Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
The devil and packet trace anonymization
ACM SIGCOMM Computer Communication Review
Multi-gigabit GCM-AES Architecture Optimized for FPGAs
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
New directions in privacy-preserving anomaly detection for network traffic
Proceedings of the 1st ACM workshop on Network data anonymization
Detection and identification of cheaters in (t, n) secret sharing scheme
Designs, Codes and Cryptography
The role of network trace anonymization under attack
ACM SIGCOMM Computer Communication Review
Hi-index | 0.00 |
Network service providers monitor the data flow to detect anomalies and malicious behavior in their networks. Network monitoring inspects the data flow over time and thus has to store packet data. Storing of data impedes the privacy of users. A radically new approach counteracts such privacy concerns by exploiting threshold cryptography. It encrypts all monitored traffic. The used symmetric keys are made available to monitoring entities only if they collect enough evidence of malicious behavior. This new approach overcomes weaknesses of packet anonymization. It calls for dedicated hardware that is able to encrypt packets and generate key-share information for gigabit networks. This article proves that the application of Shamir's secret sharing scheme is possible. The presented hardware is able to protect up to 1.8 million packets per second. The creation of such a high-speed hardware required innovations on the algorithmic, the protocol, and on the architectural level. The outcome is a surprisingly small circuit that fits commercially available FPGA cards. It was tested under real-world conditions. It proved to protect the users' privacy while monitoring gigabit networks.