论文信息 - Design and Analysis of an IPLayer Anonymizing Infrastructure

Design and Analysis of an IPLayer Anonymizing Infrastructure

This paper describes an IP-layer anonymizing infrastructure , called ANON, which allows server addresses to be hidden from clients and vice versa. In providing address anonymity, ANON uses a network resident set of IP-layer anonymizing forwarders that can forward IP packets with nested encryption and decryption applied to their source and destination addresses. To prevent adversaries from compromising the anonymity by learning the forwarding path, ANON incorporates a suite of countermeasures, including non-malleable, semantically secure link encryp-tion and link padding. To lower the bandwidth cost of padding traffic, two novel algorithms are suggested: on-demand link padding and probabilistic link padding. To prevent inband denial of service (DoS) attacks through the anonymizing infrastructure itself, ANON uses rate limiting. Finally, ANON makes use of fault-tolerant transport networks to enhance its resilience against failures and out-band attacks.

[1] Deborah Estrin,et al. Advances in network simulation , 2000, Computer.

[2] Jean-François Raymond,et al. Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[3] H. T. Kung,et al. An IP-layer anonymizing infrastructure , 2002, MILCOM 2002. Proceedings.

[4] Moni Naor,et al. Non-malleable cryptography , 1991, STOC '91.

[5] David Chaum,et al. Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[6] Randall J. Atkinson,et al. IP Encapsulating Security Payload (ESP) , 1995, RFC.

[7] Robert Tappan Morris,et al. Introducing Tarzan, a Peer-to-Peer Anonymizing Network Layer , 2002, IPTPS.

[8] Angelos D. Keromytis,et al. SOS: secure overlay services , 2002, SIGCOMM '02.

[9] Craig Partridge,et al. Host Anycasting Service , 1993, RFC.

[10] Douglas S. Reeves,et al. Inter-Packet Delay Based Correlation for Tracing Encrypted Connections through Stepping Stones , 2002, ESORICS.

[11] Paul F. Syverson,et al. Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[12] David R. Karger,et al. Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.