Practical Attacks against the I2P Network
Anonymity networks, such as Tor or I2P, were built to allow users to access network resources without revealing their identity. Newer designs, like I2P, run in a completely decentralized fashion, while older systems, like Tor, are built around central authorities. The decentralized approach has advantages (no trusted central party, better scalability), but there are also security risks associated with the use of distributed hash tables (DHTs) in this environment.
I2P was built with these security problems in mind, and the network is considered to provide anonymity for all practical purposes. Unfortunately, this is not entirely justified. In this paper, we present a group of attacks that can be used to deanonymize I2P users. Specifically, we show that an attacker, with relatively limited resources, is able to deanonymize a I2P user that accesses a resource of interest with high probability.
KeywordsService Information Malicious Node Distribute Hash Table Sybil Attack Attack Node
Unable to display preview. Download preview PDF.
- 1.Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004, p. 21. USENIX Association, Berkeley (2004)Google Scholar
- 2.Dingledine, R., Mathewson, N., Murdoch, S., Syverson, P.: Tor: the second-generation onion router 2012 draft (2012)Google Scholar
- 3.Tran, A., Hopper, N., Kim, Y.: Hashing it out in public: common failure modes of DHT-based anonymity schemes. In: Proceedings of the 8th ACM Workshop on Privacy in the Electronic Society, WPES 2009, pp. 71–80. ACM, New York (2009)Google Scholar
- 4.Mittal, P., Borisov, N.: Information leaks in structured peer-to-peer anonymous communication systems. ACM Trans. Inf. Syst. Secur. 15(1), 5:1–5:28 (March 2012)Google Scholar
- 8.Singh, A., Ngan, T.-W., Druschel, P., Wallach, D.S.: Eclipse attacks on overlay networks: Threats and defenses. In: IEEE INFOCOM (2006)Google Scholar
- 9.Timpanaro, J.P., Chrisment, I., Festor, O.: Monitoring the I2P networkGoogle Scholar
- 11.Evans, N., Grothoff, C.: R5n: Randomized recursive routing for restricted-route networks. In: 2011 5th International Conference on Network and System Security (NSS), pp. 316–321 (September 2011)Google Scholar
- 12.Wolchok, S., Hofmann, O.S., Heninger, N., Felten, E.W., Halderman, J.A., Rossbach, C.J., Waters, B., Witchel, E.: Defeating Vanish with low-cost Sybil attacks against large DHTs. In: Proc. of NDSS (2010)Google Scholar