论文信息 - IPsec-Based Anonymous Networking: A Working Implementation

IPsec-Based Anonymous Networking: A Working Implementation

Protecting users' privacy is becoming one of the rising issues for the success of future communications. The Internet in particular, with its open architecture, presents several threats to the right of protecting personal and sensitive data. One fundamental building block of privacy-respectful communications is protecting the communication parties identities, or, as it is commonly called within the research community anonymous networks (ANs). An AN prevents external observers as well as the network to have access to communicating partners identities and addresses. In this paper we propose a novel architecture to realize ANs, as an extension to IPsec. After explaining the rationale and discussing possible alternatives, we present a working prototype implementation and its experimental performance comparison with application level solutions.

Renato Lo Cigno | Csaba Király

[1] Randall J. Atkinson,et al. Security Architecture for the Internet Protocol , 1995, RFC.

[2] Craig Metz,et al. PF_KEY Key Management API, Version 2 , 1998, RFC.

[3] David Chaum,et al. Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[4] Michael J. Freedman,et al. A peer-to-peer anonymizing network layer , 2002 .

[5] Renato Lo Cigno,et al. Solving Performance Issues in Anonymization Overlays with a L3 approach , 2008 .

[6] Wes Hardaker,et al. IPsec Security Policy Database Configuration MIB , 2007, RFC.

[7] Nick Mathewson,et al. Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[8] Paul F. Syverson,et al. Improving Efficiency and Simplicity of Tor Circuit Establishment and Hidden Services , 2007, Privacy Enhancing Technologies.

[9] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[10] Nikita Borisov,et al. A Tune-up for Tor: Improving Security and Performance in the Tor Network , 2008, NDSS.

[11] Robert Tappan Morris,et al. Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[12] Renato Lo Cigno,et al. Traffic Flow Confidentiality in IPsec: Protocol and Implementation , 2007, FIDIS.