Kademlia: A Peer-to-Peer Information System Based on the XOR Metric
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Anonymous Connections and Onion Routing
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Low-Cost Traffic Analysis of Tor
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Denial of service or denial of security?
Proceedings of the 14th ACM conference on Computer and communications security
Tahoe: the least-authority filesystem
Proceedings of the 4th ACM international workshop on Storage security and survivability
How much anonymity does network latency leak?
ACM Transactions on Information and System Security (TISSEC)
A practical congestion attack on tor using long paths
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Valet services: improving hidden servers with a personal touch
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Private communication detection: a stochastic approach
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Review: A survey on solutions and main free tools for privacy enhancing Web communications
Journal of Network and Computer Applications
A bird's eye view on the I2P anonymous file-sharing environment
NSS'12 Proceedings of the 6th international conference on Network and System Security
| Hi-index | 0.00 |
I2P is one of the most widely used anonymizing Peer-to-Peer networks on the Internet today. Like Tor, it uses onion routing to build tunnels between peers as the basis for providing anonymous communication channels. Unlike Tor, I2P integrates a range of anonymously hosted services directly with the platform. This paper presents a new attack on the I2P Peer-to-Peer network, with the goal of determining the identity of peers that are anonymously hosting HTTP services (Eepsite) in the network. Key design choices made by I2P developers, in particular performancebased peer selection, enable a sophisticated adversary with modest resources to break key security assumptions. Our attack first obtains an estimate of the victim's view of the network. Then, the adversary selectively targets a small number of peers used by the victim with a denialof-service attack while giving the victim the opportunity to replace those peers with other peers that are controlled by the adversary. Finally, the adversary performs some simple measurements to determine the identity of the peer hosting the service. This paper provides the necessary background on I2P, gives details on the attack -- including experimental data from measurements against the actual I2P network -- and discusses possible solutions.