ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State - - PowerPoint PPT Presentation

andana onion routing for ndn
SMART_READER_LITE
LIVE PREVIEW

ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State - - PowerPoint PPT Presentation

Oct 23, 2023 292 likes •823 views

ANDaNA: Onion Routing for NDN Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS 12 Steven DiBenedetto, Paolo Gasti, Gene Tsudik, Ersin Uzun Information Linkage & Leakage I:

slide-1
SLIDE 1

ANDaNA: Onion Routing for NDN

Steve DiBenedetto Colorado State University ANDaNA: Anonymous Named Data Networking Application NDSS ’12 Steven DiBenedetto, Paolo Gasti, Gene Tsudik, Ersin Uzun

slide-2
SLIDE 2

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-3
SLIDE 3

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-4
SLIDE 4

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-5
SLIDE 5

D: /omh/blood-pressure/steve { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-6
SLIDE 6

D: /omh/blood-pressure/steve { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-7
SLIDE 7

D: /omh/blood-pressure/steve { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-8
SLIDE 8

D: /omh/blood-pressure/steve { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-9
SLIDE 9

D: /omh/blood-pressure/steve { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-10
SLIDE 10

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-11
SLIDE 11

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-12
SLIDE 12

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-13
SLIDE 13

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-14
SLIDE 14

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-15
SLIDE 15

Information Linkage & Leakage

I: /omh/blood-pressure/steve

slide-16
SLIDE 16

Information Linkage & Leakage

slide-17
SLIDE 17

Information Linkage & Leakage

I: /omh/blood-pressure/steve Nonce: <rand-int> Lifetime: <int> Loc: /fitbit/key

slide-18
SLIDE 18

D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve Nonce: <rand-int> Lifetime: <int> Loc: /fitbit/key

slide-19
SLIDE 19

D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve Nonce: <rand-int> Lifetime: <int> Loc: /fitbit/key

slide-20
SLIDE 20

D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve Nonce: <rand-int> Lifetime: <int> Loc: /fitbit/key

slide-21
SLIDE 21

D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve Nonce: <rand-int> Lifetime: <int> Loc: /fitbit/key

slide-22
SLIDE 22

D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve Nonce: <rand-int> Lifetime: <int> Loc: /fitbit/key

slide-23
SLIDE 23

D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

Information Linkage & Leakage

I: /omh/blood-pressure/steve Nonce: <rand-int> Lifetime: <int> Loc: /fitbit/key

  • Encrypted names, payloads, and header fields may link

requester to sensitive content or leak information

slide-24
SLIDE 24

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key

23

slide-25
SLIDE 25

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key I: /OR-2 I: /OR-1

24

slide-26
SLIDE 26

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key I: /OR-2 I: /OR-1

25

slide-27
SLIDE 27

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key I: /OR-2 I: /OR-1

26

slide-28
SLIDE 28

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key I: /OR-2

27

slide-29
SLIDE 29

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key I: /OR-2

28

slide-30
SLIDE 30

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key I: /OR-2

29

slide-31
SLIDE 31

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key

30

slide-32
SLIDE 32

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key

31

slide-33
SLIDE 33

Onion Routing in NDN

/OR-1 /OR-2 I: /omh/blood-pressure/steve Nonce: <rand-int> Loc: /fitbit/key

32

slide-34
SLIDE 34

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

33

slide-35
SLIDE 35

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

34

slide-36
SLIDE 36

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

35

slide-37
SLIDE 37

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /OR-2

36

slide-38
SLIDE 38

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /OR-2

37

slide-39
SLIDE 39

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /OR-2

38

slide-40
SLIDE 40

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /OR-2 D: /OR-1

39

slide-41
SLIDE 41

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /OR-2 D: /OR-1

40

slide-42
SLIDE 42

Onion Routing in NDN

/OR-1 /OR-2 D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } D: /OR-2 D: /OR-1

41

slide-43
SLIDE 43

Improvements Over Tor

  • Need fewer relays than Tor (2 vs 3)

– Potentially 1 less Internet-wide RTT

  • ANDaNA paths are HIGHLY ephemeral

– No path setup cost – Change keys and relays at will during a Data stream without interruption – Tor sets up much longer lived circuits in comparison (~ 10 minutes)

  • Symmetric key session-based mode also available

– Can be freely intermixed with public key crypto mode for the same Data stream.

  • NDN gives us a lot for free

– CS improves retransmission and chance for cache hit at exit node – OR prefixes can refer to multiple relays – OR directory more robust to attacks thanks to signed Data

42

slide-44
SLIDE 44

The Exit Node Problem

/OR-1 /OR-2 I: /omh/blood-pressure/steve Exclude: <name-comp> Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

43

slide-45
SLIDE 45

The Exit Node Problem

/OR-1 /OR-2 I: /omh/blood-pressure/steve Exclude: <name-comp> Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 }

44

slide-46
SLIDE 46

The Exit Node Problem

/OR-1 /OR-2 I: /omh/blood-pressure/steve Exclude: <name-comp> Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } NDN-NP environments are not the general case: both are privacy/security aware

45

slide-47
SLIDE 47

The Exit Node Problem

/OR-1 /OR-2 I: /omh/blood-pressure/steve Exclude: <name-comp> Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } NDN-NP environments are not the general case: both are privacy/security aware

46

slide-48
SLIDE 48

The Exit Node Problem

/OR-2 I: /omh/blood-pressure/steve Exclude: <name-comp> Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } NDN-NP environments are not the general case: both are privacy/security aware

47

slide-49
SLIDE 49

The Exit Node Problem

/OR-2 I: /omh/blood-pressure/steve Exclude: <name-comp> Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } NDN-NP environments are not the general case: both are privacy/security aware

48

slide-50
SLIDE 50

The Exit Node Problem

/OR-2 I: /omh/blood-pressure/steve Exclude: <name-comp> Loc: /fitbit/key D: /omh/blood-pressure/steve Loc: /fitbit/key { mmHg: 100 } NDN-NP environments are not the general case: both are privacy/security aware

49

slide-51
SLIDE 51

Summary

  • ANDaNA provides a Tor-like service for NDN,

but new tradeoffs to consider

  • ANDaNA is fundamentally a proxy: use as

many (or few) relays as needed

50

slide-52
SLIDE 52

Thoughts

  • What’s the threat model for NDN-NP?
  • Tradeoffs:

– ANDaNA provides low latency anonymity – Mix networks could be used if NDN-NP can tolerate latency

  • Implementing confidentiality:

– Confidentially must be left to applications. – Users don’t own the network, but can own overlays

51