Abstract
Traditional anonymous networks (e.g., Tor) are vulnerable to traffic analysis attacks that monitor the whole network traffic to determine which users are communicating. To preserve user anonymity against traffic analysis attacks, the emerging mix networks mess up the order of packets through a set of centralized and explicit shuffling nodes. However, this centralized design of mix networks is insecure against targeted DoS attacks that can completely block these shuffling nodes. In this paper, we present DAENet, an efficient mix network that resists both targeted DoS attacks and traffic analysis attacks with a new abstraction called Stealthy Peer-to-Peer (P2P) Network. The stealthy P2P network effectively hides the shuffling nodes used in a routing path into the whole network, such that adversaries cannot distinguish specific shuffling nodes and conduct targeted DoS attacks to block these nodes. In addition, to handle traffic analysis attacks, we leverage the confidentiality and integrity protection of Intel SGX to ensure trustworthy packet shuffles at each distributed host, and use multiple routing paths to prevent adversaries from tracking and revealing user identities. We show that our system is scalable with moderate latency (2.2s) when running in a cluster of 10,000 participants and is robust in the case of machine failures, making it an attractive new design for decentralized anonymous communication. DAENet's code is released on http://github.com/tdsc0652/dae-net.
Original language | English |
---|---|
Pages (from-to) | 2286 - 2303 |
Journal | IEEE Transactions on Dependable and Secure Computing |
Volume | 19 |
Issue number | 4 |
Early online date | 19 Jan 2021 |
DOIs | |
Publication status | Published - 1 Jul 2022 |
Keywords
- Cryptography
- Denial-of-service attack
- Peer-to-peer computing
- Relays
- Resists
- Routing
- Servers
ASJC Scopus subject areas
- General Computer Science
- Electrical and Electronic Engineering