Presentation is loading. Please wait.

Presentation is loading. Please wait.

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,"— Presentation transcript:

1 Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science mfreed@cs.nyu.edu Public Design Workshop September 13, 2002 http://pdos.lcs.mit.edu/tarzan/

2 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 2 Participant can communicate anonymously with non-participant User can talk to CNN.com User ? ? Nobody knows who user is The Grail of Anonymization

3 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 3 ?=? Should we offer anonymity? Actions of user seeking anonymity Method of observing user’s identity LegalIllegal Legal Illegal Definitely! Yes ??? No (?)

4 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 4 Our Vision for Anonymization Thousands of nodes participate Bounce traffic off one another Mechanism to organize nodes: peer-to-peer All applications can use: IP layer

5 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 5 Alternative 1: Proxy Approach Intermediate node to proxy traffic Completely trust the proxy Anonymizer.com User Proxy

6 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 6 Realistic Threat Model Corrupt proxy(s) –Adversary runs proxy(s) –Adversary targets proxy(s) and compromises, possibly adaptively Network links observed –Limited, localized network sniffing –Wide-spread (even global) eavesdropping e.g., Carnivore, Chinese firewall, ISP search warrants

7 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 7 Failures of Proxy Approach User Proxy Traffic analysis is easy Proxy reveals identity

8 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 8 Failures of Proxy Approach User Proxy X X CNN blocks connections from proxy Traffic analysis is easy Adversary blocks access to proxy (DoS) Proxy reveals identity

9 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 9 Alternative 2: Centralized Mixnet User Relay MIX encoding creates encrypted tunnel of relays –Individual malicious relays cannot reveal identity Packet forwarding through tunnel Onion Routing, Freedom Small-scale, static network

10 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 10 Alternative 2: Centralized Mixnet User Relay MIX encoding creates encrypted tunnel of relays –Individual malicious relays cannot reveal identity Packet forwarding through tunnel Cover traffic among relays hides data traffic

11 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 11 Failures of Centralized Mixnet Relay CNN blocks core routers X

12 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 12 Relay Failures of Centralized Mixnet CNN blocks core routers Adversary targets core routers Relay

13 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 13 Relay Failures of Centralized Mixnet Relay CNN blocks core routers Adversary targets core routers Allows network-edge analysis Relay

14 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 14 Relay Failures of Centralized Mixnet Relay CNN blocks core routers Adversary targets core routers Allows network-edge analysis Relay Cover traffic doesn’t protect edges (n 2 ) X

15 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 15 Tarzan: Me Relay, You Relay Thousands of nodes participate Build tunnel over pseudorandom set of nodes Cover traffic covers edges Crowds: small-scale, not self-organizing, not a mixnet, no cover

16 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 16 Benefits of Peer-to-Peer Design No network edge to analyze: First hop does not know he’s first ? ? ? ? ? CNN cannot block everybody Adversary cannot target everybody Global eavesdropping gains little info

17 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 17 Managing Peers Requires a mechanism that 1.Discovers peers 2.Scalable 3.Robust against adversaries

18 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 18 Adversary can join more than once Stop it from spoofing addresses outside of control? Adversaries Can Join System Contact peers directly to – Validate IP address – Learn public key

19 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 19 Adversaries Can Join System Adversary can join more than once Can control many addresses on each subnet! Randomly select nodes by subnet “domain”, not IP address

20 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 20 Tarzan: Joining the System 1. Contacts known peers to learn neighbor lists 2. Validates each peer by directly pinging User

21 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 21 Tarzan: Discovering Peers User 3. Nodes pair-wise choose (verifiable) mimics 4. Mimics begin passing cover traffic

22 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 22 Tarzan: Discovering Peers User 5. Building tunnel: Iteratively selects peers and builds tunnel from among last-hop’s mimics

23 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 23 Tarzan: Building Tunnel User 5. Building tunnel: Public-key encrypts tunnel info during setup Maps flowid  session key, next hop IP addr Tunnel Private Address Public Alias Address Real IP Address PNAT

24 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 24 IP Tarzan: Tunneling Data Traffic 6. Reroutes packets over this tunnel User APP Diverts packets to tunnel source router IP X

25 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 25 IP Tarzan: Tunneling Data Traffic 6. Reroutes packets over this tunnel User APP IP NATs to private address space 192.168.x.x Layer encrypts packet

26 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 26 Encapsulates in UDP and forwards packet Strips off encryption, forwards to next hop Tarzan: Tunneling Data Traffic 6. Reroutes packets over this tunnel User IP APP

27 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 27 IP NATs again to public alias address Tarzan: Tunneling Data Traffic 6. Reroutes packets over this tunnel User APP

28 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 28 Tarzan: Tunneling Data Traffic 6. Reroutes packets over this tunnel User APP Reads IP headers and sends accordingly IP

29 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 29 Response repeats process in reverse IP Tarzan: Tunneling Data Traffic 6. Reroutes packets over this tunnel User IP APP IP

30 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 30 Tarzan: Tunneling Data Traffic Transparently supports anonymous servers Can build double-blinded channels Server IP APP IP Oblivious User

31 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 31 Summary Gain anonymity: –Peer-to-peer: scalable, decentralized, secure –Cover traffic over mimics Transparent IP-layer anonymization –Towards a critical mass of users

32 September 13, 2002 Building a Peer-to-Peer Anonymizing Network LayerPage 32 More information… http://pdos.lcs.mit.edu/tarzan/

Download ppt "Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,"

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Secure Mobile IP Communication

Secure Mobile IP Communication
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.

TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.
Www.opendaylight.org Secure Network Bootstrapping Infrastructure May 15, 2014.

Secure Network Bootstrapping Infrastructure May 15, 2014.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 11 04/25/2011 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 11 04/25/2011 Security and Privacy in Cloud Computing.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
COS 420 Day 18. Agenda Assignment 4 Posted Chap 16-20 Due April 6 Group project program requirements Submitted but Needs lots of work Individual Project.

COS 420 Day 18. Agenda Assignment 4 Posted Chap Due April 6 Group project program requirements Submitted but Needs lots of work Individual Project.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Analysis of Onion Routing Presented in 294-4 by Jayanthkumar Kannan On 10/8/03.

Analysis of Onion Routing Presented in by Jayanthkumar Kannan On 10/8/03.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.

Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.
Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002

Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002

Similar presentations

Ads by Google