Attacking and Repairing the Improved ModOnions Protocol

  • Nikita Borisov
  • Marek Klonowski
  • Mirosław Kutyłowski
  • Anna Lauks-Dutka
Conference paper

DOI: 10.1007/978-3-642-14423-3_18

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5984)
Cite this paper as:
Borisov N., Klonowski M., Kutyłowski M., Lauks-Dutka A. (2010) Attacking and Repairing the Improved ModOnions Protocol. In: Lee D., Hong S. (eds) Information, Security and Cryptology – ICISC 2009. ICISC 2009. Lecture Notes in Computer Science, vol 5984. Springer, Berlin, Heidelberg

Abstract

In this paper, we present a new class of attacks against an anonymous communication protocol, originally presented in ACNS 2008. The protocol itself was proposed as an improved version of ModOnions, which uses universal re-encryption in order to avoid replay attacks. However, ModOnions allowed the detour attack, introduced by Danezis to re-route ModOnions to attackers in such a way that the entire path is revealed. The ACNS 2008 proposal addressed this by using a more complicated key management scheme. The revised protocol is immune to detour attacks. We show, however, that the ModOnion construction is highly malleable and this property can be exploited in order to redirect ModOnions. Our attacks require detailed probing and are less efficient than the detour attack, but they can nevertheless recover the full onion path while avoiding detection and investigation. Motivated by this, we present a new modification to the ModOnion protocol that dramatically reduces the malleability of the encryption primitive. It addresses the class of attacks we present and it makes other attacks difficult to formulate.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Nikita Borisov
    • 1
  • Marek Klonowski
    • 2
  • Mirosław Kutyłowski
    • 2
  • Anna Lauks-Dutka
    • 2
  1. 1.Department of Electrical and Computer EngineeringUniversity of Illinois at Urbana-Champaign 
  2. 2.Institute of Mathematics and Computer ScienceWrocław University of Technology 

Personalised recommendations