slicing the onion anonymity using unreliable overlays n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Slicing the Onion: Anonymity Using Unreliable Overlays PowerPoint Presentation
Download Presentation
Slicing the Onion: Anonymity Using Unreliable Overlays

Loading in 2 Seconds...

play fullscreen
1 / 58
hien

Slicing the Onion: Anonymity Using Unreliable Overlays - PowerPoint PPT Presentation

156 Views
Download Presentation
Slicing the Onion: Anonymity Using Unreliable Overlays
An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Slicing the Onion: Anonymity Using Unreliable Overlays Sachin Katti Jeffrey Cohen & Dina Katabi

  2. Problem Statement Leverage existing popular P2P overlays to send confidential, anonymous messages without keys

  3. Overlays rock! Ideal for anonymous communication • Thousands of nodes • Plenty of traffic to hide anonymous communication • Diverse membership  Nodes unlikely to collude • Dynamic  Hard to track

  4. Overlays suck! • Nodes don’t have public keys • Nodes are not trustworthy • Nodes are unreliable

  5. This talk: Information Slicing • Message confidentiality, and source and destination anonymity • No public keys • Churn resilient

  6. 1. Message Confidentiality Without Keys

  7. Confidentiality via Information Slicing “Borat: Cultural Leanings of America” Original Message Split message to random pieces and send pieces along node-disjoint paths “Borat: Cultural” “Leanings of America” Split into two “Borat: Cultural” “Leanings of America” Randomize them! “aaspdgfqw” “asdlfrwe” Random pieces

  8. Confidentiality via Information Slicing “aaspdgfqw” Me D “asdlfrwe”

  9. Message Recovery by destination Received random pieces “aaspdgfqw” “aaspdgfqw” “asdlfrwe” Matrix inversion “asdlfrwe” Pieces of original message “Borat: Cultural” “Leanings of America” “Borat: Cultural Leanings of America” Original Message

  10. Even an attacker that gets all but one piece cannot decode! Destination gets all pieces  can decode 

  11. 2. Anonymity without Keys

  12. System Setup • Anonymous communication has two phases • Route Setup • A node learns how to forward a received message • Data transmission • Just follow the routes

  13. Setup Anonymous Routes • Each node knows its next hop • No one else knows the next hop of a node • Why not tell each node the ID of its next hop in a confidential message? Idea : Build anonymity by confidentially sending to each node it’s routing info!

  14. Naïve way to send to a node its next hop Exponential Blowup!

  15. Challenge: Exponential Blowup Solution: Reuse nodes without giving them too much information V Z W R Z’s next hop information: R’s next hop information:

  16. Challenge: Exponential Blowup Solution: Reuse nodes without giving them too much information V Z W R V and W will know Z and R’s next hops

  17. Challenge: Exponential Blowup Solution: Reuse nodes without giving them too much information V Z W R Reuse V to send pieces that belong to different nodes

  18. Challenge: Exponential Blowup Solution: Reuse nodes without giving them too much information V Z W R Reuse nodes to send multiple pieces as long as the pieces belong to different messages

  19. Slicing Protocol Source has multiple IP addresses S S’

  20. Slicing Protocol Source organizes nodes into stages D S V Z W S’ X R

  21. Slicing Protocol Destination D is placed randomly (here in last stage) D S V Z W S’ X R

  22. Slicing Protocol Source confidentially tells each node its next hop info D S V Z W S’ X R

  23. Slicing Protocol V receives the ids of its next hops along disjoint paths D S V Z W S’ X R

  24. Slicing Protocol V also receives one piece meant for Z and one for R, but cannot decipher their next hops D S V Z W S’ X R

  25. Slicing Protocol W also receives its info and pieces for Z and R W cannot decipher Z’s and R’s next hops D S V Z W S’ X R

  26. Slicing Protocol V and W have pieces meant for Z and R D S V Z W S’ X R

  27. Slicing Protocol V and W forward the pieces meant for Z and R D S V Z W S’ X R

  28. Slicing Protocol Node disjoint paths to deliver to Z its V and W do not have enough pieces to know Z’s info D S V Z W S’ X R

  29. Slicing Protocol The same for R D S V Z W S’ X R

  30. Slicing Protocol V and W are reused without revealing anything about Z and R’s routing information D S V Z W S’ X R

  31. Slicing Protocol Similarly source constructs entire graph D S V Z W S’ X R

  32. Slicing Protocol D S V Z W S’ X R Anonymity without keys!

  33. 3. Dealing With Churn

  34. Slicing Protocol - Churn • What if node V departs? D S V Z W S’ X R

  35. Slicing Protocol - Churn • What if node V departs? • Destination cannot decode D S V Z X W S’ X R

  36. How Do We Combat Churn? • Churn causes data loss • Typical solution  Add Redundancy • Use coding to efficiently add redundancy

  37. Source Coding the Data • Source Coding (Erasure Codes) • Split into 3 pieces instead of 2 • Any 2 pieces suffice to retrieve data • Added redundancy of (1/2) = 50%

  38. Source Coding For Robustness S Z V D X S1 R X W S2 P Y U Source coding can tolerate one node failure in the network • Destination D gets two pieces  Can decode

  39. Source Coding For Robustness S Z V D X S1 R X W S2 P Y U • What if a second node (here Z) fails?

  40. Source Coding For Robustness S Z V D X X S1 R X W S2 P Y U • What if a second node (here Z) fails? • Destination D cannot decode

  41. Coding partially solves problem S Z V D X X S1 R X W S2 P Y U • Focus on node R

  42. Coding partially solves problem R Due to upstream node failure, R receives 2 pieces instead of 3

  43. Coding partially solves problem R R can only send out two pieces now, Initial redundancy is destroyed

  44. Regenerating Redundancy R Pieces are linear combinations of message fragments

  45. Network Coding R Take Linear combination of the pieces New piece R can create a linear combination of the pieces he received to generate a new piece

  46. Network Coding R R can now send out 3 pieces instead of 2 Redundancy is regenerated inside the network

  47. Network Coding R Network coding can tolerate one node failure in every stage Can tolerate downstream node failures

  48. General Network Coding • Nodes send linear combinations of incoming pieces • Technique generalizes to any number of extra pieces For kextra pieces, network coding tolerates k failures in every stage

  49. 4. Evaluation

  50. Evaluation Environment • Implementation in Python • Evaluated both in simulation and on PlanetLab • Evaluate anonymity, performance and churn resilience • Each metric is evaluated against the optimal existing baseline