Privacy-preserving P2P data sharing with OneSwarm

Privacy -- the protection of information from unauthorized disclosure -- is increasingly scarce on the Internet. The lack of privacy is particularly true for popular peer-to-peer data sharing applications such as BitTorrent where user behavior is easily monitored by third parties. Anonymizing overlays such as Tor and Freenet can improve user privacy, but only at a cost of substantially reduced performance. Most users are caught in the middle, unwilling to sacrifice either privacy or performance. In this paper, we explore a new design point in this tradeoff between privacy and performance. We describe the design and implementation of a new P2P data sharing protocol, called OneSwarm, that provides users much better privacy than BitTorrent and much better performance than Tor or Freenet. A key aspect of the OneSwarm design is that users have explicit configurable control over the amount of trust they place in peers and in the sharing model for their data: the same data can be shared publicly, anonymously, or with access control, with both trusted and untrusted peers. OneSwarm's novel lookup and transfer techniques yield a median factor of 3.4 improvement in download times relative to Tor and a factor of 6.9 improvement relative to Freenet. OneSwarm is publicly available and has been downloaded by hundreds of thousands of users since its release.

[1]  Keith W. Ross,et al.  BitTorrent Darknets , 2010, 2010 Proceedings IEEE INFOCOM.

[2]  Thomas E. Anderson,et al.  Profiling a million user dht , 2007, IMC '07.

[3]  Dirk Grunwald,et al.  BitBlender: light-weight anonymity for BitTorrent , 2008, AIPACa '08.

[4]  Andrew S. Tanenbaum,et al.  Safe and Private Data Sharing with Turtle: Friends Team-Up and Beat the System , 2004, Security Protocols Workshop.

[5]  Krishna P. Gummadi,et al.  Measurement and analysis of online social networks , 2007, IMC '07.

[6]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[7]  David E. Culler,et al.  A blueprint for introducing disruptive technology into the Internet , 2003, CCRV.

[8]  Riccardo Bettati,et al.  Anonymity analysis of mix networks against flow-correlation attacks , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[9]  Thomas E. Anderson,et al.  Leveraging BitTorrent for End Host Measurements , 2007, PAM.

[10]  Arun Venkataramani,et al.  iPlane: an information plane for distributed services , 2006, OSDI '06.

[11]  Thomas E. Anderson,et al.  One Hop Reputations for Peer to Peer File Sharing Workloads , 2008, NSDI.

[12]  Tadayoshi Kohno,et al.  Challenges and Directions for Monitoring P2P File Sharing Networks - or - Why My Printer Received a DMCA Takedown Notice , 2008, HotSec.

[13]  Scott Shenker,et al.  Making gnutella-like P2P systems scalable , 2003, SIGCOMM '03.

[14]  Emin Gün Sirer,et al.  Eluding carnivores: file sharing with strong anonymity , 2004, EW 11.

[15]  Seungyeop Han,et al.  Analysis of topological characteristics of huge online social networking services , 2007, WWW '07.

[16]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[17]  J. Turow,et al.  Americans Reject Tailored Advertising and Three Activities that Enable It , 2009 .

[18]  Pablo Rodriguez,et al.  Monitoring the Bittorrent Monitors: A Bird's Eye View , 2009, PAM.

[19]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[20]  Robert Tappan Morris,et al.  Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[21]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[22]  Robert Tappan Morris,et al.  Persistent personal names for globally connected mobile devices , 2006, OSDI '06.

[23]  Shriram K. Vasudevan,et al.  Sybil Guard: Defending Against Sybil Attacks via Social Networks , 2010 .

[24]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[25]  Jinyang Li,et al.  Friendstore: cooperative online backup using trusted nodes , 2008, SocialNets '08.

[26]  Krishna P. Gummadi,et al.  Measurement, modeling, and analysis of a peer-to-peer file-sharing workload , 2003, SOSP '03.

[27]  Sachin Katti,et al.  Slicing the Onion: Anonymous Routing Without PKI , 2005 .

[28]  B. Cohen,et al.  Incentives Build Robustness in Bit-Torrent , 2003 .

[29]  Krishna P. Gummadi,et al.  Ostra: Leveraging Trust to Thwart Unwanted Communication , 2008, NSDI.

[30]  Eytan Adar,et al.  Free Riding on Gnutella , 2000, First Monday.

[31]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[32]  Pablo Rodriguez,et al.  I tube, you tube, everybody tubes: analyzing the world's largest user generated content video system , 2007, IMC '07.

[33]  Krishna P. Gummadi,et al.  Growth of the flickr social network , 2008, WOSN '08.

[34]  Mark E. J. Newman,et al.  Power-Law Distributions in Empirical Data , 2007, SIAM Rev..

[35]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[36]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[37]  Arun Venkataramani,et al.  Do incentives build robustness in bit torrent , 2007 .