More Web Proxy on the site http://driver.im/

research-article

Balancing the shadows

Authors:

Alexander W. Dean,

Victor Heorhiadi,

Nicholas Hopper,

Yongdae KimAuthors Info & Claims

WPES '10: Proceedings of the 9th annual ACM workshop on Privacy in the electronic society

Pages 1 - 10

https://doi.org/10.1145/1866919.1866921

Published: 04 October 2010 Publication History

Abstract

In this paper, we examine the ShadowWalker peer-to-peer anonymity scheme. ShadowWalker attempts to provide anonymity via circuits built using random walks over a secured topology. ShadowWalker's topology is secured through the use of shadows, peers that certify another node's routing information. We demonstrate two flaws in ShadowWalker. First, an attacker can compromise the underlying topology of ShadowWalker as a result of an insufficient numbers of shadows. We show that the failure of the underlying topology directly results in the failure of ShadowWalker to provide anonymity guarantees. Second, the dependence on untrusted nodes to certify other nodes allows an attacker to launch a selective denial of service attack. We show that there is an inherent tension between protecting against these two attacks: weakening the first attack strengthens the second attack and vice versa. We introduce a mechanism that generalizes ShadowWalker's lookup defense, and show that this mechanism can be tuned to simultaneously provide strong protection against both these attacks. Last, we implement ShadowWalker and provide performance measurements from a prototype deployment on PlanetLab.

References

[1]

}}Nikita Borisov, George Danezis, Prateek Mittal, and Parisa Tabriz. Denial of service or denial of security? In CCS '07: Proceedings of the 14th ACM conference on Computer and communications security, pages 92--102, New York, NY, USA, 2007. ACM.

Digital Library

[2]

}}David L. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 24(2):84--90, 1981.

Digital Library

[3]

}}George Danezis and Paul Syverson. Bridging and fingerprinting: Epistemic attacks on route selection. In PETS '08: Proceedings of the 8th international symposium on Privacy Enhancing Technologies, pages 151--166, Berlin, Heidelberg, 2008. Springer-Verlag.

Digital Library

[4]

}}Roger Dingledine, Nick Mathewson, and Paul Syverson. Tor: the second-generation onion router. In SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium, pages 21--21, Berkeley, CA, USA, 2004. USENIX Association.

Digital Library

[5]

}}Michael J. Freedman and Robert Morris. Tarzan: a peer-to-peer anonymizing network layer. In CCS '02: Proceedings of the 9th ACM conference on Computer and communications security, pages 193--206, New York, NY, USA, 2002. ACM.

Digital Library

[6]

}}K. Gummadi, R. Gummadi, S. Gribble, S. Ratnasamy, S. Shenker, and I. Stoica. The impact of dht routing geometry on resilience and proximity. In SIGCOMM '03: Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications, pages 381--394, New York, NY, USA, 2003. ACM.

Digital Library

[7]

}}M. Kaashoek and D. Karger. Koorde: A simple degree-optimal distributed hash table. Peer-to-Peer Systems II, pages 98--107, 2003.

[8]

}}Petar Maymounkov and David Mazières. Kademlia: A peer-to-peer information system based on the xor metric. In IPTPS '01: Revised Papers from the First International Workshop on Peer-to-Peer Systems, pages 53--65, London, UK, 2002. Springer-Verlag.

Digital Library

[9]

}}Jon McLachlan, Andrew Tran, Nicholas Hopper, and Yongdae Kim. Scalable onion routing with torsk. In CCS '09: Proceedings of the 16th ACM conference on Computer and communications security, pages 590--599, New York, NY, USA, 2009. ACM.

Digital Library

[10]

}}Alan Mislove, Gaurav Oberoi, Ansley Post, Charles Reis, Peter Druschel, and Dan S. Wallach. Ap3: cooperative, decentralized anonymous communication. In EW 11: Proceedings of the 11th workshop on ACM SIGOPS European workshop, page 30, New York, NY, USA, 2004. ACM.

Digital Library

[11]

}}Prateek Mittal and Nikita Borisov. Information leaks in structured peer-to-peer anonymous communication systems. In CCS '08: Proceedings of the 15th ACM conference on Computer and communications security, pages 267--278, New York, NY, USA, 2008. ACM.

Digital Library

[12]

}}Prateek Mittal and Nikita Borisov. Shadowwalker: peer-to-peer anonymous communication using redundant structured topologies. In CCS '09: Proceedings of the 16th ACM conference on Computer and communications security, pages 161--172, New York, NY, USA, 2009. ACM.

Digital Library

[13]

}}Arjun Nambiar and Matthew Wright. Salsa: a structured approach to large-scale anonymity. In CCS '06: Proceedings of the 13th ACM conference on Computer and communications security, pages 17--26, New York, NY, USA, 2006. ACM.

Digital Library

[14]

}}K. P. N. Puttaswamy, A. Sala, C. Wilson, and B. Y. Zhao. Protecting anonymity in dynamic peer-to-peer networks. In IEEE International Conference on Network Protocols (ICNP)(Oct. 2008), pages 104--113, 2008.

Digital Library

[15]

}}Michael K. Reiter and Aviel D. Rubin. Crowds: Anonymity for web transactions. Technical report, 1997.

Digital Library

[16]

}}Marc Rennhard and Bernhard Plattner. Introducing morphmix: peer-to-peer based anonymous internet usage with collusion detection. In WPES '02: Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society, pages 91--102, New York, NY, USA, 2002. ACM.

Digital Library

[17]

}}Antony I. T. Rowstron and Peter Druschel. Pastry: Scalable, decentralized object location, and routing for large-scale peer-to-peer systems. In Middleware '01: Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg, pages 329--350, London, UK, 2001. Springer-Verlag.

Digital Library

[18]

}}Atul Singh, Miguel Castro, Peter Druschel, and Antony Rowstron. Defending against eclipse attacks on overlay networks. In EW 11: Proceedings of the 11th workshop on ACM SIGOPS European workshop, page 21, New York, NY, USA, 2004. ACM.

Digital Library

[19]

}}Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, and Hari Balakrishnan. Chord: A scalable peer-to-peer lookup service for internet applications. In SIGCOMM '01: Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, pages 149--160, New York, NY, USA, 2001. ACM.

Digital Library

[20]

}}Andrew Tran, Nicholas Hopper, and Yongdae Kim. Hashing it out in public: common failure modes of dht-based anonymity schemes. In WPES '09: Proceedings of the 8th ACM workshop on Privacy in the electronic society, pages 71--80, New York, NY, USA, 2009. ACM.

Digital Library

[21]

}}Yingwu Zhu and Yiming Hu. Tap: A novel tunneling approach for anonymity in structured p2p systems. In ICPP '04: Proceedings of the 2004 International Conference on Parallel Processing, pages 21--28, Washington, DC, USA, 2004. IEEE Computer Society.

Digital Library

[22]

}}Li Zhuang, Feng Zhou, Ben Y. Zhao, and Antony Rowstron. Cashmere: resilient anonymous routing. In NSDI'05: Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation, pages 301--314, Berkeley, CA, USA, 2005. USENIX Association.

Digital Library

Cited By

Liu SChen LFu Y(2024)Periscoping: Private Key Distribution for Large-Scale MixnetsIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621274(681-690)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621274
Pasquini DRaynal MTroncoso C(2023)On the (In)security of Peer-to-Peer Decentralized Machine Learning2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179291(418-436)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179291
Panchenko AMitseva AKnabe S(2021)WhisperChord: Scalable and Secure Node Discovery for Overlay Networks2021 IEEE 46th Conference on Local Computer Networks (LCN)10.1109/LCN52139.2021.9525008(170-177)Online publication date: 4-Oct-2021
https://doi.org/10.1109/LCN52139.2021.9525008
Show More Cited By

Index Terms

Balancing the shadows
1. Security and privacy
  1. Network security

Recommendations

Information Leaks in Structured Peer-to-Peer Anonymous Communication Systems
Special Issue on Computer and Communications Security

We analyze information leaks in the lookup mechanisms of structured peer-to-peer (P2P) anonymous communication systems and how these leaks can be used to compromise anonymity. We show that the techniques used to combat active attacks on the lookup ...
In search of an anonymous and secure lookup: attacks on structured peer-to-peer anonymous communication systems
CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

The ability to locate random relays is a key challenge for peer-to-peer (P2P) anonymous communication systems. Earlier attempts like Salsa and AP3 used distributes hash table lookups to locate relays, but the lack of anonymity in their lookup mechanisms ...
Hashing it out in public: common failure modes of DHT-based anonymity schemes
WPES '09: Proceedings of the 8th ACM workshop on Privacy in the electronic society

We examine peer-to-peer anonymous communication systems that use Distributed Hash Table algorithms for relay selection. We show that common design flaws in these schemes lead to highly effective attacks against the anonymity provided by the schemes. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

WPES '10: Proceedings of the 9th annual ACM workshop on Privacy in the electronic society

October 2010

136 pages

ISBN:9781450300964

DOI:10.1145/1866919

General Chair:
Ehab Al-Shaer
University of North Carolina, Charlotte, USA
,
Program Chair:
Keith Frikken
Miami University, USA

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 October 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '10

Sponsor:

SIGSAC

CCS '10: 17th ACM Conference on Computer and Communications Security 2010

October 4, 2010

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
207
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Liu SChen LFu Y(2024)Periscoping: Private Key Distribution for Large-Scale MixnetsIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621274(681-690)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621274
Pasquini DRaynal MTroncoso C(2023)On the (In)security of Peer-to-Peer Decentralized Machine Learning2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179291(418-436)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179291
Panchenko AMitseva AKnabe S(2021)WhisperChord: Scalable and Secure Node Discovery for Overlay Networks2021 IEEE 46th Conference on Local Computer Networks (LCN)10.1109/LCN52139.2021.9525008(170-177)Online publication date: 4-Oct-2021
https://doi.org/10.1109/LCN52139.2021.9525008
Panchenko AMitseva AZiemann THering T(2021)GuardedGossip: Secure and Anonymous Node Discovery in Untrustworthy NetworksSecurity and Privacy in Communication Networks10.1007/978-3-030-90019-9_7(123-143)Online publication date: 3-Nov-2021
https://doi.org/10.1007/978-3-030-90019-9_7
Sasy SGoldberg I(2019)ConsenSGX: Scaling Anonymous Communications Networks with Trusted Execution EnvironmentsProceedings on Privacy Enhancing Technologies10.2478/popets-2019-00502019:3(331-349)Online publication date: 12-Jul-2019
https://doi.org/10.2478/popets-2019-0050
Herrmann MZhang RNing KDiaz CPreneel B(2014)Censorship-resistant and privacy-preserving distributed web search14-th IEEE International Conference on Peer-to-Peer Computing10.1109/P2P.2014.6934312(1-10)Online publication date: Sep-2014
https://doi.org/10.1109/P2P.2014.6934312
Germanus DRoos SStrufe TSuri N(2014)Mitigating Eclipse attacks in Peer-To-Peer networks2014 IEEE Conference on Communications and Network Security10.1109/CNS.2014.6997509(400-408)Online publication date: Oct-2014
https://doi.org/10.1109/CNS.2014.6997509
Wang QBorisov N(2012)OctopusProceedings of the 2012 IEEE 32nd International Conference on Distributed Computing Systems10.1109/ICDCS.2012.78(325-334)Online publication date: 18-Jun-2012
https://dl.acm.org/doi/10.1109/ICDCS.2012.78
Westermann BChia PKesdogan D(2012)Analyzing the Gold Star Scheme in a Split Tor NetworkSecurity and Privacy in Communication Networks10.1007/978-3-642-31909-9_5(77-95)Online publication date: 2012
https://doi.org/10.1007/978-3-642-31909-9_5
Mittal POlumofin FTroncoso CBorisov NGoldberg IWagner D(2011)PIR-TorProceedings of the 20th USENIX conference on Security10.5555/2028067.2028098(31-31)Online publication date: 8-Aug-2011
https://dl.acm.org/doi/10.5555/2028067.2028098

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents