| Privacy and anonymity on the Internet are gaining increasing attention from both thescientific and the large Internet user community in recent years. Privacy does not only meanthe confidentiality of information, but also mean not revealing who is communicating withwhom, and how often. Anonymity is an essential requirement for privacy as encryption alonemay not be sufficient to protect the confidentiality of communications. This thesis focuses onlow-latency anonymous communications on the Internet. The main contributions are listed asfollows:We firstly give a survey of anonymity on the Internet. Then we design and implementWonGoo, a scalable and practical decentralized peer-to-peer protocol that provides stronganonymity and high efficiency with layered encryption and random forwarding. We reduce theencryption overhead when lengthening the anonymity path for stronger anonymity. WonGoo isa tradeoff between anonymity and efficiency, providing variable anonymity. Compared withother layered encryption MIX protocols and Crowds, WonGoo has some advantage in provingits correctness, obtaining practicality, correctness and efficiency in encryption in the waydiffering from the layered encryption systems that can be difficult to achieve correctness ofschemes.Secondly, we develop a Gossip algorithm for Peer Discovery based upon node Localin-degree (GPDL), using only local topology information instead of global since it's practicallyvery difficult to get global topology information in large-scale decentralized peer-to-peernetworks. Our goal is trying to discover peers uniformly in the whole network as well as todiscover robust nodes. The idea behind our gossip peer discovery is that the larger the degreeof a node, the better its robustness. Simulations show that the network under GPDL algorithmis highly clustering, and its average diameter is almost not influenced by the dynamics ofnodes. With time passing, a node can discover robust nodes, and its neighbors are nearlyselected uniformly from the whole network.Thirdly, we review the universal re-encryption scheme URE and its extension EURE,discovering their vulnerabilities to Pfitzmann attack. Then we propose a novel re-encryptionscheme, WGRe, for WonGoo protocol. WGRe can ensure the correctness of the outputs from anode and protect against replay attack, which is hard in layered encryption systems. WGRe ispractical and more efficient than URE and EURE schemes due to the fact that its ciphertext isonly double the size of the corresponding plaintext, instead of four times as the URE or EURE.Fourthly, we present a detailed security analysis of the WonGoo protocol. We make acomparison between WonGoo and other protocols, describing the correctness of the outputsfrom a WonGoo node. Then we analyze how confident the collaborators can be that theirimmediate predecessor is in fact the path initiator, and measure the anonymity degree ofWonGoo based upon information theory.Finally, we present a formal analysis of WonGoo protocol with probabilistic modelchecking. The behavior of group members and the adversary is modeled as a discrete-timeMarkov chain, and security properties are expressed as PCTL formulas. Using the probabilisticmodel checker PRISM, we analyze the anonymity guarantees that the protocol is intended toprovide. The results reveal that the anonymity provided by WonGoo increases with theincrease of path length and system size, and degrades with the increase of observable routingpaths that originate from the same source.
|
PDF Full Text Request