Communications in unknown networks: Preserving the secret of topology

In cryptography we investigate security aspects of data distributed in a network. This kind of security does not protect the secrecy of the network topology against being discovered if some kind of communication has taken place. But there are several scenarios where the network topology has to be a part of the secret. In this paper we study the question of communication within a secret network where the processing nodes of the network have only partial knowledge (e.g. given as routing tables) of the topology. We introduce a model for measuring the loss of security of the topology when far distance communication takes place. A communication protocol preserves the secret of topology if no processing node can deduce additional information about the topology from the communication. We will investigate lower bounds on the knowledge that can be revealed from the communication string and show, for instance, that some knowledge about distances can always be revealed. Then, we consider routing tables. We show that several kinds of routing tables are not sufficient to guarantee the secrecy of topology. On the other hand, if a routing table allows us to specify the direction from which a message is coming, we can run a protocol solving the all-to-all communication problem such that no processing node can gain additional knowledge about the network. Finally, we investigate the problem of whether routing tables can be generated from the local knowledge of the processing nodes without losing the secrecy of the network topology with respect to the resulting knowledge base. It will be shown that this is not possible for static networks and most kinds of dynamic networks.

[1]  Matthew K. Franklin,et al.  Secure Communication in Minimal Connectivity Models , 1998, Journal of Cryptology.

[2]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[3]  Andreas Jakoby,et al.  Private Computations in Networks: Topology versus Randomness , 2003, STACS.

[4]  Andreas Jakoby,et al.  Private Computation - k-Connected versus 1-Connected Networks , 2002, CRYPTO.

[5]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[6]  Matthew K. Franklin,et al.  Secure hypergraphs: privacy from partial broadcast (Extended Abstract). , 1995, STOC 1995.

[7]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[8]  Andreas Jakoby,et al.  Communications in Unknown Networks: Preserving the Secret of Topology , 2005, SIROCCO.

[9]  Baruch Awerbuch,et al.  An on-demand secure routing protocol resilient to byzantine failures , 2002, WiSE '02.

[10]  Matthew K. Franklin,et al.  Secure hypergraphs: privacy from partial broadcast , 1995, STOC '95.

[11]  Mike Burmester,et al.  Weathering the Storm: Managing Redundancy and Security in Ad Hoc Networks , 2004, ADHOC-NOW.

[12]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[13]  Yvo Desmedt,et al.  Secure Communication in an Unknown Network Using Certificates , 1999, ASIACRYPT.

[14]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[15]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[16]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[17]  Mike Burmester,et al.  Secure multipath communication in mobile ad hoc networks , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[18]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[19]  Yongge Wang,et al.  Secure Communication in Broadcast Channels: The Answer to Franklin and Wright's Question , 1999, EUROCRYPT.

[20]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[21]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[22]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[23]  Danny Dolev,et al.  The Byzantine Generals Strike Again , 1981, J. Algorithms.