A node-failure-resilient anonymous communication protocol through commutative path hopping

Fengjun Li, Bo Luo, Peng Liu, Chao Hsien Chu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

With rising concerns on user privacy over the Internet, anonymous communication systems that hide the identity of a participant from its partner or third parties are highly desired. Existing approaches either rely on a relative small set of pre-selected relay servers to redirect the messages, or use structured peer-to-peer systems to multicast messages among a set of relay groups. The pre-selection approaches provide good anonymity, but suffer from node failures and scalability problem. The peer-to-peer approaches are subject to node churns and high maintenance overhead, which are the intrinsic problems of P2P systems. In this paper, we present CAT, a node-failure-resilient anonymous communication protocol. In this protocol, relay servers are randomly assigned to relay groups. The initiator of a connection selects a set of relay groups instead of relay servers to set up anonymous paths. A valid path consists of relay servers, one from each selected relay group. The initiator explores valid anonymous paths via a probing process. Since the relative positions of relay servers in the path are commutative, there exist multiple anonymous yet commutative paths, which form an anonymous tunnel. When a connection encounters a node failure, it quickly switches to a nearest backup path in the tunnel through "path hopping", without tampering the initiator or renegotiating the keys. Hence, the protocol is resilient to node failures. We also show that the protocol provides good anonymity even when facing types of active and passive attacks. Finally, the operating cost of CAT is analyzed and shown to be similar to other node-based anonymous communication protocols.

Original languageEnglish (US)
Title of host publication2010 Proceedings IEEE INFOCOM
DOIs
StatePublished - Jun 15 2010
EventIEEE INFOCOM 2010 - San Diego, CA, United States
Duration: Mar 14 2010Mar 19 2010

Publication series

NameProceedings - IEEE INFOCOM
ISSN (Print)0743-166X

Other

OtherIEEE INFOCOM 2010
CountryUnited States
CitySan Diego, CA
Period3/14/103/19/10

Fingerprint

Servers
Network protocols
Tunnels
Operating costs
Scalability
Communication systems
Switches
Internet

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Electrical and Electronic Engineering

Cite this

Li, Fengjun ; Luo, Bo ; Liu, Peng ; Chu, Chao Hsien. / A node-failure-resilient anonymous communication protocol through commutative path hopping. 2010 Proceedings IEEE INFOCOM. 2010. (Proceedings - IEEE INFOCOM).
@inproceedings{ad44ef25298e4558a8e9ac8e1d33a3b2,
title = "A node-failure-resilient anonymous communication protocol through commutative path hopping",
abstract = "With rising concerns on user privacy over the Internet, anonymous communication systems that hide the identity of a participant from its partner or third parties are highly desired. Existing approaches either rely on a relative small set of pre-selected relay servers to redirect the messages, or use structured peer-to-peer systems to multicast messages among a set of relay groups. The pre-selection approaches provide good anonymity, but suffer from node failures and scalability problem. The peer-to-peer approaches are subject to node churns and high maintenance overhead, which are the intrinsic problems of P2P systems. In this paper, we present CAT, a node-failure-resilient anonymous communication protocol. In this protocol, relay servers are randomly assigned to relay groups. The initiator of a connection selects a set of relay groups instead of relay servers to set up anonymous paths. A valid path consists of relay servers, one from each selected relay group. The initiator explores valid anonymous paths via a probing process. Since the relative positions of relay servers in the path are commutative, there exist multiple anonymous yet commutative paths, which form an anonymous tunnel. When a connection encounters a node failure, it quickly switches to a nearest backup path in the tunnel through {"}path hopping{"}, without tampering the initiator or renegotiating the keys. Hence, the protocol is resilient to node failures. We also show that the protocol provides good anonymity even when facing types of active and passive attacks. Finally, the operating cost of CAT is analyzed and shown to be similar to other node-based anonymous communication protocols.",
author = "Fengjun Li and Bo Luo and Peng Liu and Chu, {Chao Hsien}",
year = "2010",
month = "6",
day = "15",
doi = "10.1109/INFCOM.2010.5462114",
language = "English (US)",
isbn = "9781424458363",
series = "Proceedings - IEEE INFOCOM",
booktitle = "2010 Proceedings IEEE INFOCOM",

}

Li, F, Luo, B, Liu, P & Chu, CH 2010, A node-failure-resilient anonymous communication protocol through commutative path hopping. in 2010 Proceedings IEEE INFOCOM., 5462114, Proceedings - IEEE INFOCOM, IEEE INFOCOM 2010, San Diego, CA, United States, 3/14/10. https://doi.org/10.1109/INFCOM.2010.5462114

A node-failure-resilient anonymous communication protocol through commutative path hopping. / Li, Fengjun; Luo, Bo; Liu, Peng; Chu, Chao Hsien.

2010 Proceedings IEEE INFOCOM. 2010. 5462114 (Proceedings - IEEE INFOCOM).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - A node-failure-resilient anonymous communication protocol through commutative path hopping

AU - Li, Fengjun

AU - Luo, Bo

AU - Liu, Peng

AU - Chu, Chao Hsien

PY - 2010/6/15

Y1 - 2010/6/15

N2 - With rising concerns on user privacy over the Internet, anonymous communication systems that hide the identity of a participant from its partner or third parties are highly desired. Existing approaches either rely on a relative small set of pre-selected relay servers to redirect the messages, or use structured peer-to-peer systems to multicast messages among a set of relay groups. The pre-selection approaches provide good anonymity, but suffer from node failures and scalability problem. The peer-to-peer approaches are subject to node churns and high maintenance overhead, which are the intrinsic problems of P2P systems. In this paper, we present CAT, a node-failure-resilient anonymous communication protocol. In this protocol, relay servers are randomly assigned to relay groups. The initiator of a connection selects a set of relay groups instead of relay servers to set up anonymous paths. A valid path consists of relay servers, one from each selected relay group. The initiator explores valid anonymous paths via a probing process. Since the relative positions of relay servers in the path are commutative, there exist multiple anonymous yet commutative paths, which form an anonymous tunnel. When a connection encounters a node failure, it quickly switches to a nearest backup path in the tunnel through "path hopping", without tampering the initiator or renegotiating the keys. Hence, the protocol is resilient to node failures. We also show that the protocol provides good anonymity even when facing types of active and passive attacks. Finally, the operating cost of CAT is analyzed and shown to be similar to other node-based anonymous communication protocols.

AB - With rising concerns on user privacy over the Internet, anonymous communication systems that hide the identity of a participant from its partner or third parties are highly desired. Existing approaches either rely on a relative small set of pre-selected relay servers to redirect the messages, or use structured peer-to-peer systems to multicast messages among a set of relay groups. The pre-selection approaches provide good anonymity, but suffer from node failures and scalability problem. The peer-to-peer approaches are subject to node churns and high maintenance overhead, which are the intrinsic problems of P2P systems. In this paper, we present CAT, a node-failure-resilient anonymous communication protocol. In this protocol, relay servers are randomly assigned to relay groups. The initiator of a connection selects a set of relay groups instead of relay servers to set up anonymous paths. A valid path consists of relay servers, one from each selected relay group. The initiator explores valid anonymous paths via a probing process. Since the relative positions of relay servers in the path are commutative, there exist multiple anonymous yet commutative paths, which form an anonymous tunnel. When a connection encounters a node failure, it quickly switches to a nearest backup path in the tunnel through "path hopping", without tampering the initiator or renegotiating the keys. Hence, the protocol is resilient to node failures. We also show that the protocol provides good anonymity even when facing types of active and passive attacks. Finally, the operating cost of CAT is analyzed and shown to be similar to other node-based anonymous communication protocols.

UR - http://www.scopus.com/inward/record.url?scp=77953311806&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77953311806&partnerID=8YFLogxK

U2 - 10.1109/INFCOM.2010.5462114

DO - 10.1109/INFCOM.2010.5462114

M3 - Conference contribution

AN - SCOPUS:77953311806

SN - 9781424458363

T3 - Proceedings - IEEE INFOCOM

BT - 2010 Proceedings IEEE INFOCOM

ER -