Download slides

MuON:
Epidemic Based Mutual Anonymity
Neelesh Bansod, Ashish Malgi, Byung Choi
and Jean Mayo
Introduction: P2P Networks
 Peer to peer networks

Peers cooperate to achieve each others goals


Peers contribute and share resources
Focus on unstructured P2P networks

Completely distributed
Introduction: P2P Networks
 Characteristics of P2P networks
 Large sizes
 Untrusted participants
 End-hosts cannot be trusted
 Churn
 Continual changes in system membership/topology
 Rate of change (churn) varies with applications
 Challenges for anonymous communication
 Latency, reliability, resource consumption and anonymity
need to scale with increasing churn and size.
Anonymity
 Anonymity


Identities on Internet are not hidden
Hide the participant identities and communication
 Type of anonymity guarantees



Initiator anonymity
Responder anonymity
Mutual anonymity
Anonymity Approaches
 Anonymity by random path forwarding
I
A
B
C
D
R
 Message loss


Current node leaves the network
Increasing churn causes increasing losses
Anonymity Approaches
 Anonymity by creating routes
I
A
B
C
D
R
 Creates anonymous routing to forward messages

Node on path leaves the network



Anonymous path breaks
Path needs to be detected and reconstructed
Increasing churn causes increasing losses
Anonymity Approaches
 Anonymity by group communication
I
D
A
C
B
R
 Suitable for networks with churn
 Needs multicasting primitive

Scalable, reliable and bounded latency
 Large groups


high overhead
high anonymity
MuON: Basic idea
 Public key is used to identify recipient
 Small header created for each message



Header is encrypted using public key of recipient
Message and header have suitable encryption,
checksums and nonce for confidentiality and integrity
Non-encrypted field in header called owner

IP of node (or owner) with message
MuON: Basic idea
 Header is multicast to all members
 Use an epidemic protocol for multicasting


Reliable delivery to all members
Bounded latency in large groups
 Larger message sent to subgroup
 Dynamically created subgroups

For a given header, a peer pulls the corresponding
message from the owner with probability Pinter
intermediate probability
 Node becomes the new owner

If a node can decrypt the header, it pulls the message
 Reliable delivery at recipient
MuON: Basic idea
B
R
A
HDR_X
HDR_X
X
C
MuON: Basic idea
B
R
A
X
HDR_X
HDR_X
C
MuON: Basic idea
B
R
A
HDR_A
HDR_A
HDR_X
X
HDR_X
C
MuON: Basic idea
B
R
HDR_X
HDR_A
A
HDR_A
HDR_C
X
C
HDR_C
MuON: Basic idea
HDR_B
HDR_B
B
R
HDR_B
A
HDR_X
HDR_X
HDR_C
X
C
MuON: Basic idea
B
R
HDR_C
HDR_A
A
X
C
HDR_B
MuON: Reliability
MuON: Latency
MuON: Bandwidth consumption
MuON: Anonymity
Pinter= 0.1
Pinter= 0.5
Pinter= 0.3
Pinter= 0.8
Conclusion
 Churn in P2P provides interesting challenges


Epidemic protocols provide a solution
MuON provides reliable anonymous
communication with interesting properties
 Future work

Further improve anonymity of MuON


Cannot withstand global adversary
Investigate use in different applications like
service availability
MuON: Message format
 Sending message from I to S

MSG={r1, id, data}ksession



Profile (hdr)={r1, ksession, kI+,{H(D)} kI-} kS+


Data encrypted with ksession for confidentiality
Contains nonce r1 and identifier for integrity
D={r1, ksession, kI+,MSG}
Message identifier is H(hdr)
Anonymity Guarantees
Local eavesdropper
Withstands attack
Collusion attack
Withstands unless all nodes
are malicious
Withstands unless global
adversary
Withstands unless global
adversary
Withstands attack
Timing attack
Traceback attack
Predecessor attack
Intersection attack
Message volume attack
Withstands unless global
adversary
Withstands unless global
adversary
Simulation Model of P2P
 r: Single run of protocol (150 above)
 d: Network churn
 Average session time: 1 + 10(1-d) (r -1)
Reliability
Reliability
Latency
Latency
Header overhead
Header overhead
Data overhead
Data overhead