Anonymous Networking with Minimum Latency in Multihop Networks

The problem of security against timing based traffic analysis in multihop networks is considered in this work. In particular, the relationship between the level of anonymity provided and the quality of service, as measured by network latency, is analyzed theoretically. Using an information theoretic measure of anonymity of routes in eavesdropped networks is considered, and packet scheduling strategies are designed to guarantee any desired level of anonymity. In particular, for individual relays, scheduling strategies based on mixing are designed so that the incoming and outgoing transmission epochs do not reveal any information. The proposed strategies utilize a limited fraction of dummy transmissions, and a significant reduction in packet latency at individual relays is demonstrated analytically for Poisson distributed arrivals. To minimize overall network latency, a randomized selection strategy is considered to choose the set of relays that use the designed scheduling strategies. The random selection is optimized for the desired level of anonymity using a well known distortion rate optimization in information theory. The tradeoff between overall network latency and anonymity in the network is characterized for centralized and decentralized scheduling strategies.

[1]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[2]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[3]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[4]  Richard E. Blahut,et al.  Computation of channel capacity and rate-distortion functions , 1972, IEEE Trans. Inf. Theory.

[5]  Roger Dingledine,et al.  Reliable MIX Cascade Networks through Reputation , 2002, Financial Cryptography.

[6]  Lang Tong,et al.  Anonymous Networking Amidst Eavesdroppers , 2008, IEEE Transactions on Information Theory.

[7]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[8]  David R. Cox,et al.  The Theory of Stochastic Processes , 1967, The Mathematical Gazette.

[9]  Robert Tappan Morris,et al.  Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[10]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[11]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[12]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[13]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[14]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[15]  Bruce Hajek,et al.  Hiding traffic flow in communication networks , 1992, MILCOM 92 Conference Record.

[16]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[17]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[18]  Steven Gianvecchio,et al.  Detecting covert timing channels: an entropy-based approach , 2007, CCS '07.

[19]  Riccardo Bettati,et al.  On Flow Correlation Attacks and Countermeasures in Mix Networks , 2004, Privacy Enhancing Technologies.

[20]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[21]  Birgit Pfitzmann,et al.  ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead , 1991, Kommunikation in Verteilten Systemen.

[22]  Hannes Federrath,et al.  Web MIXes: A System for Anonymous and Unobservable Internet Access , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[23]  George Danezis,et al.  Mix Cascades vs. Peer-to-Peer: Is One Concept Superior? , 2004 .