completely bypass the protections offered by encryption. These attacks challenge conventional beliefs about privacy of networked systems and show that the core foundations of internet encryption are at risk. A countermeasure will be introduced to protect our communications that was deployed at Let’s Encrypt, the world’s largest certificate authority. The deployed countermeasure has helped secure the issuance of over one billion digital certificates.
The privacy threat posed by revelation of meta-data information associated with online communications will also be examined. For example, today’s network infrastructure leaks the identities of the communicating parties, which allows repressive regimes to perform mass surveillance and censor access to information. Privacy enhancing technologies will be introduced, these will counter online surveillance and highlight challenges that need to be overcome for their widespread deployment.
Prateek Mittal is an associate professor of electrical and computer engineering at Princeton University, where he is also affiliated with Computer Science and is the interim director of the Center for Information Technology Policy. He is interested in the design and development of privacy-preserving and secure systems. His current interests include the domains of (1) privacy-enhancing technologies such as anonymous communication and statistical data privacy, (2) adversarial machine learning, and (3) Internet/network security.
A unifying theme in Mittal’s work is to manipulate and exploit structural properties of data and networked systems to solve privacy and security challenges facing our society. His research has applied this distinct approach to widely-used operational systems, and has used the resulting insights to influence system design and operation, including that of the Tor network and the Let’s Encrypt certificate authority, directly impacting hundreds of millions of users.
He is the recipient of Princeton University’s E. Lawrence Keyes, Jr. award for outstanding research and teaching, the NSF Career award, the ONR YIP award, the ARO YIP award, faculty research awards from IBM, Intel, Google, Cisco, and multiple award publications.
This talk will not be recorded.