Scalable onion routing with torsk

We introduce Torsk, a structured peer-to-peer low-latency anonymity protocol. Torsk is designed as an interoperable replacement for the relay selection and directory service of the popular Tor anonymity network, that decreases the bandwidth cost of relay selection and maintenance from quadratic to quasilinear while introducing no new attacks on the anonymity provided by Tor, and no additional delay to connections made via Tor. The resulting bandwidth savings make a modest-sized Torsk network significantly cheaper to operate, and allows low-bandwidth clients to join the network. Unlike previous proposals for P2P anonymity schemes, Torsk does not require all users to relay traffic for others. Torsk utilizes a combination of two P2P lookup mechanisms with complementary strengths in order to avoid attacks on the confidentiality and integrity of lookups. We show by analysis that previously known attacks on P2P anonymity schemes do not apply to Torsk, and report on experiments conducted with a 336-node wide-area deployment of Torsk, demonstrating its efficiency and feasibility.

[1]  Moritz Steiner,et al.  Analyzing peer behavior in KAD , 2007 .

[2]  Vinod Vaikuntanathan,et al.  Information leak in the Chord lookup protocol , 2004 .

[3]  Vinod Vaikuntanathan,et al.  Information leak in the Chord lookup protocol , 2004, Proceedings. Fourth International Conference on Peer-to-Peer Computing, 2004. Proceedings..

[4]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[5]  Steven J. Murdoch,et al.  Sampled Traffic Analysis by Internet-Exchange-Level Adversaries , 2007, Privacy Enhancing Technologies.

[6]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[7]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[8]  Uriel Feige,et al.  Spectral techniques applied to sparse random graphs , 2005, Random Struct. Algorithms.

[9]  Peng Wang,et al.  Myrmic : Secure and Robust DHT Routing , 2007 .

[10]  Ben Y. Zhao,et al.  OceanStore: an architecture for global-scale persistent storage , 2000, SIGP.

[11]  Bernhard Plattner,et al.  Introducing MorphMix: peer-to-peer based anonymous Internet usage with collusion detection , 2002, WPES '02.

[12]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM 2001.

[13]  Andrei Z. Broder,et al.  On the second eigenvalue of random regular graphs , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[14]  Robert Tappan Morris,et al.  Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[15]  Daniel Stutzbach,et al.  Understanding churn in peer-to-peer networks , 2006, IMC '06.

[16]  Nikita Borisov,et al.  Breaking the Collusion Detection Mechanism of MorphMix , 2006, Privacy Enhancing Technologies.

[17]  Nick Feamster,et al.  Location diversity in anonymity networks , 2004, WPES '04.

[18]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[19]  Miguel Castro,et al.  Security for Structured Peer-to-peer Overlay Networks , 2004 .

[20]  David Erman,et al.  BitTorrent Session Characteristics and Models , 2005 .

[21]  Matthew K. Wright,et al.  Salsa: a structured approach to large-scale anonymity , 2006, CCS '06.

[22]  Prateek Mittal,et al.  Information leaks in structured peer-to-peer anonymous communication systems , 2008, CCS.

[23]  George Danezis,et al.  Route Fingerprinting in Anonymous Communications , 2006, Sixth IEEE International Conference on Peer-to-Peer Computing (P2P'06).

[24]  U. Feige,et al.  Spectral techniques applied to sparse random graphs , 2005 .

[25]  Yongdae Kim,et al.  Attacking the Kad network , 2008, SecureComm.

[26]  Weblog Wikipedia,et al.  In Wikipedia the Free Encyclopedia , 2005 .

[27]  Taoufik En-Najjary,et al.  A global view of kad , 2007, IMC '07.

[28]  Robert Morris,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM 2001.

[29]  Amos Fiat,et al.  Making Chord Robust to Byzantine Attacks , 2005, ESA.

[30]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[31]  G. Danezis,et al.  Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity , 2007 .

[32]  Nikita Borisov,et al.  A Tune-up for Tor: Improving Security and Performance in the Tor Network , 2008, NDSS.

[33]  Christian Scheideler,et al.  The Effect of Faults on Network Expansion , 2004, SPAA '04.

[34]  Dan S. Wallach,et al.  AP3: cooperative, decentralized anonymous communication , 2004, EW 11.

[35]  George Danezis,et al.  Bridging and Fingerprinting: Epistemic Attacks on Route Selection , 2008, Privacy Enhancing Technologies.

[36]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[37]  Antony I. T. Rowstron,et al.  Cashmere: resilient anonymous routing , 2005, NSDI.

[38]  Moritz Steiner Load reduction in the KAD peer-to-peer system , 2007 .

[39]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[40]  George Danezis,et al.  Denial of service or denial of security? , 2007, CCS '07.

[41]  Hannes Federrath,et al.  Web MIXes: A System for Anonymous and Unobservable Internet Access , 2000, Workshop on Design Issues in Anonymity and Unobservability.