Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Abstract Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems.

[1]  Robert Tappan Morris,et al.  Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[2]  Niloy Ganguly,et al.  Analyzing the vulnerability of superpeer networks against attack , 2007, CCS '07.

[3]  Yitao Duan,et al.  P4P: Practical Large-Scale Privacy-Preserving Distributed Computation Robust against Malicious Users , 2010, USENIX Security Symposium.

[4]  Jianping Pan,et al.  The impact of NAT on BitTorrent-like P2P systems , 2009, 2009 IEEE Ninth International Conference on Peer-to-Peer Computing.

[5]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[6]  George Danezis,et al.  PrivEx: Private Collection of Traffic Statistics for Anonymous Communication Networks , 2014, CCS.

[7]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[8]  Robert Tappan Morris,et al.  Alpaca: extensible authorization for distributed services , 2007, CCS '07.

[9]  Ben Laurie,et al.  Certificate transparency , 2014, Commun. ACM.

[10]  Micah Adler,et al.  An Analysis of the Degradation of Anonymous Protocols , 2002, NDSS.

[11]  David Wolinsky,et al.  Crypto-Book: an architecture for privacy preserving online identities , 2013, HotNets.

[12]  Michael J. Freedman,et al.  CONIKS: Bringing Key Transparency to End Users , 2015, USENIX Security Symposium.

[13]  Adrian Perrig,et al.  Distributed detection of node replication attacks in sensor networks , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[14]  Cristina Nita-Rotaru,et al.  On the accuracy of decentralized virtual coordinate systems in adversarial networks , 2007, CCS '07.

[15]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[16]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[17]  Tharam S. Dillon,et al.  System intrusion processes: a simulation model , 1997, Comput. Secur..

[18]  George Danezis,et al.  Sybil-Resistant DHT Routing , 2005, ESORICS.

[19]  Radu Sion,et al.  XPay: practical anonymous payments for tor routing and other networked services , 2009, WPES '09.

[20]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[21]  Ghassan O. Karame,et al.  Double-spending fast payments in bitcoin , 2012, CCS.

[22]  Harry Halpin,et al.  LEAP: A Next-Generation Client VPN and Encrypted Email Provider , 2016, CANS.

[23]  Alex Pentland,et al.  Enigma: Decentralized Computation Platform with Guaranteed Privacy , 2015, ArXiv.

[24]  Dirk Grunwald,et al.  Low-resource routing attacks against tor , 2007, WPES '07.

[25]  Elaine Shi,et al.  Multi-cloud oblivious storage , 2013, CCS.

[26]  Alptekin Küpçü,et al.  Making p2p accountable without losing privacy , 2007, WPES '07.

[27]  Dimitris Gritzalis,et al.  Secure Electronic Voting , 2003, Advances in Information Security.

[28]  Dawn Xiaodong Song,et al.  Preserving Link Privacy in Social Network Based Systems , 2012, NDSS.

[29]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[30]  Aniket Kate,et al.  (Nothing else) MATor(s): Monitoring the Anonymity of Tor's Path Selection , 2014, IACR Cryptol. ePrint Arch..

[31]  Paul Baran,et al.  On Distributed Communications , 1964 .

[32]  Joan Feigenbaum,et al.  KeyNote: Trust Management for Public-Key Infrastructures (Position Paper) , 1998, Security Protocols Workshop.

[33]  Sushil Jajodia,et al.  Providing witness anonymity in peer-to-peer systems , 2006, CCS '06.

[34]  Jun Wang,et al.  TRIBLER: a social‐based peer‐to‐peer system , 2008, IPTPS.

[35]  Jon Postel,et al.  Simple Mail Transfer Protocol , 1981, RFC.

[36]  Nicholas Hopper,et al.  Scalable onion routing with torsk , 2009, CCS.

[37]  Marianne Winslett,et al.  PeerAccess: a logic for distributed authorization , 2005, CCS '05.

[38]  Ian Goldberg,et al.  DefenestraTor: Throwing Out Windows in Tor , 2011, PETS.

[39]  Peter Saint-Andre Extensible Messaging and Presence Protocol (XMPP): Core , 2011, RFC.

[40]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[41]  Jussi Kangasharju,et al.  Measuring large-scale distributed systems: case of BitTorrent Mainline DHT , 2013, IEEE P2P 2013 Proceedings.

[42]  Herbert Bos,et al.  SoK: P2PWNED - Modeling and Evaluating the Resilience of Peer-to-Peer Botnets , 2013, 2013 IEEE Symposium on Security and Privacy.

[43]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[44]  Christian Grothoff,et al.  A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name System , 2014, CANS.

[45]  Ian Goldberg,et al.  Practical Robust Communication in DHTs Tolerating a Byzantine Adversary , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[46]  Christian Decker,et al.  Exploring and improving BitTorrent topologies , 2013, IEEE P2P 2013 Proceedings.

[47]  George Danezis,et al.  DP5: A Private Presence Service , 2015, Proc. Priv. Enhancing Technol..

[48]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[49]  Minaxi Gupta,et al.  Inferring Mechanics of Web Censorship Around the World , 2012, FOCI.

[50]  Paul F. Syverson,et al.  As-awareness in Tor path selection , 2009, CCS.

[51]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[52]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[53]  R. Anderson The Eternity Service , 1996 .

[54]  Lorrie Faith Cranor,et al.  Publius: A Robust, Tamper-Evident, Censorship-Resistant, and Source-Anonymous Web Publishing System , 2000, USENIX Security Symposium.

[55]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[56]  Prateek Mittal,et al.  Pisces: Anonymous Communication Using Social Networks , 2013, NDSS.

[57]  George Danezis,et al.  Panel Discussion - Mix Cascades Versus Peer-to-Peer: Is One Concept Superior? , 2004, Privacy Enhancing Technologies.

[58]  Martín Abadi,et al.  Authentication in the Taos operating system , 1994, TOCS.

[59]  Ariel J. Feldman,et al.  Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider , 2012, USENIX Security Symposium.

[60]  Rajesh Sharma,et al.  SuperNova: Super-peers based architecture for decentralized online social networks , 2011, 2012 Fourth International Conference on Communication Systems and Networks (COMSNETS 2012).

[61]  Ronald L. Rivest,et al.  SDSI - A Simple Distributed Security Infrastructure , 1996 .

[62]  Aviel D. Rubin,et al.  Publius: a robust, tamper-evident, censorship-resistant web publishing system , 2000 .

[63]  Sean W. Smith,et al.  Nymble: Blocking Misbehaving Users in Anonymizing Networks , 2011, IEEE Transactions on Dependable and Secure Computing.

[64]  Stefan Schiffner,et al.  On the limits of privacy in reputation systems , 2011, WPES.

[65]  Dan Boneh,et al.  Riposte: An Anonymous Messaging System Handling Millions of Users , 2015, 2015 IEEE Symposium on Security and Privacy.

[66]  Jan Camenisch,et al.  Endorsed E-Cash , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[67]  Nikita Borisov,et al.  Defending Tor from Network Adversaries: A Case Study of Network Path Prediction , 2014, Proc. Priv. Enhancing Technol..

[68]  Vitaly Shmatikov,et al.  De-anonymizing Social Networks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[69]  Gregor Schiele,et al.  Efficient bandwidth estimation for peer-to-peer systems , 2011, 2011 IEEE International Conference on Peer-to-Peer Computing.

[70]  Sudheendra Hangal,et al.  PrPl: a decentralized social networking infrastructure , 2010, MCS '10.

[71]  Micah Adler,et al.  The predecessor attack: An analysis of a threat to anonymous communications systems , 2004, TSEC.

[72]  R. Dingledine,et al.  Design of a blocking-resistant anonymity system , 2006 .

[73]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[74]  David C. Parkes,et al.  On non-cooperative location privacy: a game-theoretic analysis , 2009, CCS.

[75]  Helen Collinson Abstracts of recent articles and literature: Battening down the hatches , 1996 .

[76]  Felix Freitag,et al.  Tahoe-LAFS Distributed Storage Service in Community Network Clouds , 2014, 2014 IEEE Fourth International Conference on Big Data and Cloud Computing.

[77]  Dan Bogdanov,et al.  Sharemind: A Framework for Fast Privacy-Preserving Computations , 2008, ESORICS.

[78]  Nicholas Hopper,et al.  Hashing it out in public: common failure modes of DHT-based anonymity schemes , 2009, WPES '09.

[79]  Sushil Jajodia,et al.  Tracking anonymous peer-to-peer VoIP calls on the internet , 2005, CCS '05.

[80]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks , 2010, IEEE/ACM Trans. Netw..

[81]  Andy Oram,et al.  Peer-to-Peer: Harnessing the Power of Disruptive Technologies , 2001 .

[82]  Micah Sherr,et al.  An Empirical Evaluation of Relay Selection in Tor , 2013, NDSS.

[83]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[84]  Zhong Chen,et al.  Sorcery: Could we make P2P content sharing systems robust to deceivers? , 2009, 2009 IEEE Ninth International Conference on Peer-to-Peer Computing.

[85]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[86]  David Mazières,et al.  Tangler: a censorship-resistant publishing system based on document entanglements , 2001, CCS '01.

[87]  Hannes Federrath,et al.  Revocable Anonymity , 2006, Emerging Trends in Information and Communication Security.

[88]  Roel Peeters,et al.  Distributed privacy-preserving transparency logging , 2013, WPES.

[89]  David Wolinsky,et al.  AnonRep: Towards Tracking-Resistant Anonymous Reputation , 2016, NSDI.

[90]  Christian Grothoff,et al.  Privacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study Using I2P , 2011, PETS.

[91]  Nikita Borisov,et al.  A Tune-up for Tor: Improving Security and Performance in the Tor Network , 2008, NDSS.

[92]  Brent Waters,et al.  Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs , 2010, NDSS.

[93]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[94]  A. Pfitzmann,et al.  Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology , 2002 .

[95]  Pradeep K. Khosla,et al.  Survivable Information Storage Systems , 2000, Computer.

[96]  Andreas Terzis,et al.  On the Effectiveness of Distributed Worm Monitoring , 2005, USENIX Security Symposium.

[97]  Ian Goldberg,et al.  Enhancing Tor's performance using real-time traffic classification , 2012, CCS.

[98]  Benjamin C. M. Fung,et al.  Secure Distributed Framework for Achieving ε-Differential Privacy , 2012, Privacy Enhancing Technologies.

[99]  Arnar Birgisson,et al.  Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud , 2014, NDSS.

[100]  Micah Sherr,et al.  Scalable Link-Based Relay Selection for Anonymous Routing , 2009, Privacy Enhancing Technologies.

[101]  Ian Goldberg,et al.  An improved algorithm for tor circuit scheduling , 2010, CCS '10.

[102]  Sonja Buchegger,et al.  Implementing a P2P Social Network - Early Experiences and Insights from PeerSoN , 2009 .

[103]  Sean W. Smith,et al.  PEREA: towards practical TTP-free revocation in anonymous authentication , 2008, CCS.

[104]  Xin Zhang,et al.  SCION: Scalability, Control, and Isolation on Next-Generation Networks , 2011, 2011 IEEE Symposium on Security and Privacy.

[105]  Maxim Raya,et al.  Revocation games in ephemeral networks , 2008, CCS.

[106]  Sanjay Ghemawat,et al.  MapReduce: Simplified Data Processing on Large Clusters , 2004, OSDI.

[107]  Lujo Bauer,et al.  Distributed proving in access-control systems , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[108]  David Wolinsky,et al.  Dissent in Numbers: Making Strong Anonymity Scale , 2012, OSDI.

[109]  Joos Vandewalle,et al.  Revocable anonymous access to the Internet? , 2003, Internet Res..

[110]  Lance J. Hoffman,et al.  A shortest path network security model , 1993, Comput. Secur..

[111]  Wilson C. Hsieh,et al.  Bigtable: A Distributed Storage System for Structured Data , 2006, TOCS.

[112]  John M. Rushby,et al.  Design and verification of secure systems , 1981, SOSP.

[113]  Phillip B. Gibbons,et al.  DCast: sustaining collaboration in overlay multicast despite rational collusion , 2012, CCS.

[114]  Bryce Wilcox-O ' Hearn Experiences Deploying a Large-Scale Emergent Network , 2002 .

[115]  Adrian Perrig,et al.  Efficient security primitives derived from a secure aggregation algorithm , 2008, CCS.

[116]  Sean W. Smith,et al.  Blacklistable anonymous credentials: blocking misbehaving users without ttps , 2007, CCS '07.

[117]  Hovav Shacham,et al.  Randomizable Proofs and Delegatable Anonymous Credentials , 2009, CRYPTO.

[118]  Cristina Nita-Rotaru,et al.  A survey of attack and defense techniques for reputation systems , 2009, CSUR.

[119]  Kuo-Young Cheng,et al.  A desirable form for sparse matrices when computing their inverse in factored forms , 2005, Computing.

[120]  Carmela Troncoso,et al.  Drac: An Architecture for Anonymous Low-Volume Communications , 2010, Privacy Enhancing Technologies.

[121]  Honggang Zhang,et al.  The growth of Diaspora - A decentralized online social network in the wild , 2012, 2012 Proceedings IEEE INFOCOM Workshops.

[122]  Christian Grothoff,et al.  Automatic transport selection and resource allocation for resilient communication in decentralised networks , 2014, 14-th IEEE International Conference on Peer-to-Peer Computing.

[123]  Fabian Monrose,et al.  DNS Prefetching and Its Privacy Implications: When Good Things Go Bad , 2010, LEET.

[124]  Iddo Bentov,et al.  How to Use Bitcoin to Incentivize Correct Computations , 2014, CCS.

[125]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[126]  Steven Myers,et al.  ANONIZE: A Large-Scale Anonymous Survey System , 2014, 2014 IEEE Symposium on Security and Privacy.

[127]  Valérie Viet Triem Tong,et al.  An efficient distributed PKI for structured P2P networks , 2009, 2009 IEEE Ninth International Conference on Peer-to-Peer Computing.

[128]  Glenn Greenwald,et al.  No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State , 2014 .

[129]  Alex Biryukov,et al.  Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization , 2013, 2013 IEEE Symposium on Security and Privacy.

[130]  Nick Mathewson,et al.  Anonymity Loves Company: Usability and the Network Effect , 2006, WEIS.

[131]  Claudia Diaz,et al.  Hero or Villain: The Data Controller in Privacy Law and Technologies , 2013 .

[132]  Harsha V. Madhyastha,et al.  LASTor: A Low-Latency AS-Aware Tor Client , 2012, IEEE/ACM Transactions on Networking.

[133]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[134]  Qi Zhang,et al.  Indra: a peer-to-peer approach to network intrusion detection and prevention , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..

[135]  Apu Kapadia,et al.  Halo: High-Assurance Locate for Distributed Hash Tables , 2008, NDSS.

[136]  Prateek Mittal,et al.  In search of an anonymous and secure lookup: attacks on structured peer-to-peer anonymous communication systems , 2010, CCS '10.

[137]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[138]  Andra Giurgiu,et al.  No Place to Hide – Edward Snowden, the NSA and the Surveillance State , 2015 .

[139]  Carmela Troncoso,et al.  PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval , 2011, USENIX Security Symposium.

[140]  Helen Nissenbaum,et al.  A Critical Look at Decentralized Personal Data Architectures , 2012, ArXiv.

[141]  Carl M. Ellison,et al.  Establishing identity without certification authorities , 1996 .

[142]  Prateek Mittal,et al.  X-Vine: Secure and Pseudonymous Routing in DHTs Using Social Networks , 2012, NDSS.

[143]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[144]  Alex Biryukov,et al.  Deanonymisation of Clients in Bitcoin P2P Network , 2014, CCS.

[145]  Nicholas Hopper,et al.  Membership-concealing overlay networks , 2009, CCS.

[146]  Ethan L. Miller,et al.  POTSHARDS: Secure Long-Term Storage Without Encryption , 2007, USENIX Annual Technical Conference.

[147]  Jan Camenisch,et al.  How to win the clonewars: efficient periodic n-times anonymous authentication , 2006, CCS '06.

[148]  Joachim Biskup,et al.  Threshold-based identity recovery for privacy enhanced applications , 2000, CCS.

[149]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[150]  Nikita Borisov,et al.  Cachet: a decentralized architecture for privacy preserving social networking with caching , 2012, CoNEXT '12.

[151]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[152]  Robert N. M. Watson,et al.  Metrics for Security and Performance in Low-Latency Anonymity Systems , 2008, Privacy Enhancing Technologies.

[153]  Amit A. Levy,et al.  Vanish: Increasing Data Privacy with Self-Destructing Data , 2009, USENIX Security Symposium.

[154]  Nicolas Kourtellis,et al.  Socially-aware distributed hash tables for decentralized online social networks , 2015, 2015 IEEE International Conference on Peer-to-Peer Computing (P2P).

[155]  Nick Mathewson,et al.  Trust-based anonymous communication: adversary models and routing algorithms , 2011, CCS '11.

[156]  Hector Garcia-Molina,et al.  PPay: micropayments for peer-to-peer systems , 2003, CCS '03.

[157]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[158]  Nikita Borisov,et al.  rBridge: User Reputation based Tor Bridge Distribution with Privacy Preservation , 2013, NDSS.

[159]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[160]  Steven J. Murdoch,et al.  Sampled Traffic Analysis by Internet-Exchange-Level Adversaries , 2007, Privacy Enhancing Technologies.

[161]  Christian Scheideler,et al.  HSkip+: A self-stabilizing overlay network for nodes with heterogeneous bandwidths , 2014, 14-th IEEE International Conference on Peer-to-Peer Computing.

[162]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[163]  Thorsten Strufe,et al.  A survey on decentralized Online Social Networks , 2014, Comput. Networks.

[164]  Peter Schaar,et al.  Privacy by Design , 2010 .

[165]  Mihir Bellare,et al.  Robust computational secret sharing and a unified account of classical secret-sharing goals , 2007, CCS '07.

[166]  Matthew K. Wright,et al.  Salsa: a structured approach to large-scale anonymity , 2006, CCS '06.

[167]  Prateek Mittal,et al.  Information leaks in structured peer-to-peer anonymous communication systems , 2008, CCS.

[168]  Sean W. Smith,et al.  Nymble: Anonymous IP-Address Blocking , 2007, Privacy Enhancing Technologies.

[169]  Chandra Prakash,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2011 .

[170]  David P. Anderson,et al.  SETI@home: an experiment in public-resource computing , 2002, CACM.

[171]  Carmela Troncoso,et al.  Impact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks , 2010, Privacy Enhancing Technologies.

[172]  Fang Yu,et al.  Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures , 2013, 2013 IEEE Symposium on Security and Privacy.

[173]  Prateek Mittal,et al.  ShadowWalker: peer-to-peer anonymous communication using redundant structured topologies , 2009, CCS.

[174]  Ninghui Li,et al.  Distributed Credential Chain Discovery in Trust Management , 2003, J. Comput. Secur..

[175]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[176]  Ralf Sasse,et al.  Automated Verification of Group Key Agreement Protocols , 2014, 2014 IEEE Symposium on Security and Privacy.