TY - GEN
T1 - A node-failure-resilient anonymous communication protocol through commutative path hopping
AU - Li, Fengjun
AU - Luo, Bo
AU - Liu, Peng
AU - Chu, Chao Hsien
N1 - Copyright:
Copyright 2010 Elsevier B.V., All rights reserved.
PY - 2010
Y1 - 2010
N2 - With rising concerns on user privacy over the Internet, anonymous communication systems that hide the identity of a participant from its partner or third parties are highly desired. Existing approaches either rely on a relative small set of pre-selected relay servers to redirect the messages, or use structured peer-to-peer systems to multicast messages among a set of relay groups. The pre-selection approaches provide good anonymity, but suffer from node failures and scalability problem. The peer-to-peer approaches are subject to node churns and high maintenance overhead, which are the intrinsic problems of P2P systems. In this paper, we present CAT, a node-failure-resilient anonymous communication protocol. In this protocol, relay servers are randomly assigned to relay groups. The initiator of a connection selects a set of relay groups instead of relay servers to set up anonymous paths. A valid path consists of relay servers, one from each selected relay group. The initiator explores valid anonymous paths via a probing process. Since the relative positions of relay servers in the path are commutative, there exist multiple anonymous yet commutative paths, which form an anonymous tunnel. When a connection encounters a node failure, it quickly switches to a nearest backup path in the tunnel through "path hopping", without tampering the initiator or renegotiating the keys. Hence, the protocol is resilient to node failures. We also show that the protocol provides good anonymity even when facing types of active and passive attacks. Finally, the operating cost of CAT is analyzed and shown to be similar to other node-based anonymous communication protocols.
AB - With rising concerns on user privacy over the Internet, anonymous communication systems that hide the identity of a participant from its partner or third parties are highly desired. Existing approaches either rely on a relative small set of pre-selected relay servers to redirect the messages, or use structured peer-to-peer systems to multicast messages among a set of relay groups. The pre-selection approaches provide good anonymity, but suffer from node failures and scalability problem. The peer-to-peer approaches are subject to node churns and high maintenance overhead, which are the intrinsic problems of P2P systems. In this paper, we present CAT, a node-failure-resilient anonymous communication protocol. In this protocol, relay servers are randomly assigned to relay groups. The initiator of a connection selects a set of relay groups instead of relay servers to set up anonymous paths. A valid path consists of relay servers, one from each selected relay group. The initiator explores valid anonymous paths via a probing process. Since the relative positions of relay servers in the path are commutative, there exist multiple anonymous yet commutative paths, which form an anonymous tunnel. When a connection encounters a node failure, it quickly switches to a nearest backup path in the tunnel through "path hopping", without tampering the initiator or renegotiating the keys. Hence, the protocol is resilient to node failures. We also show that the protocol provides good anonymity even when facing types of active and passive attacks. Finally, the operating cost of CAT is analyzed and shown to be similar to other node-based anonymous communication protocols.
UR - http://www.scopus.com/inward/record.url?scp=77953311806&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77953311806&partnerID=8YFLogxK
U2 - 10.1109/INFCOM.2010.5462114
DO - 10.1109/INFCOM.2010.5462114
M3 - Conference contribution
AN - SCOPUS:77953311806
SN - 9781424458363
T3 - Proceedings - IEEE INFOCOM
BT - 2010 Proceedings IEEE INFOCOM
T2 - IEEE INFOCOM 2010
Y2 - 14 March 2010 through 19 March 2010
ER -