PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.

Slides:



Advertisements
Similar presentations
Tor: The Second-Generation Onion Router
Advertisements

Secure Multiparty Computations on Bitcoin
A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan.
LASTor: A Low-Latency AS-Aware Tor Client
1 Scoped and Approximate Queries in a Relational Grid Information Service Dong Lu, Peter A. Dinda, Jason A. Skicewicz Prescience Lab, Dept. of Computer.
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Dissent: Accountable, Anonymous Communication Joan Feigenbaum Joint work with Bryan Ford, Henry Corrigan-Gibbs, Yixuan.
Rarest First and Choke Algorithms are Enough Arnaud LEGOUT INRIA, Sophia Antipolis France G. Urvoy-Keller and P. Michiardi Institut Eurecom France.
Managing NymBoxes for Identity and Tracking Protection David Wolinsky, Daniel Jackowitz, and Bryan Ford Yale University.
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
Predicting Tor Path Compromise by Exit Port IEEE WIDA 2009December 16, 2009 Kevin Bauer, Dirk Grunwald, and Douglas Sicker University of Colorado Client.
Trust-based Anonymous Communication: Models and Routing Algorithms Aaron Johnson Paul Syverson Roger Dingledine Nick Mathewson U.S. Naval Research Laboratory.
ExperimenTor: A Testbed for Safe and Realistic Tor Experimentation Kevin Bauer 1 Micah Sherr 2 Damon McCoy 3 Dirk Grunwald 4 1 University of Waterloo 2.
Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Privacy-Preserving Computation and Verification of Aggregate Queries on Outsourced Databases Brian Thompson 1, Stuart Haber 2, William G. Horne 2, Tomas.
Building a Strong Foundation for a Future Internet Jennifer Rexford ’91 Computer Science Department (and Electrical Engineering and the Center for IT Policy)
Toward Understanding Congestion in Tor DC-area Anonymity, Privacy, and Security Seminar January 24 th, 2014 Rob Jansen U.S. Naval Research Laboratory *Joint.
Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.
The Anonymous File Transfer Network
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.
R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.
Construction of efficient PDP scheme for Distributed Cloud Storage. By Manognya Reddy Kondam.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.
Private Information Retrieval Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the last.
Exploring VoD in P2P Swarming Systems By Siddhartha Annapureddy, Saikat Guha, Christos Gkantsidis, Dinan Gunawardena, Pablo Rodriguez Presented by Svetlana.
PIC: Practical Internet Coordinates for Distance Estimation Manuel Costa joint work with Miguel Castro, Ant Rowstron, Peter Key Microsoft Research Cambridge.
1 TAPAS Workshop Nicola Mezzetti - TAPAS Workshop Bologna Achieving Security and Privacy on the Grid Nicola Mezzetti.
Prateek Mittal Femi Olumofin Carmela Troncoso Nikita Borisov Ian Goldberg Presented by Justin Chester.
Presented by Xiaoyu Qin Virtualized Access Control & Firewall Virtualization.
1 BitHoc: BitTorrent for wireless ad hoc networks Jointly with: Chadi Barakat Jayeoung Choi Anwar Al Hamra Thierry Turletti EPI PLANETE 28/02/2008 MAESTRO/PLANETE.
Never Been KIST: Tor’s Congestion Management Blossoms with Kernel- Informed Socket Transport 23 rd USENIX Security Symposium August 20 th 2014 Rob JansenUS.
Privacy-Aware Personalization for Mobile Advertising
The EigenTrust Algorithm for Reputation Management in P2P Networks
Protecting Sensitive Labels in Social Network Data Anonymization.
On the Practical Feasibility of Secure Distributed Computing A Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven.
Mining Multiple Private Databases Topk Queries Across Multiple Private Databases (2005) Li Xiong (Emory University) Subramanyam Chitti (GA Tech) Ling Liu.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.
Digital Signatures, Message Digest and Authentication Week-9.
Guard Sets for Onion Routing JOSHUA FREE. Tor Most popular low-latency distributed anonymity network Controversial decisions of guard selection strategies.
Routing Around Decoys Max Schuchard, John Geddes, Christopher Thompson, Nicholas Hopper Proposed in FOCI'11, USINIX Security'11 and CCS'11 Presented by:
m-Privacy for Collaborative Data Publishing
Peer-to-Peer Systems: An Overview Hongyu Li. Outline  Introduction  Characteristics of P2P  Algorithms  P2P Applications  Conclusion.
Measuring and Mitigating AS-level Adversaries Against Tor
Victor Farbman and Maxim Trosman Under guidance of Amichai Shulman.
How Low Can You Go: Balancing Performance with Anonymity in Tor’ DC-Area Anonymity,Privacy, and Security Seminar May 10 th, 2013 Rob Jansen U.S. Naval.
Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing.
Private Information Retrieval Based on the talk by Yuval Ishai, Eyal Kushilevitz, Tal Malkin.
Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.
Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum
PeerFlow: Secure Load Balancing in Tor Aaron Johnson1 Rob Jansen1 Aaron Segal2 Nicholas Hopper3 Paul Syverson1 1U.S. Naval Research Laboratory 2Yale.
CS590B/690B Detecting Network Interference (FALL 2016)
DNS-sly: Avoiding Censorship through Network Complexity
OblivP2P: An Oblivious Peer-to-Peer Content Sharing System
Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.
OblivP2P: An Oblivious Peer-to-Peer Content Sharing System
Privacy and Fault-Tolerance in Distributed Optimization Nitin Vaidya University of Illinois at Urbana-Champaign.
NYMBLE: BLOCKING MISBEHAVING USERS IN ANONYMIZING NETWORKS
0x1A Great Papers in Computer Security
Anupam Das , Nikita Borisov
The Globus Toolkit™: Information Services
Anupam Das , Nikita Borisov
CS590B/690B Detecting network interference (Spring 2018)
Presentation transcript:

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi Olumofin (U Waterloo) Carmela Troncoso (KU Leuven) Nikita Borisov (U Illinois) Ian Goldberg (U Waterloo) 1

Anonymous Communication What is anonymous communication? –Allows communication while keeping user identity (IP) secret from a third party or a recipient Growing interest in anonymous communication –Tor is a deployed system –Spies & law enforcement, dissidents, whistleblowers, censorship resistance Routers ? ? 2

Tor Background List of servers? 3 Trusted Directory Authority Guards Exit Middle 1. Load balancing 2. Exit policy Directory Servers Signed Server list (relay descriptors)

Performance Problem in Tor’s Architecture: Global View Global view –Not scalable Need solutions without global system view 4 List of servers? Directory Servers Torsk – CCS09

Current Solution: Peer-to-peer Paradigm Morphmix [WPES 04] – Broken [PETS 06] Salsa [CCS 06] – Broken [CCS 08, WPES 09] NISAN [CCS 09] – Broken [CCS 10] Torsk [CCS 09] – Broken [CCS 10] ShadowWalker [CCS 09] – Broken and fixed(??) [WPES 10] Very hard to argue security of a distributed, dynamic and complex P2P system. 5

Design Goals A scalable client-server architecture with easy to analyze security properties. – Avoid increasing the attack surface Equivalent security to Tor – Preserve Tor’s constraints Guard/middle/exit relays, Load balancing – Minimal changes Only relay selection algorithm 6

Key Observation Need only 18 random middle/exit relays in 3 hours – So don’t download all 2000! Naïve approach: download a few random relays from directory servers – Problem: malicious servers – Route fingerprinting attacks Download selected relay descriptors without letting directory servers know the information we asked for. Private Information Retrieval (PIR) Inference: User likely to be Bob Directory Server Relay # 10, 25 10: IP address, key 25: IP address, key Bob

Private Information Retrieval (PIR) Information theoretic PIR – Multi-server protocol – Threshold number of servers don’t collude Computational PIR – Single server protocol – Computational assumption on server Only ITPIR-Tor in this talk – See paper for CPIR-Tor 8 R C A B A Database C R B R A RARA

MiddleExit Guards Exit relay compromised: ITPIR-Tor: Database Locations Tor places significant trust in guard relays – 3 compromised guard relays suffice to undermine user anonymity in Tor. Choose client’s guard relays to be directory servers 9 MiddleExit Guards Exit relay honest End-to-end Timing Analysis Deny Service MiddleExit Guards At least one guard relay is honest ITPIR guarantees user privacy MiddleExit Guards All guard relays compromised ITPIR does not provide privacy But in this case, Tor anonymity broken Equivalent security to the current Tor network

ITPIR-Tor Database Organization and Formatting Middles, exits – Separate databases Exit policies – Standardized exit policies – Relays grouped by exit policies Load balancing – Relays sorted by bandwidth Relay Descriptors Exit Policy 1 Exit Policy 2 Non- standard Exit policies MiddlesExits e4 e3 e5 e6 e2 e1 e7 e8 m4 m3 m5 m6 m2 m1 m7 m8 Sort by Bandwidth 10

ITPIR-Tor Architecture 11 Trusted Directory Authority Guard relays/ PIR Directory servers 5.18 PIR Queries(1 middle/exit) 2. Initial connect 3. Signed meta-information 6. PIR Response 1. Download PIR database 4. Load balanced index selection middle,18 PIR Query(exit) MiddlesExits e4 e3 e5 e6 e2 e1 e7 e8 m4 m3 m5 m6 m2 m1 m7 m8

Performance Evaluation Percy [Goldberg, Oakland 2007] – Multi-server ITPIR scheme 2.5 GHz, Ubuntu Descriptor size 2100 bytes – Max size in the current database Exit database size – Half of middle database Methodology: Vary number of relays – Total communication – Server computation 12

Performance Evaluation: Communication Overhead 13 Current Tor network: 5x--100x improvement Advantage of PIR-Tor becomes larger due to its sublinear scaling: 100x--1000x improvement 1.1 MB 216 KB 12 KB

Performance Evaluation: Server Computational Overhead 14 Current Tor network: less than 0.5 sec 100,000 relays: about 10 seconds (does not impact user latency)

Performance Evaluation: Scaling Scenarios 15 Scenario Tor Communication (per client) ITPIR Communication (per client) ITPIR Core Utilization ExplanationRelayClients Current Tor 2,000250, MB0.2 MB0.425 % 10x relay/client 20,0002.5M11 MB0.5 MB4.25 % Clients turn relays 250, MB1.7 MB0.425 %

Conclusion PIR can be used to replace descriptor download in Tor. – Improves scalability 10x current network size: very feasible 100x current network size : plausible – Easy to understand security properties Side conclusion: Yes, PIR can have practical uses! Questions? 16

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.