Secure communication over diverse transports: [short paper]

This paper describes BTP, a protocol that ensures the confidentiality, integrity, authenticity and forward secrecy of communication over diverse underlying transports, from low-latency, bidirectional transports like TCP to high-latency, unidirectional transports like DVDs sent through the mail. BTP is designed for use in censorship-resistant delay-tolerant overlays that operate over heterogeneous mixtures of underlying transports. By providing consistent security properties for a very wide range of transports, BTP simplifies the design and implementation of such overlays. Forward secrecy is achieved by establishing an initial shared secret between each pair of endpoint devices and using a one-way key derivation function to generate a series of temporary shared secrets from the initial shared secret. Once both devices have destroyed a given temporary secret, any keys derived from it cannot be re-derived if the devices are later compromised. BTP is designed to be compatible with traffic analysis prevention techniques such as traffic morphing: the protocol includes optional padding and uses no timeouts, handshakes or plaintext headers, with the goal of making it difficult to distinguish BTP from other protocols. If unlinkability between communicating devices is required, BTP can use anonymity systems such as Tor and Mixminion as underlying transports.

[1]  Charles V. Wright,et al.  Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis , 2009, NDSS.

[2]  Ben Laurie,et al.  Forward Secrecy Extensions for OpenPGP , 2001 .

[3]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[4]  Ross J. Anderson,et al.  Two remarks on public key cryptology , 2002 .

[5]  Tim Dierks,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .

[6]  Christian Grothoff,et al.  A Transport Layer A straction for Peer-to-Peer Networks , 2003, CCGRID.

[7]  David L. Mills,et al.  Internet Engineering Task Force (ietf) Network Time Protocol Version 4: Protocol and Algorithms Specification , 2010 .

[8]  Christian Grothoff,et al.  A transport layer abstraction for peer-to-peer networks , 2003, CCGrid 2003. 3rd IEEE/ACM International Symposium on Cluster Computing and the Grid, 2003. Proceedings..

[9]  Nikita Borisov,et al.  Cirripede: circumvention infrastructure using router redirection with plausible deniability , 2011, CCS '11.

[10]  Nicholas Hopper,et al.  SilentKnock: practical, provably undetectable authentication , 2008, International Journal of Information Security.

[11]  Yunhong Gu UDT: UDP-based Data Transfer Protocol , 2010 .

[12]  Lidong Chen,et al.  Recommendation for Key Derivation Using Pseudorandom Functions (Revised) , 2009 .

[13]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[14]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[15]  Nikita Borisov,et al.  Off-the-record communication, or, why not to use PGP , 2004, WPES '04.

[16]  Aniket Kate,et al.  Anonymity and security in delay tolerant networks , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[17]  Vinton G. Cerf,et al.  Delay-Tolerant Networking Architecture , 2007, RFC.

[18]  Charalampos Manifavas,et al.  A new family of authentication protocols , 1998, OPSR.

[19]  Mihir Bellare,et al.  Forward-Security in Private-Key Cryptography , 2003, CT-RSA.

[20]  Mihir Bellare,et al.  OCB: a block-cipher mode of operation for efficient authenticated encryption , 2001, CCS '01.

[21]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[22]  Jon Callas,et al.  OpenPGP Message Format , 1998, RFC.

[23]  Ian Goldberg,et al.  Telex: Anticensorship in the Network Infrastructure , 2011, USENIX Security Symposium.

[24]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[25]  Timothy Roscoe,et al.  Techniques for Lightweight Concealment and Authentication in IP Networks , 2002 .

[26]  Steven Swanson,et al.  Reliably Erasing Data from Flash-Based Solid State Drives , 2011, FAST.

[27]  Paul F. Syverson,et al.  Improving Efficiency and Simplicity of Tor Circuit Establishment and Hidden Services , 2007, Privacy Enhancing Technologies.