Dovetail: Stronger Anonymity in Next-Generation Internet Routing

  • Jody Sankey
  • Matthew Wright
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8555)


Given current research initiatives advocating “clean slate” Internet designs, researchers have the opportunity to design an internetwork layer routing protocol that provides efficient anonymity by decoupling identity from network location. Prior work in anonymity for the next-generation Internet fully trusts the user’s ISP. We propose Dovetail, which provides anonymity against an active attacker located at any single point within the network, including the user’s ISP. A major design challenge is to provide this protection without including an applicationlayer proxy in data transmission. We address this in path construction by using a matchmaker node (an end host) to overlap two path segments at a dovetail node (a router). The dovetail then trims away part of the path so that data transmission bypasses the matchmaker. We develop a systematic mechanism to measure the topological anonymity of our designs, and we demonstrate their privacy and efficiency by Internet-scale simulations at the AS-level.


Autonomous System Path Segment Short Path Tree Destination Identity Forwarding Table 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Reiter, M., Rubin, A.: Crowds: Anonymity for web transactions. ACM ToISS (1998)Google Scholar
  2. 2.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: USENIX Security (2004)Google Scholar
  3. 3.
    The Tor Project, Inc.: Tor metrics portal: Users, (accessed: February 11, 2014)
  4. 4.
    Paul, S., Pan, J., Jain, R.: Architectures for the future networks and the next generation internet: A survey. Computer Communications (2011)Google Scholar
  5. 5.
    The National Science Foundation: NSF NeTS FIND initiative, (accessed: February 11, 2014)
  6. 6.
    CORDIS: FIRE home page, (accessed: February 11, 2014)
  7. 7.
    National Institute of Information and Communications Technology: “AKARI” architecture design project for new generation network, (accessed: February 11, 2014)
  8. 8.
    Papadopoulos, F., Krioukov, D., Bogua, M., Vahdat, A.: Greedy forwarding in dynamic scale-free networks embedded in hyperbolic metric spaces. In: IEEE INFOCOM (2010)Google Scholar
  9. 9.
    Bhattacharjee, B., Calvert, K., Griffioen, J., Spring, N., Sterbenz, J.P.: Postmodern internetwork architecture. NSF Nets FIND Initiative (2006)Google Scholar
  10. 10.
    Godfrey, P.B., Ganichev, I., Shenker, S., Stoica, I.: Pathlet routing. In: ACM SIGCOMM (2009)Google Scholar
  11. 11.
    Farinacci, D., Lewis, D., Meyer, D., Fuller, V.: The locator/ID separation protocol (LISP). RFC 6830 (2013)Google Scholar
  12. 12.
    Yang, X., Wetherall, D.: Source selectable path diversity via routing deflections. ACM SIGCOMM Computer Communication Review (2006)Google Scholar
  13. 13.
    Yang, X.: NIRA: A new internet routing architecture. In: ACM SIGCOMM FDNA (2003)Google Scholar
  14. 14.
    Zhang, X., Hsiao, H.C., Hasker, G., Chan, H., Perrig, A., Andersen, D.G.: SCION: Scalability, control, and isolation on next-generation networks. In: IEEE S&P (2011)Google Scholar
  15. 15.
  16. 16.
    Hsiao, H.C., Kim, T.J., Perrig, A., Yamada, A., Nelson, S.C., Gruteser, M., Meng, W.: LAP: Lightweight anonymity and privacy. In: IEEE S&P (2012)Google Scholar
  17. 17.
    Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization, v0.34 (2010),
  18. 18.
    Kaufman, C., Hoffman, P., Nir, Y., Eronen, P.: Internet Key Exchange Protocol Version 2 (IKEv2). RFC 5996 (Proposed Standard), Updated by RFCs 5998, 6989 (September 2010)Google Scholar
  19. 19.
    Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1–18. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  20. 20.
    Soltani, A., Canty, S., Mayo, Q., Thomas, L., Hoofnagle, C.J.: Flash cookies and privacy. In: SSRN eLibrary (2009)Google Scholar
  21. 21.
    Acquisti, A., Dingledine, R., Syverson, P.: On the economics of anonymity. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 84–102. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Dingledine, R., Murdoch, S.J.: Performance improvements on Tor or, why Tor is slow and what we’re going to do about it (2009),
  23. 23.
    Jansen, R., Johnson, A., Syverson, P.: LIRA: Lightweight Incentivized Routing for Anonymity. In: NDSS (2013)Google Scholar
  24. 24.
    Dischinger, M., Haeberlen, A., Gummadi, K.P., Saroiu, S.: Characterizing residential broadband networks. In: ACM SIGCOMM IMC (2007)Google Scholar
  25. 25.
    Levine, B.N., Reiter, M.K., Wang, C.-X., Wright, M.: Timing attacks in low-latency mix systems. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  26. 26.
    Houmansadr, A., Kiyavash, N., Borisov, N.: RAINBOW: A robust and invisible non-blind watermark for network flows. In: NDSS (2009)Google Scholar
  27. 27.
    Chen, S., Wang, X., Jajodia, S.: On the anonymity and traceability of peer-to-peer voip calls. IEEE Network 20(5), 32–37 (2006)CrossRefGoogle Scholar
  28. 28.
    Reimer, J.: Your ISP may be selling your web clicks (2007),
  29. 29.
    Dampier, P.: ‘Cable ONE spied on customers’ alleges federal class action lawsuit (2012),
  30. 30.
    Syverson, P.: Why I’m not an entropist. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds.) Security Protocols 2009. LNCS, vol. 7028, pp. 213–230. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  31. 31.
    Murdoch, S.J., Zieliński, P.: Sampled traffic analysis by internet-exchange-level adversaries. In: Borisov, N., Golle, P. (eds.) PET 2007. LNCS, vol. 4776, pp. 167–183. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  32. 32.
    Boyan, J.: The anonymizer. Computer-Mediated Communication Magazine (1997)Google Scholar
  33. 33.
    Panchenko, A., Pimenidis, L., Renner, J.: Performance analysis of anonymous communication channels provided by Tor. In: ARES (2008)Google Scholar
  34. 34.
    DiBenedetto, S., Gasti, P., Tsudik, G., Uzun, E.: ANDaNA: Anonymous named data networking application. In: NDSS (2013)Google Scholar
  35. 35.
    Gao, L.: On inferring autonomous system relationships in the internet. In: IEEE/ACM ToN (2001)Google Scholar
  36. 36.
    Giotsas, V., Zhou, S.: Valley-free violation in internet routing-analysis based on BGP community data. In: IEEE ICC (2012)Google Scholar
  37. 37.
    Ryan, P.S., Gerson, J.: A primer on Internet exchange points for policymakers and non-engineers (August 2012),
  38. 38.
    Lodhi, A., Dhamdhere, A., Dovrolis, C.: Open peering by Internet transit providers: Peer preference or peer pressure? In: Proc. IEEE INFOCOM (2014)Google Scholar
  39. 39.
    Rekhter, Y., Li, T., Hares, S.: A border gateway protocol 4 (BGP-4). RFC 4271 (2006)Google Scholar
  40. 40.
    Sankey, J., Wright, M.: Dovetail: Stronger anonymity in next-generation internet routing (April 2014),
  41. 41.
    Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of service or denial of security? In: CCS (2007)Google Scholar
  42. 42.
    Wright, M.K., Adler, M., Levine, B.N., Shields, C.: Passive-logging attacks against anonymous communications systems. ACM Transactions on Information and System Security (TISSEC) 11(2) (2008)Google Scholar
  43. 43.
    Chen, S., Wang, R., Wang, X., Zhang, K.: Side-channel leaks in web applications: A reality today, a challenge tomorrow. In: IEEE S&P (2010)Google Scholar
  44. 44.
    Mittal, P., Khurshid, A., Juen, J., Caesar, M., Borisov, N.: Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting. In: ACM CCS (2011)Google Scholar
  45. 45.
    Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? In: ACM CCS (2007)Google Scholar
  46. 46.
    Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: IEEE S&P (2005)Google Scholar
  47. 47.
    Evans, N., Dingledine, R., Grothoff, C.: A practical congestion attack on Tor using long paths. In: USENIX Security (2009)Google Scholar
  48. 48.
    CAIDA: The CAIDA UCSD inferred AS relationships - 20120601 (2012),

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Jody Sankey
    • 1
  • Matthew Wright
    • 1
  1. 1.University of Texas at ArlingtonUSA

Personalised recommendations