Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer

PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer Abstract We identify two vulnerabilities for existing highspeed network-layer anonymity protocols, such as LAP and Dovetail. First, the header formats of LAP and Dovetail leak path information, reducing the anonymity-set size when an adversary launches topological attacks. Second, ASes can launch session hijacking attacks to deanonymize destinations. HORNET addresses these problems but incurs additional bandwidth overhead and latency. In this paper, we propose PHI, a Path-HIdden lightweight anonymity protocol that solves both challenges while maintaining the same level of efficiency as LAP and Dovetail. We present an efficient packet header format that hides path information and a new back-off setup method that is compatible with current and future network architectures. Our experiments demonstrate that PHI expands anonymity sets of LAP and Dovetail by over 30x and reaches 120 Gbps forwarding speed on a commodity software router. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Proceedings on Privacy Enhancing Technologies de Gruyter

PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer

Download PDF
18 pages

Loading next page...
 
/lp/de-gruyter/phi-path-hidden-lightweight-anonymity-protocol-at-network-layer-tPAwPxIFni
Publisher
de Gruyter
Copyright
Copyright © 2017 by the
ISSN
2299-0984
eISSN
2299-0984
DOI
10.1515/popets-2017-0007
Publisher site
See Article on Publisher Site

Abstract

Abstract We identify two vulnerabilities for existing highspeed network-layer anonymity protocols, such as LAP and Dovetail. First, the header formats of LAP and Dovetail leak path information, reducing the anonymity-set size when an adversary launches topological attacks. Second, ASes can launch session hijacking attacks to deanonymize destinations. HORNET addresses these problems but incurs additional bandwidth overhead and latency. In this paper, we propose PHI, a Path-HIdden lightweight anonymity protocol that solves both challenges while maintaining the same level of efficiency as LAP and Dovetail. We present an efficient packet header format that hides path information and a new back-off setup method that is compatible with current and future network architectures. Our experiments demonstrate that PHI expands anonymity sets of LAP and Dovetail by over 30x and reaches 120 Gbps forwarding speed on a commodity software router.

Journal

Proceedings on Privacy Enhancing Technologiesde Gruyter

Published: Jan 1, 2017

References

  • Anonymity unobservability and pseudonymity a proposal for terminology In PETS
    Pfitzmann
  • Stealthy traffic analysis of low - latency anonymous communication using throughput fingerprinting In
    Mittal
  • Tor instead of ip In
    Liu
  • Tarzan peer to - peer anonymizing network layer In
    Freedman
  • a new interdomain routing architecture on
    Yang
  • HORNET High - speed onion routing at the network layer In
    Chen
  • AS relationship dataset http www caida org data as relationships
    CAIDA
  • Design of a type III anonymous remailer protocol In
    Danezis
  • iPlane dataset http iplane cs washington edu data data html
  • Blond scalable traffic analysis resistant anonymity network for VoIP systems In
    Le
  • Blond Towards efficient traffic - analysis resistant anonymity networks In
    Le
  • Low - cost traffic analysis of Tor In
    Murdoch
  • electronic mail return addresses and digital pseudonyms Feb
    Chaum
  • Sphinx compact and provably secure mix format In
    Danezis
  • HORNET High - speed onion routing at the network layer In
    Chen
  • curve donna https code google com p curve donna
  • Dovetail Stronger anonymity in next - generation internet routing In PETS
    Sankey
  • Tor The second - generation onion router In
    Dingledine
  • curve donna https code google com p curve donna
  • An architecture for anonymous low - volume communications In PETS
    Danezis
  • Avoiding traceroute anomalies with Paris traceroute In
    Augustin
  • Sphinx compact and provably secure mix format In
    Danezis
  • LAP Lightweight anonymity privacy In
    Hsiao
  • Mixing email with babel In
    Gülcü
  • Avoiding traceroute anomalies with Paris traceroute In
    Augustin
  • border gateway protocol
    Rekhter
  • electronic mail return addresses and digital pseudonyms Feb
    Chaum
  • SCION control isolation on next - generation networks In
    Zhang
  • An architecture for anonymous low - volume communications In PETS
    Danezis
  • Tor The second - generation onion router In
    Dingledine
  • The invisible internet project https geti net en
  • iPlane dataset http iplane cs washington edu data data html
  • routing
    Godfrey
  • Dovetail Stronger anonymity in next - generation internet routing In PETS
    Sankey
  • protocol for scalable anonymous communication In
    Sherwood
  • Mixing email with babel In
    Gülcü
  • protocol version Internet Draft
    Möller
  • RAINBOW robust and invisible non - blind watermark for network flows In
    Houmansadr
  • The Internet Traces equinix chicago http www caida org data passive passive dataset xml
    CAIDA UCSD Anonymized
  • Locating hidden servers In
    Overlier
  • in numbers Making strong anonymity scale In
    Wolinsky
  • Data Plane Kit http dpdk org
    DPDK
  • Performance improvements on Tor or why Tor is slow and what we re going to do about it http www torproject org press presskit performance pdf
    Dingledine
  • Tor project https www torproject org
  • Performance improvements on Tor or why Tor is slow and what we re going to do about it http www torproject org press presskit performance pdf
    Dingledine
  • The invisible internet project https geti net en
  • Tor metrics users by country https metrics torproject org userstats relay country html Retrieved on Nov
    Ddrect
  • Tarzan peer to - peer anonymizing network layer In
    Freedman
  • On the effectiveness of traffic analysis against anonymity networks using flow records In
    Chakravarty
  • collecting phone records of millions of verizon customers daily http www theguardian com world jun nsa phone records verizon court order
  • The traffic analysis of continuous - time mixes In PETS
    Danezis
  • Anonymity unobservability and pseudonymity a proposal for terminology In PETS
    Pfitzmann
  • Anonymous named data networking application arXiv preprint arXiv
    DiBenedetto
  • collecting phone records of millions of verizon customers daily http www theguardian com world jun nsa phone records verizon court order
  • Blond scalable traffic analysis resistant anonymity network for VoIP systems In
    Le
  • Web mixes system for anonymous and unobservable internet access In PETS
    Berthold
  • Anonymous named data networking application arXiv preprint arXiv
    DiBenedetto
  • Tor instead of ip In
    Liu
  • RAINBOW robust and invisible non - blind watermark for network flows In
    Houmansadr
  • Web mixes system for anonymous and unobservable internet access In PETS
    Berthold
  • Tin How much anonymity does network latency leak on Information and System
    Hopper
  • Tor metrics users by country https metrics torproject org userstats relay country html Retrieved on Nov
    Ddrect
  • Sample https software intel com enus articles download the intel aesni sample library
    AESNI
  • The Internet Traces equinix chicago http www caida org data passive passive dataset xml
    CAIDA UCSD Anonymized
  • Global surveillance disclosures present https en wikipedia org wiki Global surveillance disclosures present
  • claffy The Internet AS - level topology Three data sources and one definitive metric Jan
    Mahadevan
  • a new interdomain routing architecture on
    Yang
  • Blond Towards efficient traffic - analysis resistant anonymity networks In
    Le
  • TestCenter http www spirent com media Datasheets Broadband PAB SpirentTestCenter STC Packet Generator Analyzer BasePackage datasheet pdf
    Spirent
  • Tor project https www torproject org
  • The dining cryptographers problem : Unconditional sender and recipient untraceability of
    Chaum
  • Locating hidden servers In
    Overlier
  • Global surveillance disclosures present https en wikipedia org wiki Global surveillance disclosures present
  • Sample https software intel com enus articles download the intel aesni sample library
    AESNI
  • protocol version Internet Draft
    Möller
  • Low - cost traffic analysis of Tor In
    Murdoch
  • border gateway protocol
    Rekhter
  • The traffic analysis of continuous - time mixes In PETS
    Danezis
  • claffy The Internet AS - level topology Three data sources and one definitive metric Jan
    Mahadevan
  • Practical traffic analysis Extending and resisting statistical disclosure In PETS
    Mathewson
  • Data Plane Kit http dpdk org
    DPDK
  • Design of a type III anonymous remailer protocol In
    Danezis
  • SCION control isolation on next - generation networks In
    Zhang
  • routing
    Godfrey
  • Practical traffic analysis Extending and resisting statistical disclosure In PETS
    Mathewson
  • Tin How much anonymity does network latency leak on Information and System
    Hopper
  • Stealthy traffic analysis of low - latency anonymous communication using throughput fingerprinting In
    Mittal
  • LAP Lightweight anonymity privacy In
    Hsiao
  • On the effectiveness of traffic analysis against anonymity networks using flow records In
    Chakravarty
  • The dining cryptographers problem : Unconditional sender and recipient untraceability of
    Chaum
  • AS relationship dataset http www caida org data as relationships
    CAIDA
  • TestCenter http www spirent com media Datasheets Broadband PAB SpirentTestCenter STC Packet Generator Analyzer BasePackage datasheet pdf
    Spirent
  • protocol for scalable anonymous communication In
    Sherwood
  • in numbers Making strong anonymity scale In
    Wolinsky