Cashmere: Resilient Anonymous Routing - PowerPoint PPT Presentation

About This Presentation
Title:

Cashmere: Resilient Anonymous Routing

Description:

Cashmere: Resilient Anonymous Routing. CS290F. March 7, 2005. Anonymous Communication ... Cashmere Evaluation. Measure anonymity using entropy metric ... – PowerPoint PPT presentation

Number of Views:58
Avg rating:3.0/5.0
Slides: 18
Provided by: beny7
Category:

less

Transcript and Presenter's Notes

Title: Cashmere: Resilient Anonymous Routing


1
Cashmere Resilient Anonymous Routing
  • CS290F
  • March 7, 2005

2
Anonymous Communication
  • Source anonymity
  • protect identity of communication source
  • Unlinkability
  • avoid association between endpoints

3
Anonymous Routing as Mechanism
  • Large decentralized networks
  • lack of mutual trust, distributed domains
  • Use as mechanism for secure communication
  • test other nodes without revealing your
    identity
  • e.g. are you pointing to me in your routing table?

4
Chaum-Mix Approaches
  • Idea forward message through static path of
    relay nodes
  • downside path is fragile and hard to maintain
  • once any node/link is broken, must rebuild entire
    path (expensive)
  • nodes in middle dont know where to send error
    messages
  • downside computationally expensive
  • each message must be encrypted with layers of
    asymmetric encryption

5
Outline
  • Motivation
  • Cashmere Design
  • Evaluation
  • Summary

6
Flexible and Resilient Anonymity
  • Use relay groups for routing resiliency
  • instead of single nodes to relay traffic, use
    groups of nodes
  • relay survives if at least 1 member of relay
    group is reachable
  • P2P and prefix keys
  • leverage structured p2p routing
  • define relay group by all nodes sharing a prefix
    in their nodeID
  • encryption via prefix keys (public/private pairs)
  • i.e. 1234 would have keys for 1XXX, 12XX, 123X

302X
013X
233X
7
Routing Overview
A
  • Cannot simply route through groups to destination
  • Sender A forwards traffic thru a number of relay
    groups
  • Receiver B is a member of one of the relay groups
  • Per relay, the first member to receive the msg is
    the root
  • root node decrypts using its prefix private key,
    forwards payload to other members, then routes
    msg to next relay

8
Enhancements for Performance
  • Decouple path encryption and payload
  • encrypt path layer separately
  • include keys at each layer to match payload
    onion
  • Remove asymmetric encryption from critical path
  • use session key (symmetric) to encrypt each msg
  • encrypt session key with destination pub
    keyinclude inside path encryption layer
  • only true destination knows its the recepient

9
The Big Picture
Root ofRelay Group P
from last relay group
to relaygroup PL-1
PL-1 RL-2 KL-2
Each node decrypts KL-2 with its own private key.
Only the destination node will get SymKey_B and a
flag indicating success.
10
Selecting GroupID and Path Length
  • Tradeoff between anonymity, resilience and
    messaging overhead
  • Leverage random distribution of nodeIDs
  • predict expected size of relay group
  • Can dynamically select prefix length to control
    relay group size (per session)

11
Cashmere Evaluation
  • Measure anonymity using entropy metric
  • source anonymity identical to Chaum-mixes
  • destination anon. identical if ?10 nodes are
    attackers
  • Resilience
  • expected lifetimes of relay groups 1 or 2
    orders of magnitude gt single relay nodes (avg
    group 3-5)
  • Performance
  • source encryption cost is 10 of CM, (if avg
    group 3)
  • decryption cost at relays lt 50 of CM, (group
    3)
  • Result? Goals accomplished!
  • Fully implemented Tput ? 27Mb/s for 4K msgs

12
Entropy-based Anonymity
  • Entropy of a system
  • Entropy-based anonymity of the system

13
Source Anonymity
14
Unlinkability Anonymity
15
Expected Path Lifetimes
  • exponentially distributed session times
  • median session time 60 mins
  • balanced node leave/joins

16
Path Duration w/ Intermittent Failures
17
Relative Computation Cost
18
Summary
  • Resilience through relay groups
  • Decouple path encryption from payload
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com