Lightweight Hidden Services

Hidden services (HS) are mechanisms designed to provide network services while preserving anonymity for the identity of the server. Besides protecting the identity of the server, hidden services help to resist censorship, are resistant against distributed DoS attacks, and allow server functionality even if the service provider does not own a public IP address. Currently, only the Tor network offers this feature in full functionality. However, the HS concept in Tor is complex and provides poor performance. According to recent studies, average contact time for a hidden service is 24s which is far beyond what an average user is willing to wait. In this paper we introduce a novel approach for hidden services that achieves similar functionality as HS in Tor but does so in a simple and lightweight way with the goal to improve performance and usability. Additionally, contrary to Tor, in our approach clients are not required to install any specific software for accessing hidden services. This increases usability of our approach. Simplicity makes our approach easier to understand for normal users, eases protocol reviews, and increases chances of having several implementations of the protocol available. Moreover, simpler solutions are easier to analyze and they are naturally less prone to implementation failures rather than complex protocols. In this paper, we describe our approach and provide performance as well as anonymity analysis of resulting properties of the protocol.

[1]  Paul F. Syverson,et al.  Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[2]  Hannes Federrath,et al.  Performance Comparison of Low-Latency Anonymisation Services from a User Perspective , 2007, Privacy Enhancing Technologies.

[3]  Andriy Panchenko,et al.  SHALON: Lightweight Anonymization Based on Open Standards , 2009, 2009 Proceedings of 18th International Conference on Computer Communications and Networks.

[4]  David E. Culler,et al.  PlanetLab: an overlay testbed for broad-coverage services , 2003, CCRV.

[5]  Paul F. Syverson,et al.  Valet Services: Improving Hidden Servers with a Personal Touch , 2006, Privacy Enhancing Technologies.

[6]  Paul F. Syverson,et al.  Improving Efficiency and Simplicity of Tor Circuit Establishment and Hidden Services , 2007, Privacy Enhancing Technologies.

[7]  Tatu Ylönen,et al.  The Secure Shell (SSH) Connection Protocol , 2006, RFC.

[8]  Jim Lyon,et al.  Session Control Protocol V 2.0 , 1997 .

[9]  P. Metzger,et al.  Network Working Group , 2000 .

[10]  James Gettys,et al.  The WebMUX Protocol , 1998 .

[11]  Matt Ganis,et al.  SOCKS Protocol Version 5 , 1996, RFC.

[12]  Stefan Richter,et al.  NISAN: network information service for anonymization networks , 2009, CCS.

[13]  Andriy Panchenko,et al.  Performance Analysis of Anonymous Communication Channels Provided by Tor , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[14]  Guido Wirtz,et al.  Performance Measurements and Statistics of Tor Hidden Services , 2008, 2008 International Symposium on Applications and the Internet.

[15]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[16]  Angelos D. Keromytis,et al.  SOS: secure overlay services , 2002, SIGCOMM '02.

[17]  Lili Qiu,et al.  Statistical identification of encrypted Web browsing traffic , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.