Hang with your buddies to resist intersection attacks

Wolinsky, David Isaac; Syta, Ewa; Ford, Bryan

doi:10.1145/2508859.2516740

Cited by 30 publications

(23 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Intersection attacks are passive attacks which try to eavesdrop on traffic and find out the receiver of traffic. To defend against intersection attacks a system needs to implement some sort of buddies' architecture (Wolinsky et al, 2013).…”

Section: Discussionmentioning

confidence: 99%

“…In this attack it is assumed that a network user is typically in contact with a relative small number of other communicating parties (Danezis & Serjantov, 2005). Resistance against intersection attacks is obtained by the use of an extended anonymous communication scheme called Buddies architecture (Wolinsky, Syta, & Ford, 2013). In this communication architecture communication parties are dynamically grouped in buddy sets, for which communication is controlled in order to make buddies in a set indistinguishable from each other when network traffic is analyzed.…”

Section: Intersection Attacksmentioning

confidence: 99%

See 1 more Smart Citation

Anonymous Communication on the Internet

2014

View full text Add to dashboard Cite

There are many kinds of systems developed for anonymous communication on the internet. We survey a number of systems and evaluate their security. Among these systems we compare functionalities like Onion Routing, anonymous VPN services, probabilistic anonymity, and deterministic anonymity. Other types of anonymous communication such as messaging, peer-to-peer communication, web use, emailing, and use of other Internet applications are also presented. We follow up by presenting different types of attacks with the purpose of identifying anonymously communicating users. These attacks fall into the following categories: internal/external attacks, passive/active attacks, and static/adaptive attacks. We describe the following attacks as well as known protections against these attacks: predecessor attacks, intersection attacks, timing attacks, and Sybil attacks. Lastly we discuss design choices, operation, and security of the current TOR network -The 2G Onion Router. Access control methods to restrict malicious use of TOR are also proposed. In conclusions the significance of anonymous communication is outlined.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Intersection Attacksmentioning

confidence: 99%

Anonymous Communication on the Internet

2014

View full text Add to dashboard Cite

show abstract

“…If an adversary can observe traffic patterns across many epochs, as the set of online clients changes, the adversary can make statistical inferences about which client is sending which stream of messages [39][40][41]. These "intersection" or "statistical disclosure" attacks affect many anonymity systems and defending against them is an important, albeit orthogonal, problem [41,42]. Even so, intersection attacks typically become more difficult to mount as the size of the anonymity set increases, so Riposte's support for very large anonymity sets makes it less vulnerable to these attacks than are many prior systems.…”

Section: Intersection Attacksmentioning

confidence: 99%

Riposte: An Anonymous Messaging System Handling Millions of Users

Corrigan-Gibbs

Boneh

Mazières

2015

2015 IEEE Symposium on Security and Privacy

142

175

View full text Add to dashboard Cite

This paper presents Riposte, a new system for anonymous broadcast messaging. Riposte is the first such system, to our knowledge, that simultaneously protects against traffic-analysis attacks, prevents anonymous denial-ofservice by malicious clients, and scales to million-user anonymity sets. To achieve these properties, Riposte makes novel use of techniques used in systems for private information retrieval and secure multi-party computation. For latency-tolerant workloads with many more readers than writers (e.g. Twitter, Wikileaks), we demonstrate that a three-server Riposte cluster can build an anonymity set of 2,895,216 users in 32 hours.

show abstract

“…Clients can minimize their risk by being online not only when they are actively communicating, but in general this attack is difficult to defend against through technical means. For further defenses, TARANET could be enhanced using existing solutions, such as dummy connections [15], or with the Buddies system [68], which allows clients to control which subset of pseudonyms appears online for a particular session. We leave analysis and evaluation of integration with such systems to future work.…”

Section: Limitationsmentioning

confidence: 99%

TARANET: Traffic-Analysis Resistant Anonymity at the Network Layer

Chen

Asoni

Perrig

et al. 2018

2018 IEEE European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

Modern low-latency anonymity systems, no matter whether constructed as an overlay or implemented at the network layer, offer limited security guarantees against traffic analysis. On the other hand, high-latency anonymity systems offer strong security guarantees at the cost of computational overhead and long delays, which are excessive for interactive applications. We propose TARANET, an anonymity system that implements protection against traffic analysis at the network layer, and limits the incurred latency and overhead. In TARANET's setup phase, traffic analysis is thwarted by mixing. In the data transmission phase, end hosts and ASes coordinate to shape traffic into constant-rate transmission using packet splitting. Our prototype implementation shows that TARANET can forward anonymous traffic at over 50 Gbps using commodity hardware.

show abstract

Hang with your buddies to resist intersection attacks

Cited by 30 publications

References 47 publications

Anonymous Communication on the Internet

Anonymous Communication on the Internet

Riposte: An Anonymous Messaging System Handling Millions of Users

TARANET: Traffic-Analysis Resistant Anonymity at the Network Layer

Contact Info

Product

Resources

About