SLIDE 1
Our vision:
TARANET: Traffic-Analysis Resistant Anonymity at the Network Layer - - PowerPoint PPT Presentation
TARANET: Traffic-Analysis Resistant Anonymity at the Network Layer - - PowerPoint PPT Presentation
TARANET: Traffic-Analysis Resistant Anonymity at the Network Layer Chen Chen (CMU) , Daniele E. Asoni , Adrian Perrig (ETH Zrich) , David Barrera (Polytechnique Montreal) , George Danezis (UCL) , Carmela Troncoso (EPFL)
SLIDE 2
SLIDE 3
Anonymous communication
Our vision:
An Internet that hides communication metadata
SLIDE 4
Anonymous communication
- Non-discrimination
Our vision:
An Internet that hides communication metadata
SLIDE 5
Anonymous communication
- Non-discrimination
- Prevent industrial espionage
Our vision:
An Internet that hides communication metadata
SLIDE 6
Network-layer anonymity
3
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 7
Network-layer anonymity
3
Autonomous System (AS)
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 8
Network-layer anonymity
3
Autonomous System (AS)
- British Telecom
- Vodafone
- Verizon
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 9
Network-layer anonymity
3
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 10
Network-layer anonymity
3
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 11
Network-layer anonymity
3
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 12
Network-layer anonymity
3
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 13
Network-layer anonymity
3
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 14
Network-layer anonymity
3
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 15
Network-layer anonymity
3
Advantages:
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 16
Network-layer anonymity
3
Advantages:
- Works for any application
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 17
Network-layer anonymity
3
Advantages:
- Works for any application
- Economic incentives
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 18
Network-layer anonymity
3
Advantages:
- Works for any application
- Economic incentives
- Higher performance
AS1 AS2 AS8 AS9 AS3 AS4 AS5 AS6 AS7
SLIDE 19
Previous work
4
100% 75% 50% 25% 0% Performance Low Medium High Privacy
SLIDE 20
Previous work
- Hsiao et al. LAP: Lightweight Anonymity and Privacy. In IEEE S&P, 2012
4
LAP
100% 75% 50% 25% 0% Performance Low Medium High Privacy
SLIDE 21
Previous work
- Hsiao et al. LAP: Lightweight Anonymity and Privacy. In IEEE S&P, 2012
- Sankey, Wright. Dovetail: Stronger anonymity in next-generation internet routing. In PETS, 2014
4
LAP Dovetail
100% 75% 50% 25% 0% Performance Low Medium High Privacy
SLIDE 22
Previous work
- Hsiao et al. LAP: Lightweight Anonymity and Privacy. In IEEE S&P, 2012
- Sankey, Wright. Dovetail: Stronger anonymity in next-generation internet routing. In PETS, 2014
- Chen, Perrig. PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer. In PETS, 2017
4
LAP Dovetail PHI
100% 75% 50% 25% 0% Performance Low Medium High Privacy
SLIDE 23
Previous work
- Hsiao et al. LAP: Lightweight Anonymity and Privacy. In IEEE S&P, 2012
- Sankey, Wright. Dovetail: Stronger anonymity in next-generation internet routing. In PETS, 2014
- Chen, Perrig. PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer. In PETS, 2017
- Chen et al. HORNET: High-speed Onion Routing at the Network Layer. In ACM CCS, 2015
4
LAP Dovetail PHI HORNET
100% 75% 50% 25% 0% Performance Low Medium High Privacy
SLIDE 24
Previous work
- Hsiao et al. LAP: Lightweight Anonymity and Privacy. In IEEE S&P, 2012
- Sankey, Wright. Dovetail: Stronger anonymity in next-generation internet routing. In PETS, 2014
- Chen, Perrig. PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer. In PETS, 2017
- Chen et al. HORNET: High-speed Onion Routing at the Network Layer. In ACM CCS, 2015
4
LAP Dovetail PHI HORNET
High privacy and good performance?
100% 75% 50% 25% 0% Performance Low Medium High Privacy
SLIDE 25
Previous work
- Hsiao et al. LAP: Lightweight Anonymity and Privacy. In IEEE S&P, 2012
- Sankey, Wright. Dovetail: Stronger anonymity in next-generation internet routing. In PETS, 2014
- Chen, Perrig. PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer. In PETS, 2017
- Chen et al. HORNET: High-speed Onion Routing at the Network Layer. In ACM CCS, 2015
4
LAP Dovetail PHI HORNET
TARANET
100% 75% 50% 25% 0% Performance Low Medium High Privacy
SLIDE 26
Previous work
- Hsiao et al. LAP: Lightweight Anonymity and Privacy. In IEEE S&P, 2012
- Sankey, Wright. Dovetail: Stronger anonymity in next-generation internet routing. In PETS, 2014
- Chen, Perrig. PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer. In PETS, 2017
- Chen et al. HORNET: High-speed Onion Routing at the Network Layer. In ACM CCS, 2015
4
LAP Dovetail PHI HORNET
TARANET
100% 75% 50% 25% 0% Performance Low Medium High Privacy
Resist traffic analysis
SLIDE 27
Traffic analysis
Severe threat to anonymous communication
Network-layer anonymity Traffic analysis TARANET TARANET Performance Summary
SLIDE 28
(Passive) Traffic analysis
6
SLIDE 29
(Passive) Traffic analysis
6
SLIDE 30
(Passive) Traffic analysis
6
SLIDE 31
(Passive) Traffic analysis
6
Starting point
- Layered encryption
SLIDE 32
(Passive) Traffic analysis
6
Starting point
- Layered encryption
- Per-hop authentication
SLIDE 33
(Passive) Traffic analysis
6
Starting point
- Layered encryption
- Per-hop authentication
- Fixed packet length
SLIDE 34
(Passive) Traffic analysis
6
SLIDE 35
(Passive) Traffic analysis
6
SLIDE 36
(Passive) Traffic analysis
6
2 3 2 1
SLIDE 37
(Passive) Traffic analysis
6
2 3 2 1 2123
SLIDE 38
(Passive) Traffic analysis
6
2123
SLIDE 39
(Passive) Traffic analysis
6
2123 2 3 2 1
SLIDE 40
(Passive) Traffic analysis
6
2123 2123
SLIDE 41
(Passive) Traffic analysis
6
Deanonymized!
SLIDE 42
(Passive) Traffic analysis
6
Deanonymized!
- Packet counting
SLIDE 43
(Passive) Traffic analysis
6
Deanonymized!
14.72 ms
- Packet counting
- Total duration of the flow
SLIDE 44
(Passive) Traffic analysis
6
Deanonymized!
2 6 5 1 3 1 1
- Packet counting
- Total duration of the flow
- Inter-packet timing
SLIDE 45
Active traffic analysis
7
SLIDE 46
Active traffic analysis
7
SLIDE 47
Active traffic analysis
7
Packet dropping
SLIDE 48
Active traffic analysis
7
Packet dropping
SLIDE 49
Active traffic analysis
7
Packet dropping
SLIDE 50
Active traffic analysis
7
gap
{
gap
{
Packet dropping
SLIDE 51
Active traffic analysis
7
Packet dropping
gap
{
gap
{
SLIDE 52
Active traffic analysis
7
Packet dropping
gap
{
gap
{
SLIDE 53
Active traffic analysis
7
Packet dropping
Deanonymized!
SLIDE 54
TARANET
Resisting traffic analysis attacks
Network-layer anonymity Traffic analysis TARANET TARANET Performance Summary
SLIDE 55
Resisting passive traffic analysis
9
SLIDE 56
Resisting passive traffic analysis
9
SLIDE 57
Resisting passive traffic analysis
9
1/B
- Fixed rate 1/B
SLIDE 58
Resisting passive traffic analysis
9
1/B
- Fixed rate 1/B
- Chaff packets
SLIDE 59
Resisting passive traffic analysis
9
T
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
SLIDE 60
Resisting passive traffic analysis
9
T
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
SLIDE 61
Resisting passive traffic analysis
9
T
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
Chaff
SLIDE 62
Resisting passive traffic analysis
9
T
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
Chaff
SLIDE 63
Resisting passive traffic analysis
9
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
- Same for everyone
SLIDE 64
Resisting passive traffic analysis
9
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
- Same for everyone
Flowlet
}
SLIDE 65
Resisting passive traffic analysis
9
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
- Same for everyone
Flowlet
}
SLIDE 66
Resisting passive traffic analysis
9
??
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
- Same for everyone
Flowlet
}
SLIDE 67
Resisting passive traffic analysis
9
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
- Same for everyone
Flowlet
}
SLIDE 68
Resisting passive traffic analysis
9
- Fixed rate 1/B
- Chaff packets
- Fixed duration T
- Same for everyone
Flowlet
}
SLIDE 69
Resisting passive traffic analysis
10
SLIDE 70
Resisting passive traffic analysis
10
SLIDE 71
Resisting passive traffic analysis
10
jitter
SLIDE 72
Resisting passive traffic analysis
10
jitter
SLIDE 73
Resisting passive traffic analysis
10
re-enforce flowlet schedule
SLIDE 74
Resisting passive traffic analysis
10
re-enforce flowlet schedule
SLIDE 75
Resisting passive traffic analysis
10
re-enforce flowlet schedule
SLIDE 76
Resisting passive traffic analysis
10
re-enforce flowlet schedule
SLIDE 77
Resisting active traffic analysis
11
Packet dropping
SLIDE 78
Resisting active traffic analysis
11
Packet dropping
SLIDE 79
Resisting active traffic analysis
11
Packet dropping
SLIDE 80
Resisting active traffic analysis
11
Packet dropping
SLIDE 81
Resisting active traffic analysis
11
Packet dropping
SLIDE 82
Resisting active traffic analysis
11
Packet dropping
- Duplicate packets
SLIDE 83
Resisting active traffic analysis
11
Packet dropping
- Duplicate packets
- Create new packets
SLIDE 84
Resisting active traffic analysis
11
Packet dropping
- Duplicate packets
- Create new packets
- Sender send more?
SLIDE 85
Resisting active traffic analysis
11
packet splitting
Packet dropping
SLIDE 86
Resisting active traffic analysis
11
packet splitting
Packet dropping
SLIDE 87
Resisting active traffic analysis
11
packet splitting
Packet dropping
SLIDE 88
Resisting active traffic analysis
11
packet splitting
Packet dropping
SLIDE 89
Resisting active traffic analysis
11
packet splitting
Packet dropping
SLIDE 90
Resisting active traffic analysis
11
packet splitting
Packet dropping
SLIDE 91
Resisting active traffic analysis
11
packet splitting
Packet dropping
When is packet splitting done?
SLIDE 92
Resisting active traffic analysis
11
packet splitting
Packet dropping
When is packet splitting done?
- Sender includes splittable packets
SLIDE 93
Resisting active traffic analysis
11
packet splitting
Packet dropping
When is packet splitting done?
- Sender includes splittable packets
- … for each AS on the path
SLIDE 94
Resisting active traffic analysis
11
packet splitting
Packet dropping
When is packet splitting done?
- Sender includes splittable packets
- … for each AS on the path
- … at random intervals
SLIDE 95
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R Payload
How does splitting work concretely?
SLIDE 96
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R Payload
How does splitting work concretely?
SLIDE 97
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R Payload
SLIDE 98
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R Payload
SLIDE 99
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R Payload
SLIDE 100
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R MAC R MAC R Payload
SLIDE 101
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R MAC R MAC R Payload
SLIDE 102
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R MAC R MAC R
SLIDE 103
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R MAC R MAC R
SLIDE 104
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R MAC R MAC R
SLIDE 105
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R MAC R MAC R
Pseudorandom Payload Pseudorandom Payload
SLIDE 106
Packet splitting
12
MAC R MAC R MAC R MAC R MAC R MAC R MAC R
Pseudorandom Payload Pseudorandom Payload
SLIDE 107
TARANET Performance
Evaluation setup, Throughput, Latency
Network-layer anonymity Traffic analysis TARANET TARANET Performance Summary
SLIDE 108
- Prototype implementation
- Data-Plane Development Kit (DPDK)
Evaluation setup
14
SLIDE 109
- Prototype implementation
- Data-Plane Development Kit (DPDK)
- Software router
- 12x 10 GbE NICs
- Intel Xeon 2.7 GHz (2x 8 cores)
Evaluation setup
14
SLIDE 110
- Prototype implementation
- Data-Plane Development Kit (DPDK)
- Software router
- 12x 10 GbE NICs
- Intel Xeon 2.7 GHz (2x 8 cores)
- Results in this presentation
Evaluation setup
14
SLIDE 111
- Prototype implementation
- Data-Plane Development Kit (DPDK)
- Software router
- 12x 10 GbE NICs
- Intel Xeon 2.7 GHz (2x 8 cores)
- Results in this presentation
- Performance of one node
Evaluation setup
14
SLIDE 112
- Prototype implementation
- Data-Plane Development Kit (DPDK)
- Software router
- 12x 10 GbE NICs
- Intel Xeon 2.7 GHz (2x 8 cores)
- Results in this presentation
- Performance of one node
- Single 10 GbE interface
Evaluation setup
14
SLIDE 113
- Prototype implementation
- Data-Plane Development Kit (DPDK)
- Software router
- 12x 10 GbE NICs
- Intel Xeon 2.7 GHz (2x 8 cores)
- Results in this presentation
- Performance of one node
- Single 10 GbE interface
- Single processing core
Evaluation setup
14
SLIDE 114
Throughput
15
2 4 6 8 10
Payload Size (bytes)
256 512 768 1024 1280
Gbps
SLIDE 115
Throughput
15
2 4 6 8 10
Payload Size (bytes)
256 512 768 1024 1280
Gbps
Headers can be large
SLIDE 116
Throughput
15
2 4 6 8 10
Payload Size (bytes)
256 512 768 1024 1280
Goodput
Gbps
Headers can be large
SLIDE 117
Throughput
15
2 4 6 8 10
Payload Size (bytes)
256 512 768 1024 1280
Goodput
Gbps
Headers can be large
- Path length: 7 nodes
SLIDE 118
Throughput
15
2 4 6 8 10
Payload Size (bytes)
256 512 768 1024 1280
TARANET
Goodput
Gbps
Headers can be large
- Path length: 7 nodes
SLIDE 119
Throughput
15
2 4 6 8 10
Payload Size (bytes)
256 512 768 1024 1280
TARANET HORNET Dovetail
Goodput
Gbps
Headers can be large
- Path length: 7 nodes
SLIDE 120
Throughput
15
2 4 6 8 10
Payload Size (bytes)
256 512 768 1024 1280
TARANET HORNET Dovetail
Goodput
Gbps
Headers can be large
- Path length: 7 nodes
30–35%
SLIDE 121
Latency
16
1 2 3
Payload Size (bytes)
256 512 768 1024 1280
μs
SLIDE 122
Latency
16
1 2 3
Payload Size (bytes)
256 512 768 1024 1280
TARANET HORNET Dovetail
μs
SLIDE 123
Summary
Highlights, Limitations
Network-layer anonymity Traffic analysis TARANET TARANET Performance Summary
SLIDE 124
Summary
- TARANET highlights:
- Protection against passive traffic analysis with flowlets
- Protection against active traffic analysis with packet splitting
18
SLIDE 125
Summary
- TARANET highlights:
- Protection against passive traffic analysis with flowlets
- Protection against active traffic analysis with packet splitting
- Good performance – 3 Gbps on single core, acceptable latency
18
SLIDE 126
Summary
- TARANET highlights:
- Protection against passive traffic analysis with flowlets
- Protection against active traffic analysis with packet splitting
- Good performance – 3 Gbps on single core, acceptable latency
- Limitations:
18
SLIDE 127
Summary
- TARANET highlights:
- Protection against passive traffic analysis with flowlets
- Protection against active traffic analysis with packet splitting
- Good performance – 3 Gbps on single core, acceptable latency
- Limitations:
- Chaff traffic creates a non-negligible bandwidth overhead
18
SLIDE 128
Summary
- TARANET highlights:
- Protection against passive traffic analysis with flowlets
- Protection against active traffic analysis with packet splitting
- Good performance – 3 Gbps on single core, acceptable latency
- Limitations:
- Chaff traffic creates a non-negligible bandwidth overhead
- Third-party anonymity
18
SLIDE 129
TARANET: Traffic-Analysis Resistant Anonymity at the Network Layer
Chen Chen
chenche1@andrew.cmu.edu Carnegie Mellon University
David Barrera
david.barrera@polymtl.ca Polytechnique Montreal
Daniele E. Asoni
daniele.asoni@inf.ethz.ch ETH Z¨ urich
George Danezis
g.danezis@ucl.ac.uk University College London
Adrian Perrig
adrian.perrig@inf.ethz.ch ETH Z¨ urich
Carmela Troncoso
carmela.troncoso@epfl.ch EPFL
Abstract—Modern low-latency anonymity systems, no matter whether constructed as an overlay or implemented at the network layer, offer limited security guarantees against traffic
- analysis. On the other hand, high-latency anonymity systems
- ffer strong security guarantees at the cost of computational
- verhead and long delays, which are excessive for interactive
- applications. We propose TARANET, an anonymity system
that implements protection against traffic analysis at the net- work layer, and limits the incurred latency and overhead. In TARANET’s setup phase, traffic analysis is thwarted by
- mixing. In the data transmission phase, end hosts and ASes
coordinate to shape traffic into constant-rate transmission us- ing packet splitting. Our prototype implementation shows that TARANET can forward anonymous traffic at over 50 Gbps using commodity hardware.
- 1. Introduction
Users are increasingly aware of their lack of privacy and are turning to anonymity systems to protect their commu- in forwarding anonymous traffic. Intermediate anonymity supporting network nodes (or nodes for short) first cooperate with senders to establish anonymous sessions or circuits, and then process and forward traffic from those senders to
- receivers. While these systems achieve high throughput and
low latency, the security guarantees of these systems are no stronger than Tor’s. Moreover, LAP and Dovetail leak the position of intermediate nodes on the path and the total path length, which reduces the anonymity set size, facilitating de- anonymization [21]. The problem space appears to have an unavoidable tradeoff: strong anonymity appears achievable only through drastically higher overhead [27]. In this paper, we aim to push the boundaries of this anonymity/performance tradeoff by combining the speed of network-layer anonymity systems with strong defenses. To improve the anonymity guarantees, traffic analysis attacks need to be prevented, or made significantly harder for the adversary to perform. The common method to achieve this is to insert chaff (also known as cover traffic), which
- Flowlet setup (asymm. crypto)
- Link padding (security in depth)
- Anonymity set size analysis
- Security analysis
- Chaff/setup packet trade-off
- Deployment incentives
- …
In the paper
19
SLIDE 130
Thank you!
Contacts: Chen Chen: chenche1@andrew.cmu.edu Daniele E. Asoni: daniele.asoni@inf.ethz.ch
SLIDE 131