Embed Size (px)
Citation preview
MuON: Epidemic Based Mutual Anonymity
Neelesh Bansod, Ashish Malgi, Byung Choi and Jean Mayo
Introduction: P2P Networks
Peer to peer networks Peers cooperate to achieve each others goals
Peers contribute and share resources Focus on unstructured P2P networks
Completely distributed
Introduction: P2P Networks
Characteristics of P2P networks Large sizes Untrusted participants
End-hosts cannot be trusted Churn
Continual changes in system membership/topology Rate of change (churn) varies with applications
Challenges for anonymous communication Latency, reliability, resource consumption and anonymity
need to scale with increasing churn and size.
Anonymity
Anonymity Identities on Internet are not hidden Hide the participant identities and communication
Type of anonymity guarantees
Initiator anonymity Responder anonymity Mutual anonymity
Anonymity Approaches
Anonymity by random path forwarding
I
C
A
D
B
R
Message loss Current node leaves the network Increasing churn causes increasing losses
Anonymity Approaches
Anonymity by creating routes
I
C
A
D
B
R
Creates anonymous routing to forward messages Node on path leaves the network
Anonymous path breaks Path needs to be detected and reconstructed
Increasing churn causes increasing losses
Anonymity Approaches
Anonymity by group communication
I
CA
D
BR
Suitable for networks with churn Needs multicasting primitive
Scalable, reliable and bounded latency Large groups
high overhead high anonymity
MuON: Basic idea
Public key is used to identify recipient
Small header created for each message Header is encrypted using public key of recipient Message and header have suitable encryption,
checksums and nonce for confidentiality and integrity. Non-encrypted field in header called owner
IP of node (or owner) with message
MuON: Basic idea
Header is multicast to all members Use an epidemic protocol for multicasting
Reliable delivery to all members Bounded latency in large groups
Larger message sent to subgroup Dynamically created subgroups
For a given header, a peer pulls the corresponding message from the owner with probability P inter
intermediate probability Node becomes the new owner
If a node can decrypt the header, it pulls the message Reliable delivery at recipient
MuON: Basic idea
X
B
A
C
R
HDR_X
HDR_X
MuON: Basic idea
X
B
C
R
HDR_XHDR_X
A
MuON: Basic idea
X
B
C
R
HDR_X
HDR_AHDR_A
HDR_X
A
MuON: Basic idea
X
B
A
C
R
HDR_A
HDR_C
HDR_A
HDR_X
HDR_C
MuON: Basic idea
X
B
A
C
R
HDR_X
HDR_B
HDR_X
HDR_B
HDR_C
HDR_B
MuON: Basic idea
X
B
A
C
R
HDR_C
HDR_BHDR_A
MuON: Reliability
MuON: Latency
MuON: Bandwidth consumption
MuON: AnonymityPinter= 0.1 Pinter= 0.3
Pinter= 0.5 Pinter= 0.8
Conclusion
Churn in P2P provides interesting challenges Epidemic protocols provide a solution MuON provides reliable anonymous
communication with interesting properties Future work
Further improve anonymity of MuON Cannot withstand global adversary
Investigate use in different applications like service availability
MuON: Message format
Sending message from I to S MSG={r1, id, data}ksession
Data encrypted with ksession for confidentiality
Contains nonce r1 and identifier for integrity
Profile (hdr)={r1, ksession, kI+,{H(D)} kI
-} kS+
D={r1, ksession, kI+,MSG}
Message identifier is H(hdr)
Anonymity Guarantees
Local eavesdropper Withstands attack
Collusion attack Withstands unless all nodes are malicious
Timing attack Withstands unless global adversary
Traceback attack Withstands unless global adversary
Predecessor attack Withstands attack
Intersection attack Withstands unless global adversary
Message volume attack Withstands unless global adversary
Simulation Model of P2P
r: Single run of protocol (150 above) d: Network churn Average session time: 1 + 10(1-d) (r -1)
Reliability
Reliability
Latency
Latency
Header overhead
Header overhead
Data overhead
Data overhead
