Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March."— Presentation transcript:

1 The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March 7, 2002 http://pdos.lcs.mit.edu/tarzan/

2 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 2 Participant can communicate anonymously with non-participant User can talk to CNN.com User ? ? Nobody knows who user is The Grail of Anonymization

3 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 3 Our Vision for Anonymization Millions of nodes participate Bounce traffic off one another Mechanism to organize nodes: peer-to-peer All applications can use: IP layer

4 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 4 Alternative 1: Proxy Approach Intermediate node to proxy traffic Completely trust the proxy Anonymizer.com User Proxy

5 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 5 Realistic Threat Model Corrupt proxy –Adversary runs proxy –Adversary targets proxy and compromises Limited, localized network sniffing Global passive observer? Adaptive active adversary? Use cover network: a different paper

6 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 6 Failures of Proxy Approach User Proxy Traffic analysis is easy Proxy reveals identity

7 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 7 Failures of Proxy Approach User Proxy X X CNN blocks connections from proxy Traffic analysis is easy Adversary blocks access to proxy (DoS) Proxy reveals identity

8 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 8 Alternative 2: Centralized Mixnet User Relay MIX encoding creates encrypted tunnel of relays –Individual malicious relays cannot reveal identity Packet forwarding through tunnel Onion Routing, Freedom Small-scale, static network, not general-purpose

9 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 9 Failures of Centralized Mixnet Relay CNN blocks core routers X

10 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 10 Relay Failures of Centralized Mixnet CNN blocks core routers Adversary targets core routers Relay

11 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 11 Relay Failures of Centralized Mixnet Relay CNN blocks core routers Adversary targets core routers Allows network-edge analysis Relay

12 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 12 Tarzan: Me Relay, You Relay Millions of nodes participate Build tunnel over random set of nodes Crowds: small-scale, not self-organizing, not a mixnet

13 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 13 Benefits of Peer-to-Peer Design No network edge to analyze: First hop does not know he’s first ? ? ? ? ? CNN cannot block everybody Adversary cannot target everybody

14 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 14 Managing Peers Requires a mechanism that 1.Discovers peers 2.Scalable 3.Robust against adversaries

15 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 15 Adversary can join more than once Due to lack of central authentication Adversaries Can Join System Try to prevent adversary from impersonating large address space

16 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 16 Stopping Evil Peers Contact peers directly to –Validate IP address –Learn public key Adversary can only answer small address space

17 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 17 Tarzan: Joining the System 1. Contacts known peer in big (Chord) network 2. Learns of a few peers for routing queries User

18 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 18 3. Contacts random peers to learn {IP addr, PK} Performs Chord lookup(random) Tarzan: Discovering Peers User

19 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 19 Tarzan: Building Tunnel User 4. Iteratively selects peers and builds tunnel Public-key encrypts tunnel info during setup Maps flowid  session key, next hop IP addr Tunnel Private Address Public Alias Address Real IP Address PNAT

20 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 20 IP Tarzan: Tunneling Data Traffic 5. Reroutes packets over this tunnel User APP Diverts packets to tunnel source router IP X

21 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 21 IP Tarzan: Tunneling Data Traffic 5. Reroutes packets over this tunnel User APP IP NATs to private address space 192.168.x.x Layer encrypts packet

22 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 22 Encapsulates in UDP and forwards packet Strips off encryption, forwards to next hop Tarzan: Tunneling Data Traffic 5. Reroutes packets over this tunnel User IP APP

23 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 23 IP NATs again to public alias address Tarzan: Tunneling Data Traffic 5. Reroutes packets over this tunnel User APP

24 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 24 Tarzan: Tunneling Data Traffic 5. Reroutes packets over this tunnel User APP Reads IP headers and sends accordingly IP

25 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 25 Response repeats process in reverse IP Tarzan: Tunneling Data Traffic 5. Reroutes packets over this tunnel User IP APP IP

26 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 26 Tarzan: Tunneling Data Traffic Transparently supports anonymous servers Can build double-blinded channels Server IP APP IP Oblivious User

27 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 27 Tarzan is Fast (Enough) Prototype implementation in C++ Setup time per hop: ~20 ms + transmission time Packet forwarding per hop: < 1 ms + transmission time Network latency dominates performance

28 March 7, 2002 The Case for Network-Layer, Peer-to-Peer AnonymizationPage 28 Summary Gain anonymity: –Millions of relays –No centralization Transparent IP-layer anonymization –Towards a critical mass of users Peer-to-Peer design

Download ppt "The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.

TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 11 04/25/2011 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 11 04/25/2011 Security and Privacy in Cloud Computing.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
1 Freeriders in P2P: Pricing Incentives Don Towsley UMass-Amherst collaborators: D. Figueiredo, J. Shapiro.

1 Freeriders in P2P: Pricing Incentives Don Towsley UMass-Amherst collaborators: D. Figueiredo, J. Shapiro.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
Cashmere: Resilient Anonymous Routing CS290F March 7, 2005.

Cashmere: Resilient Anonymous Routing CS290F March 7, 2005.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
COS 420 Day 18. Agenda Assignment 4 Posted Chap 16-20 Due April 6 Group project program requirements Submitted but Needs lots of work Individual Project.

COS 420 Day 18. Agenda Assignment 4 Posted Chap Due April 6 Group project program requirements Submitted but Needs lots of work Individual Project.
Xinwen Fu Anonymous Communication & Computer Forensics 91.580.203 Computer & Network Forensics.

Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Analysis of Onion Routing Presented in 294-4 by Jayanthkumar Kannan On 10/8/03.

Analysis of Onion Routing Presented in by Jayanthkumar Kannan On 10/8/03.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Pseudo Trust: Zero-Knowledge Based Authentication in Anonymous Peer-to-Peer Protocols Li Lu, Lei Hu State Key Lab of Information Security, Graduate School.

Pseudo Trust: Zero-Knowledge Based Authentication in Anonymous Peer-to-Peer Protocols Li Lu, Lei Hu State Key Lab of Information Security, Graduate School.
Routing Security in Ad Hoc Networks

Routing Security in Ad Hoc Networks

Similar presentations

Ads by Google