Impact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks

Low-latency anonymous communication networks require padding to resist timing analysis attacks, and dependent link padding has been proven to prevent these attacks with minimal overhead. In this paper we consider low-latency anonymity networks that implement dependent link padding, and examine various network topologies. We find that the choice of the topology has an important influence on the padding overhead and the level of anonymity provided, and that Stratified networks offer the best trade-off between them. We show that fully connected network topologies (Free Routes) are impractical when dependent link padding is used, as they suffer from feedback effects that induce disproportionate amounts of padding; and that Cascade topologies have the lowest padding overhead at the cost of poor scalability with respect to anonymity. Furthermore, we propose an variant of dependent link padding that considerably reduces the overhead at no loss in anonymity with respect to external adversaries. Finally, we discuss how Tor, a deployed large-scale anonymity network, would need to be adapted to support dependent link padding.

[1]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[2]  Carmela Troncoso,et al.  The Bayesian Analysis of Mix Networks , 2009, CCS 2009.

[3]  Andrei Serjantov,et al.  On the anonymity of anonymity systems , 2004 .

[4]  Vitaly Shmatikov,et al.  Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses , 2006, ESORICS.

[5]  Peter Palfrader,et al.  Mixmaster protocol --- version 2 , 2000 .

[6]  U Moeller,et al.  Mixmaster Protocol Version 2 , 2004 .

[7]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[8]  Nikita Borisov,et al.  RAINBOW: A Robust And Invisible Non-Blind Watermark for Network Flows , 2009, NDSS.

[9]  Steven J. Murdoch,et al.  Sampled Traffic Analysis by Internet-Exchange-Level Adversaries , 2007, Privacy Enhancing Technologies.

[10]  George Danezis Mix-Networks with Restricted Routes , 2003, Privacy Enhancing Technologies.

[11]  Wei Wang,et al.  Dependent link padding algorithms for low latency anonymity systems , 2008, CCS.

[12]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[13]  Vitaly Shmatikov,et al.  Synchronous Batching: From Cascades to Free Routes , 2004, Privacy Enhancing Technologies.

[14]  Lang Tong,et al.  Relay Secrecy in Wireless Networks with Eavesdroppers , 2006 .

[15]  Carmela Troncoso,et al.  The bayesian traffic analysis of mix networks , 2009, CCS.

[16]  Lang Tong,et al.  Anonymous Networking with Minimum Latency in Multihop Networks , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[17]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[18]  George Danezis,et al.  Mix Cascades vs. Peer-to-Peer: Is One Concept Superior? , 2004 .

[19]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[20]  Sushil Jajodia,et al.  Network Flow Watermarking Attack on Low-Latency Anonymous Communication Systems , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[21]  Dieter Gollmann,et al.  Computer Security - ESORICS 2006, 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings , 2006, ESORICS.

[22]  Ian Goldberg,et al.  Improving Tor using a TCP-over-DTLS Tunnel , 2009, USENIX Security Symposium.

[23]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[24]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[25]  George Danezis,et al.  On the PET Workshop Panel "Mix Cascades Versus Peer-to-Peer: Is One Concept Superior?" , 2004, Privacy Enhancing Technologies.

[26]  Matthew K. Wright,et al.  Timing Attacks in Low-Latency Mix Systems (Extended Abstract) , 2004, Financial Cryptography.

[27]  Birgit Pfitzmann,et al.  ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead , 1991, Kommunikation in Verteilten Systemen.

[28]  Hannes Federrath,et al.  Web MIXes: A System for Anonymous and Unobservable Internet Access , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[29]  Hannes Federrath Designing Privacy Enhancing Technologies , 2001, Lecture Notes in Computer Science.