Download presentation
Presentation is loading. Please wait.
Published byElijah Horn Modified over 9 years ago
1
Slicing the Onion: Anonymity Using Unreliable Overlays Sachin Katti Jeffrey Cohen & Dina Katabi
2
Problem Statement Leverage existing popular P2P overlays to send confidential, anonymous messages without keys
3
Overlays rock! Thousands of nodes Plenty of traffic to hide anonymous communication Diverse membership Nodes unlikely to collude Dynamic Hard to track Ideal for anonymous communication
4
Overlays suck! Nodes don’t have public keys Nodes are not trustworthy Nodes are unreliable
5
This talk: Information Slicing Message confidentiality, and source and destination anonymity No public keys Churn resilient
6
1. Message Confidentiality Without Keys
7
Confidentiality via Information Slicing Split message to random pieces and send pieces along node-disjoint paths “aaspdgfqw” “asdlfrwe” Random pieces “Borat: Cultural” “Leanings of America” Split into two “Borat: Cultural Leanings of America ” Original Message Randomize them! “Borat: Cultural” “Leanings of America”
8
MeD Confidentiality via Information Slicing “aaspdgfqw” “asdlfrwe”
9
Message Recovery by destination Received random pieces “aaspdgfqw” “ asdlfrwe ” “aaspdgfqw” “asdlfrwe” Matrix inversion Pieces of original message “Borat: Cultural” “Leanings of America” Original Message “Borat: Cultural Leanings of America ”
10
Destination gets all pieces can decode Even an attacker that gets all but one piece cannot decode !
11
2. Anonymity without Keys
12
System Setup Anonymous communication has two phases Route Setup A node learns how to forward a received message Data transmission Just follow the routes
13
Setup Anonymous Routes Each node knows its next hop No one else knows the next hop of a node Why not tell each node the ID of its next hop in a confidential message? Idea : Build anonymity by confidentially sending to each node it’s routing info!
14
Exponential Blowup! Naïve way to send to a node its next hop
15
V W R Z Z’s next hop information: R’s next hop information: Challenge: Exponential Blowup Solution: Reuse nodes without giving them too much information
16
Challenge: Exponential Blowup Solution: Reuse nodes without giving them too much information V W R Z V and W will know Z and R’s next hops
17
V W R Z Reuse V to send pieces that belong to different nodes Challenge: Exponential Blowup Solution: Reuse nodes without giving them too much information
18
V W R Z Reuse nodes to send multiple pieces as long as the pieces belong to different messages Challenge: Exponential Blowup Solution: Reuse nodes without giving them too much information
19
Slicing Protocol S S’ Source has multiple IP addresses
20
R V W Z Slicing Protocol S S’ D X Source organizes nodes into stages
21
R V W Z Slicing Protocol S S’ D X Destination D is placed randomly (here in last stage)
22
R V W Z Slicing Protocol S S’ D X Source confidentially tells each node its next hop info
23
R V W Z Slicing Protocol S S’ D X V receives the ids of its next hops along disjoint paths
24
R V W Z Slicing Protocol S S’ D X V also receives one piece meant for Z and one for R, but cannot decipher their next hops
25
R V W Z Slicing Protocol S S’ D X W also receives its info and pieces for Z and R W cannot decipher Z’s and R’s next hops
26
R V W Z Slicing Protocol S S’ D X V and W have pieces meant for Z and R
27
R V W Z Slicing Protocol S S’ D X V and W forward the pieces meant for Z and R
28
R V W Z Slicing Protocol S S’ D X Node disjoint paths to deliver to Z its V and W do not have enough pieces to know Z’s info
29
R V W Z Slicing Protocol S S’ D X The same for R
30
R V W Z Slicing Protocol S S’ D X V and W are reused without revealing anything about Z and R’s routing information
31
R V W Z Slicing Protocol S S’ D X Similarly source constructs entire graph
32
R V W Z Slicing Protocol S S’ D X Anonymity without keys!
33
3. Dealing With Churn
34
Slicing Protocol - Churn What if node V departs? R V W Z S S’ D X
35
Slicing Protocol - Churn What if node V departs? Destination cannot decode R V W Z S S’ D X X
36
How Do We Combat Churn? Churn causes data loss Typical solution Add Redundancy Use coding to efficiently add redundancy
37
Source Coding the Data Source Coding (Erasure Codes) Split into 3 pieces instead of 2 Any 2 pieces suffice to retrieve data Added redundancy of (1/2) = 50%
38
Source Coding For Robustness S S1 V W R Z D X S2 U P Y X Destination D gets two pieces Can decode Source coding can tolerate one node failure in the network
39
S S1 V W R Z D X S2 U P Y X What if a second node (here Z) fails? Source Coding For Robustness
40
S S1 V Z S2 X X W R D X U P Y What if a second node (here Z) fails? Destination D cannot decode Source Coding For Robustness
41
Coding partially solves problem Z X R S S1 V S2 X W U P D X Y Focus on node R
42
Coding partially solves problem R Due to upstream node failure, R receives 2 pieces instead of 3
43
Coding partially solves problem R R can only send out two pieces now, Initial redundancy is destroyed
44
Regenerating Redundancy R Pieces are linear combinations of message fragments
45
Network Coding R R can create a linear combination of the pieces he received to generate a new piece Take Linear combination of the pieces New piece
46
Network Coding R R can now send out 3 pieces instead of 2 Redundancy is regenerated inside the network
47
Network Coding R Can tolerate downstream node failures Network coding can tolerate one node failure in every stage
48
General Network Coding Nodes send linear combinations of incoming pieces Technique generalizes to any number of extra pieces For k extra pieces, network coding tolerates k failures in every stage
49
4. Evaluation
50
Evaluation Environment Implementation in Python Evaluated both in simulation and on PlanetLab Evaluate anonymity, performance and churn resilience Each metric is evaluated against the optimal existing baseline
51
Anonymity Simulate an overlay of 10000 nodes Attackers are placed randomly in the network Attackers can control nodes, snoop on their edges, and collude Comparison with Chaum mixes (optimal baseline) Entropy is standard anonymity metric Anonymity
52
How anonymous is information slicing? Fraction of Attacking Nodes Anonymity High anonymity despite no keys Source Anonymity Info. Slicing Chaum mix
53
Churn Resilience Compared against practical anonymity system Onion Routing For fairness, onion routing is modified to have redundancy using source coding Metric: Prob. of successfully sending a message, given a particular redundancy
54
Churn Resilience Info. Slicing Onion Routing with source coding Probability of Success Added Redundancy Large increase in probability of success because of network coding Results for a Probability of Node Failure = 0.3
55
Implementation on PlanetLab
56
Churn Resilience - Planetlab Added Redundancy Probability of Success Network Coding nearly doubles the churn resilience with the same overhead!
57
Performance No. of Stages Throughput (Mb/s) No. of Stages Info. Slicing Onion Routing Two nodes in each stage and five stages Local Network PlanetLab Parallel paths Increased throughput Info. Slicing
58
Conclusion Confidentiality Node disjoint paths Low Cost Anonymity Node Reuse Churn Resilience Network Coding Enabled anonymous communication in P2P overlays with no keys. Information Slicing provides
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.