Salsa: a structured approach to large-scale anonymity
Proceedings of the 13th ACM conference on Computer and communications security
Towards application-aware anonymous routing
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Information leaks in structured peer-to-peer anonymous communication systems
Proceedings of the 15th ACM conference on Computer and communications security
A Low-Variance Random-Walk Procedure to Provide Anonymity in Overlay Networks
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
ShadowWalker: peer-to-peer anonymous communication using redundant structured topologies
Proceedings of the 16th ACM conference on Computer and communications security
An efficient and reliable anonymous solution for a self-organized P2P network
IPOM'07 Proceedings of the 7th IEEE international conference on IP operations and management
Anonymity in the wild: mixes on unstructured networks
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
BotGrep: finding P2P bots with structured graph analysis
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Information Leaks in Structured Peer-to-Peer Anonymous Communication Systems
ACM Transactions on Information and System Security (TISSEC) - Special Issue on Computer and Communications Security
Valet services: improving hidden servers with a personal touch
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
| Hi-index | 0.00 |
As more of our daily activities are carried out online, it becomes important to develop technologies to protect our online privacy. Anonymity is a key privacy technology, since it serves to hide patterns of communication that can often be as revealing as their contents. This motivates our study of the use of large scale peer-to-peer systems for building anonymous systems. We first develop a novel methodology for studying the anonymity of peer-to-peer systems, based on an information-theoretic anonymity metric and simulation. We use simulations to sample a probability distribution modeling attacker knowledge under conservative assumptions and estimate the entropy-based anonymity metric using the sampled distribution. We then validate this approach against an analytic method for computing entropy. The use of sampling introduces some error, but it can be accurately bounded and therefore we can make rigorous statements about the success of an entire class of attacks. We next apply our methodology to perform the first rigorous analysis of Freenet, a peer-to-peer anonymous publishing system, and identify a number of weaknesses in its design. We show that a targeted attack on high-degree nodes can be very effective at reducing anonymity. We also consider a next generation routing algorithm proposed by the Freenet authors to improve performance and show that it has a significant negative impact on anonymity. Finally, even in the best case scenario, the anonymity levels provided by Freenet are highly variable and, in many cases, little or no anonymity is achieved. To provide more uniform anonymity protection, we propose a new design for peer-to-peer anonymous systems based on structured overlays. We use random walks along the overlay to provide anonymity. We compare the mixing times of random walks on different graph structures and find that de Bruijn graphs are superior to other structures such as the hypercube or butterfly. Using our simulation methodology, we analyze the anonymity achieved by our design running on top of Koorde, a structured overlay based on de Bruijn graphs. We show that it provides anonymity competitive with Freenet in the average case, while ensuring that worst-case anonymity remains at an acceptable level. We also maintain logarithmic guarantees on routing performance.