Presentation is loading. Please wait.

Presentation is loading. Please wait.

ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,

Published byCameron Lane Modified over 9 years ago

Similar presentations

Presentation on theme: "ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,"— Presentation transcript:

1 ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto, Paolo Gasti, Gene Tsudik, Ersin Uzun

2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /omh/blood-pressure/steve { mmHg: 100 } Information Linkage & Leakage 1 I: /omh/blood-pressure/steve Nonce: Lifetime: Loc: /fitbit/key Encrypted names, payloads, and header fields may link requester to sensitive content or leak information

3 Onion Routing in NDN 2 /OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: Loc: /fitbit/key I: /omh/blood-pressure/steve Nonce: Loc: /fitbit/key I: /OR-2 I: /OR-1 I: /omh/blood-pressure/steve Nonce: Loc: /fitbit/key I: /OR-2 I: /omh/blood-pressure/steve Nonce: Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /OR-2 D: /OR-1

4 Improvements Over Tor Need fewer relays than Tor (2 vs 3) – Potentially 1 less Internet-wide RTT ANDaNA paths are HIGHLY ephemeral – No path setup cost – Change keys and relays at will during a Data stream without interruption – Tor sets up much longer lived circuits in comparison (~ 10 minutes) Symmetric key session-based mode also available – Can be freely intermixed with public key crypto mode for the same Data stream. NDN gives us a lot for free – CS improves retransmission and chance for cache hit at exit node – OR prefixes can refer to multiple relays – OR directory more robust to attacks thanks to signed Data 3

5 The Exit Node Problem 4 /OR-1 /OR-2 I: /omh/blood-pressure/steve Exclude: Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } NDN-NP environments are not the general case: both are privacy/security aware

6 Summary ANDaNA provides a Tor-like service for NDN, but new tradeoffs to consider ANDaNA is fundamentally a proxy: use as many (or few) relays as needed 5

7 Thoughts What’s the threat model for NDN-NP? Tradeoffs: – ANDaNA provides low latency anonymity – Mix networks could be used if NDN-NP can tolerate latency Implementing confidentiality: – Confidentially must be left to applications. – Users don’t own the network, but can own overlays 6

Download ppt "ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto,"

Similar presentations

Bc. Oldřich Faldík Bc. Tomáš Pavlacký Bc. Ondřej Matulík 24. 3. 2014 Tor – anonymity online.

Bc. Oldřich Faldík Bc. Tomáš Pavlacký Bc. Ondřej Matulík Tor – anonymity online.
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis.

Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis.
Security and Privacy of Future Internet Architectures: Named-Data Networking Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content.

Security and Privacy of Future Internet Architectures: Named-Data Networking Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content.
Cashmere: Resilient Anonymous Routing CS290F March 7, 2005.

Cashmere: Resilient Anonymous Routing CS290F March 7, 2005.
1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:

1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:
A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.

A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
A New Replay Attack Against Anonymous Communication Networks Xinwen Fu June 30, 2015.

A New Replay Attack Against Anonymous Communication Networks Xinwen Fu June 30, 2015.
A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.

A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Towards an Analysis of Onion Routing Security Syverson, Tsudik, Reed, and Landwehr PET 2000 Presented by: Adam Lee 1/26/2006 Syverson, Tsudik, Reed, and.

Towards an Analysis of Onion Routing Security Syverson, Tsudik, Reed, and Landwehr PET 2000 Presented by: Adam Lee 1/26/2006 Syverson, Tsudik, Reed, and.
Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.

Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.
Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)

Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)
Hashing it Out in Public Common Failure Modes of DHT-based Anonymity Schemes Andrew Tran, Nicholas Hopper, Yongdae Kim Presenter: Josh Colvin, Fall 2011.

Hashing it Out in Public Common Failure Modes of DHT-based Anonymity Schemes Andrew Tran, Nicholas Hopper, Yongdae Kim Presenter: Josh Colvin, Fall 2011.

Similar presentations

Ads by Google