In search of an anonymous and secure lookup attacks on structured peer-to-peer anonymous communication systems

Qiyan Wang, Prateek Mittal, Nikita Borisov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The ability to locate random relays is a key challenge for peer-to-peer (P2P) anonymous communication systems. Earlier attempts like Salsa and AP3 used distributed hash table lookups to locate relays, but the lack of anonymity in their lookup mechanisms enables an adversary to infer the path structure and compromise user anonymity. NISAN and Torsk are state-of-the-art systems for P2P anonymous communication. Their designs include mechanisms that are specifically tailored to mitigate information leak attacks. NISAN proposes to add anonymity into the lookup mechanism itself, while Torsk proposes the use of secret buddy nodes to anonymize the lookup initiator. In this paper, we attack the key mechanisms that hide the relationship between a lookup initiator and its selected relays in NISAN and Torsk. We present passive attacks on the NISAN lookup and show that it is not as anonymous as previously thought. We analyze three circuit construction mechanisms for anonymous communication using the NISAN lookup, and show that the information leaks in the NISAN lookup lead to a significant reduction in user anonymity. We also propose active attacks on Torsk that defeat its secret buddy mechanism and consequently compromise user anonymity. Our results are backed up by probabilistic modeling and extensive simulations. Our study motivates the search for a DHT lookup mechanism that is both secure and anonymous.

Original languageEnglish (US)
Title of host publicationCCS'10 - Proceedings of the 17th ACM Conference on Computer and Communications Security
Pages308-318
Number of pages11
DOIs
StatePublished - Dec 16 2010
Event17th ACM Conference on Computer and Communications Security, CCS'10 - Chicago, IL, United States
Duration: Oct 4 2010Oct 8 2010

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other17th ACM Conference on Computer and Communications Security, CCS'10
CountryUnited States
CityChicago, IL
Period10/4/1010/8/10

Keywords

  • Anonymity
  • Attacks
  • Information leaks
  • Peer-to-peer

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'In search of an anonymous and secure lookup attacks on structured peer-to-peer anonymous communication systems'. Together they form a unique fingerprint.

  • Cite this

    Wang, Q., Mittal, P., & Borisov, N. (2010). In search of an anonymous and secure lookup attacks on structured peer-to-peer anonymous communication systems. In CCS'10 - Proceedings of the 17th ACM Conference on Computer and Communications Security (pp. 308-318). (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/1866307.1866343