Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Tarzan: a peer-to-peer anonymizing network layer
Proceedings of the 9th ACM conference on Computer and communications security
Introducing MorphMix: peer-to-peer based anonymous Internet usage with collusion detection
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Security Considerations for Peer-to-Peer Distributed Hash Tables
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Limits of Anonymity in Open Environments
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
From a Trickle to a Flood: Active Attacks on Several Mix Types
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Defending Anonymous Communications Against Passive Logging Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Anonymous Connections and Onion Routing
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems
ICPP '04 Proceedings of the 2004 International Conference on Parallel Processing
Location diversity in anonymity networks
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
The predecessor attack: An analysis of a threat to anonymous communications systems
ACM Transactions on Information and System Security (TISSEC)
Low-Cost Traffic Analysis of Tor
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Secure routing for structured peer-to-peer overlay networks
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
AP3: cooperative, decentralized anonymous communication
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Route Fingerprinting in Anonymous Communications
P2P '06 Proceedings of the Sixth IEEE International Conference on Peer-to-Peer Computing
Salsa: a structured approach to large-scale anonymity
Proceedings of the 13th ACM conference on Computer and communications security
Hot or not: revealing hidden services by their clock skew
Proceedings of the 13th ACM conference on Computer and communications security
Cashmere: resilient anonymous routing
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
How much anonymity does network latency leak?
Proceedings of the 14th ACM conference on Computer and communications security
Denial of service or denial of security?
Proceedings of the 14th ACM conference on Computer and communications security
Information leaks in structured peer-to-peer anonymous communication systems
Proceedings of the 15th ACM conference on Computer and communications security
Identifying Proxy Nodes in a Tor Anonymization Circuit
SITIS '08 Proceedings of the 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems
Dummy traffic against long term intersection attacks
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
A survey of peer-to-peer security issues
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Sampled traffic analysis by internet-exchange-level adversaries
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Information slicing: anonymity using unreliable overlays
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Statistical disclosure or intersection attacks on anonymity systems
IH'04 Proceedings of the 6th international conference on Information Hiding
The traffic analysis of continuous-time mixes
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Improving sender anonymity in a structured overlay with imprecise routing
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
ReDS: reputation for directory services in P2P systems
Proceedings of the 2010 ACM workshop on Insider threats
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Scalable anonymous communication with provable security
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
PIR-Tor: scalable anonymous communication using private information retrieval
SEC'11 Proceedings of the 20th USENIX conference on Security
Hi-index | 0.00 |
We examine peer-to-peer anonymous communication systems that use Distributed Hash Table algorithms for relay selection. We show that common design flaws in these schemes lead to highly effective attacks against the anonymity provided by the schemes. These attacks stem from attacks on DHT routing, and are not mitigated by the well-known DHT security mechanisms due to a fundamental mismatch between the security requirements of DHT routing's put/get functionality and anonymous routing's relay selection functionality. Our attacks essentially allow an adversary that controls only a small fraction of the relays to function as a global active adversary. We apply these attacks in more detail to two schemes: Salsa and Cashmere. In the case of Salsa, we show that an attacker that controls 10% of the relays in a network of size 10,000 can compromise more than 80% of all completed circuits; and in the case of Cashmere, we show that an attacker that controls 20% of the relays in a network of size 64000 can compromise 42% of the circuits.