Balancing anonymity and resilience in anonymous communication networks. Issue 101 (February 2021)
- Record Type:
- Journal Article
- Title:
- Balancing anonymity and resilience in anonymous communication networks. Issue 101 (February 2021)
- Main Title:
- Balancing anonymity and resilience in anonymous communication networks
- Authors:
- Xia, Yusheng
Chen, Rongmao
Su, Jinshu
Zou, Hongcheng - Abstract:
- Highlights: We provide the probabilistic definition of routing resilience. We integrate hop-by-hop routing with onion mix-nets to achieve routing resilience. We present T-hybrid routing by integrating threshold public key encryption. We propose the active defense mechanism to defend the replay attacks. We conduct various evaluations on the routing resilience, anonymity, and delay. Abstract: Anonymous communication networks (ACNs) are intended to protect the metadata privacy during the communication. As typical ACNs, onion mix-nets adopt source routing where the source defines a static path and wraps the message with the public keys of on-path nodes so that the message could be delivered to the destination. However, onion mix-nets lack resilience when the static on-path mixes fail, which could result in message loss, communication failure and even de-anonymization attacks. Therefore, it is desirable to achieve routing resilience in onion mix-nets for persistent routing capability even against node failure. The state-of-the-art solutions mainly adopt mix groups and thus need to share secrets among all the group members, which may cause single point of failure and render massive loss of anonymity. To address the above problem, in this work we design a hybrid routing approach, which essentially embeds the onion mix-net with hop-by-hop routing to achieve desirable routing resilience. Furthermore, we extend our scheme with a threshold setting, and propose T-hybrid routing toHighlights: We provide the probabilistic definition of routing resilience. We integrate hop-by-hop routing with onion mix-nets to achieve routing resilience. We present T-hybrid routing by integrating threshold public key encryption. We propose the active defense mechanism to defend the replay attacks. We conduct various evaluations on the routing resilience, anonymity, and delay. Abstract: Anonymous communication networks (ACNs) are intended to protect the metadata privacy during the communication. As typical ACNs, onion mix-nets adopt source routing where the source defines a static path and wraps the message with the public keys of on-path nodes so that the message could be delivered to the destination. However, onion mix-nets lack resilience when the static on-path mixes fail, which could result in message loss, communication failure and even de-anonymization attacks. Therefore, it is desirable to achieve routing resilience in onion mix-nets for persistent routing capability even against node failure. The state-of-the-art solutions mainly adopt mix groups and thus need to share secrets among all the group members, which may cause single point of failure and render massive loss of anonymity. To address the above problem, in this work we design a hybrid routing approach, which essentially embeds the onion mix-net with hop-by-hop routing to achieve desirable routing resilience. Furthermore, we extend our scheme with a threshold setting, and propose T-hybrid routing to mitigate the anonymity loss when group mixes are compromised. Besides, we propose the active defense mechanism to defend replay attacks in the scenario of mix groups. As for experimental evaluations, we conduct a quantitative analysis of the resilience and anonymity for various schemes, and demonstrate that T-hybrid routing can achieve a good balance between resilience and anonymity. In addition, we manage to realize the full T-hybrid routing prototype and test its performance in the cloud hosting environment. The experimental results show that compared with typical onion mix-nets, our T-hybrid routing mechanism only increases about 20%-25% regarding the end-to-end delay, and thus is still practical while with better resilience. … (more)
- Is Part Of:
- Computers & security. Issue 101(2021)
- Journal:
- Computers & security
- Issue:
- Issue 101(2021)
- Issue Display:
- Volume 101, Issue 101 (2021)
- Year:
- 2021
- Volume:
- 101
- Issue:
- 101
- Issue Sort Value:
- 2021-0101-0101-0000
- Page Start:
- Page End:
- Publication Date:
- 2021-02
- Subjects:
- Resilience -- Anonymity -- Threshold -- Routing -- Mix-Nets
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2020.102106 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 15398.xml