TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems

1
TAP A Novel Tunneling Approach for Anonymity in
Structured P2P Systems

• Yingwu Zhu and Yiming Hu
• University of Cincinnati

2
Outline

• Motivation and Preliminaries
• Design of TAP
• Evaluation
• Conclusions
• Future Work

3
Static Mixes-based Anonymous Systems

• Use a small, fixed core set of mixes to form an
  anonymous tunnel (e.g, anonymous remailer, onion
  routing)
• Limitations
• Corrupt entry mixes reveal traffic source
• Colluding entry and exit mixes reveal traffic
  source and destination
• Difficult to counter traffic analysis attacks
  (e.g., cover traffic is expensive and hurts
  performance)
• Capacity problem (small of mixes and
  potentially large of users)
• Law enforcement could be a hurdle for deployment

4
P2P-based Anonymous Systems

• An anonymous tunnel is formed by a randomly
  chosen set of P2P nodes (e.g., Crowds, Tarzan)
• Each peer node is a potential mix
• Overcome the limitations of static mixes-based
  anonymous systems
• Drawback
• A functionality problem anonymous tunnels are
  unstable due to node joins and departures in P2P
  systems

5
Why TAP?

• P2P based anonymous systems pose a functionality
  problem for tunnels due to dynamism of P2P
  systems
• TAP
• A P2P based system, fault-tolerant to node
  failures
• Avoids the functionality problem while providing
  anonymity
• Supports applications in the face of node
  failures
• Long-standing remote login sessions
• Anonymous email systems, etc.

6
Design of TAP

• Goal to strike a balance point between
  functionality and anonymity in dynamic P2P
  systems
• Two infrastructures TAP relies on
• P2P (secure) routing infrastructure (a message
  could be securely routed to a destination node in
  the case that a fraction of nodes are malicious)
• P2P replication mechanism (k replicas for each
  data item are stored on k different nodes)

7
Design of TAP

• Basic idea
• Decouple anonymous tunnels from fixed nodes
• A tunnel is formed by a sequence of tunnel hops,
  each of which is specified by a hopId (hop
  identifier) instead of IP address
• A tunnel hop is an abstract for a hop node (whose
  nodeId is numerically closest to its hopId), a
  tunnel therefore is fault-tolerant to hop node
  failures by relying on P2P replication mechanism
• Use a mix-style layered encryption

8
TAPs tunneling mechanism
h1,h2,h3,D,mk3k2k1
h2,h3,D,mk3k2k1
h3,D,mk3k2
I initiator node D destination node
Pi tunnel hop node, whose nodeId is numerically
closest to hopId hi
Tunnel hop anchor
MK encryption of message M withsymmetric key
K
m
D,mk3
9
Tunnel Hop Anchor (THA)

• A tunnel hop is anchored in the system through
  THA
• In the form of lthopId, K, H(PW)gt
• hopId hop identifier, acts as a DHT key for
  THAs storage and retrieval
• K symmetric key for encryption/decryption
• H(PW) hash of a password PW, to secure the THA
• Stored on k nodes whose nodeIds are numerically
  closest to hopId (P2P replication)

10
TAPs Tunnel

• Step1 generate a set of THAs
• THAs are node-specific, avoiding colliding with
  other nodes THAs
• But do not reveal the nodes identity
• Step2 anonymously deploy the generated THAs
• Use a bootstrapping anonymous tunnel
• Step3 form a tunnel using the deployed THAs
• Select a sequence of deployed THAs
• Selected THAs should be scattered in the
  identifier space as far as possible
• Step4 send messages through the formed tunnel to
  achieve anonymity

11
Anonymous File Retrieval

• An initiator node I wants to anonymously retrieve
  a file f with fid as its fileId (file identifier)
• Create a forward tunnel Tf consist of 3 hops with
  hopIds of h1, h2, and h3 respectively
• Create a reply tunnel Tr consist of 3 hops with
  hopIds of h4, h5, and h6, Trh4,h5,h6,bid,fake
  Onionk6k5k4, where bid is an identifier
  falling into Is responsible region
• Create a message Mh1,h2,h3,fid,K,Trk3k2k
  1, where K is a temporary public key
• Send out M through Tf

12
Anonymous File Retrieval

• The destination node D which is responsible for
  the file f
• Encrypt f with a symmetric key k fk
• Encrypt k with K kK
• Send out fk kK through the reply tunnel
  Tr
• The Initiator I
• Receive the message fk kK from the reply
  tunnel Tr
• Decrypt the file f

13
Tunnel Performance Enhancement

• Consider a message M which routes through a
  tunnel of 3 hops with hopIds of h1, h2 and h3 M
  h1,h2,h3,D,mk3k2k1
• Each tunnel hop involves logN hops (N is the
  number of nodes in the system) due to P2P routing
  algorithm
• Enhancement embedding IP address of tunnel hop
  nodes into M
• M h1,IP1,h2,IP2,h3,IP3,D,mk3k2k1

14
Evaluation

• Fault-tolerant to node failures
• Impact of colluding malicious nodes
• Impact of P2P system dynamism
• Tunneling performance

15
Fault-tolerant to Node Failures
For a 10,000 node P2P system with 5,000 tunnels
(each tunnels length is 5)(1) TAPs tunnels
are more fault-tolerant to node failures than
current tunneling techniques(2) A higher
replication factor k makes TAPs tunnels more
fault-tolerant to node failures
16
Colluding Malicious Nodes
For a 10,000 node P2P system with 5,000 tunnels
(each tunnels length is 5 and the replication
factor k is 3)(1) There is no significant
corrupted tunnels even when the fraction of
malicious nodes is large (0.3)(2) The fraction
of corrupted tunnels increases as the replication
factor k increases (not shown here)(3) The
fraction of corrupted tunnels decreases with the
increasing tunnel length (not shown here)
17
Impact of P2P Dynamism
For a 10,000 node P2P system with 5,000 tunnels
initially (each tunnels length is 5, the
replication factor k is 5, and the fraction of
malicious nodes is fixed at 0.1)(1) During each
time unit, 100 benign nodes leave and then
another 100 nodes join(2) un-refreshed keeps
the 5,000 tunnels unchanged(3) refreshed a new
set of 5,000 tunnels are created to replace the
old set of tunnels after each time unit --- TAP
should reform tunnels periodically to deal with
P2P dynamism in the face of malicious nodes
18
Tunneling Performance
Transfer a 2Mb file in a P2P system ranging from
100 to 10000 nodes(1) overt rely on P2P
routing without any anonymous tunneling
mechanism(2) TAP_basic using TAP basic
tunneling mechanism(3) TAP_opt using TAPs
enhanced scheme(4) l tunnel length--- TAPs
basic tunneling introduces big overhead in file
transferring--- a longer tunnel length
introduces bigger overhead--- TAPs enhanced
scheme reduces overhead significantly
19
Conclusions

• Leveraging P2P secure routing and replication
  mechanism, TAP is fault-tolerant to node failures
• By carefully choosing tunnel length l and
  replication factor k, TAP strikes a balance
  between functionality and anonymity
• TAPs enhanced scheme improves its performance
  significantly
• TAP users should reform their tunnels
  periodically against colluding malicious nodes in
  very dynamic P2P systems

20
Future Work

• TAP lacks the ability to control future hops
  along a tunnel, and it trades this ability for
  functionality
• If we can control future hops like Tarzan, TAP
  may provide stronger anonymity
• TAP needs a mechanism to detect corrupted tunnels