Measuring the mixing time of social graphs
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
| Hi-index | 0.00 |
This work explores the problem space of censorship resistance with the explicit goal of protecting a censorship-resistant system and its users from powerful adversaries who control the network gateways. The result of this work is a document storage system which is highly available and robust to targeted censorship. It is designed to resist attacks from very powerful adversaries, who are willing to shut down large sections of the Internet in order to accomplish their censorship goals. Our design aims to be as easy to use, but far more robust than, some current centralized systems, so we use a completely distributed peer-to-peer infrastructure but still support human-readable keyword search. Network participants who contribute storage enjoy plausible deniability, in that they have no easy way to determine what content they are storing locally. We also explicitly support edited content, such that any information can be published, but only popular or editor-approved information will be kept.A major building block of our system is membership concealment — the idea of a network that hides the real-world identities of participants. We formalize the concept of membership concealment, show that it is required for censorship resistance, discuss a number of attacks against existing systems, and present real-world attack results. Since membership concealment requires resisting hypothesis testing and brute-force scanning, we ensure that network members are not identifiable as such by unauthorized parties. To that end, we construct an authenticated transmission control protocol, adding steganographic authentication to TCP in a provably undetectable manner. Finally, we show through theoretical analysis and simulation that the complete system, while imposing a factor of 10 storage overhead, can tolerate node failure rates up to 70% while retaining the ability to route messages and retrieve every stored file with probability 99.99998666%, even when the volume of stored content is on the order of hundreds of exabytes.