PaperJam 0x01: Low-latency anonymous communication protocols and passive attacks analysis

not finished yet

[1] HORNET: high speed onion routing at the network layer [2] LAP: lightweight anonymity and privacy [3] Dovetail: stronger anonymity in next generation Internet routing [4] Passive attack analysis for connection-based anonymity systems

1. HORNET

Anonymity protocol for the network layer which uses onion routing and only requires symmetric encryption for forwarding data. In addition, it does not require the onion relays to maintain the state of the circuits.

Internet users are in constant threat against data harvesting about their online behaviour. Protocols and networks such as Mixnets and Tor try to address those issues. While Mixnets focus on high-latency communications, Tor is a low-latency anonymity protocol. However, it is not scalable nor has the performance needed for achieving mass adoption. Other faster and more scalable protocols have been developed (e.g. Dovetail and LAP), but do not offer sufficient anonymity. HORNET is a anonymity protocol aiming at both security and performance. The paper also discusses a new approach to design low-latency networks.

Low-latency onion routing protocols are vulnerable to e2e confirmation attacks, and HORNET is not an exception. HORNET does not protect against replay attacks and don't have perfect forward secrecy. However, it has a good performance is effective against stronger adversaries than the assumed by Dovetail and LAP and it fully hides path information, obfuscates packet content and allows the first relay to be compromised.

Q1: how is the state transfered over the packets? Q2: how are the security analysis games set up? Q3: what is the onion path construction mechanism (which relays to pick)? how is it secure?

2. LAP

Network-based low latency, bidirectional anonymous communication protocol aiming at bridging the gap between strong anonymity protocols and usability for the real-time scenarios. It considers a weaker adversary than conventional anonymity protocols (e.g. in Tor), but still practical ones. LAP is stateless and feature "lightweight path establishment".

Overlay anonymity protocols like Tor add a huge performance penalty because the onion circuits are not location-sensitive (thus packets often need to traverse long network paths) and the cryptographic operations overhead. LAP considers local and relatively weaker adversaries such as servers, rather than nation-capable adversaries, in order to relax the requirements and achieve better performance. LAP obscures the end host location by using packet-carried forwarding state (packet keeps state) and forward-state encryption.

LAP attempts to provide source and destination anonymity under a relaxed, local adversary, session unlinkability and location privacy. LAP works at a network level (IP) and encrypted packet forwarding is not implemented in IP. But it will be possibly supported out of the box by next generation network protocols (e.g. SCION and MobilityFirst). Logic for routing, forwarding, encryption and decryption needs to be implemented in routers.

Q1: in which practical cases would LAP be used? who would be the adversaries that LAP is effective against? Q2: could LAP be implemented in overlay networks successfully? (e.g. DHTs) Q3: what is the onion path construction mechanism? how is it secure?

Dovetail

In the current Internet design, it is hard to obfuscate location metadata (IP) from OSI the layer 3 since it is used to deliver data. This fact couples identity and location at a low level, which can be used to track and monitor user Internet usage. Dovetail is a routing protocol for new Internet that conceals source IP addresses. It provides anonymity even with active attackers within the ISP (as opposed to [2]). The routing protocol requires end hosts to collaborate with each other.

Th goal of Dovetail is to obfuscate user's identity at the layer 3, where source and destination hosts exchange packets but eavesdroppers cannot successfully link packets to the communication. Instead of using complex overlay network at the application-level, it aims at creating a layer 3 routing protocol that does not reveal the global identity and delegate identity management to higher levels. This approach has a performance advantage compared to overlay protocols.

To provide anonymity at the layer 3, the path selection should not use shortest path as main heuristics and the routing location data in the packets should be disclosed to the minimum set of entities that need to route the packet for the shortest time possible. This may require partitioned packet routing information (i.e. instead of keeping the destination IP in the packet, partition that information across many fields that are hard to access by eavesdroppers).

Q1: how does the path construction work in Dovetail? Q2: how does the path construction hide source and destination information from the dovetail and matchmaker entity? Q3: how does the path construction provides unlinkability from eavesdroppers?

Passive attack analysis

Comments

HORNET, Dovetail and LAP are low-latency anonymous communication protocols that obfuscate IP address of initiator (and/or destiny) at a network level, instead of relying on overlay networks to mix and obfuscate the packets, such as Tor and Mixnets. This approach requires modifications on the way current routers process, forward and route packets, thus being more suitable for new network protocols such as SCION and MobilityFirst, which are "clean state" Internet designs.

The idea is that instead of relying on application level complex protocols to obfuscate user's identity, it decouples user identity and location at the layer 3 by design.

gpestana / notes