Advertisement

\(\text{Drac}\): An Architecture for Anonymous Low-Volume Communications

  • George Danezis
  • Claudia Diaz
  • Carmela Troncoso
  • Ben Laurie
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6205)

Abstract

We present \(\text{Drac}\), a system designed to provide anonymity and unobservability for real-time instant messaging and voice-over-IP communications against a global passive adversary. The system uses a relay based anonymization mechanism where circuits are routed over a social network in a peer-to-peer fashion, using full padding strategies and separate epochs to hide connection and disconnection events. Unlike established systems, \(\text{Drac}\) gives away the identity of a user’s friends to guarantee the unobservability of actual calls, while still providing anonymity when talking to untrusted third parties. We present the core design and components of \(\text{Drac}\), we discuss the key ways in which it challenges our current concepts of anonymity and provide an initial simulation-based security analysis.

Keywords

Entry Point IEEE Computer Society Instant Messaging Social Graph Sybil Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Acquisti, A., Dingledine, R., Syverson, P.F.: On the Economics of Anonymity. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 84–102. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Barabasi, A.-L., Bonabeau, E.: Scale-free networks. Scientific American 288(5), 60–69 (2003)CrossRefGoogle Scholar
  3. 3.
    Bonneau, J., Anderson, J., Danezis, G.: Prying data out of a social network. In: Memon, N., Alhajj, R. (eds.) ASONAM, pp. 249–254. IEEE Computer Society, Los Alamitos (2009)Google Scholar
  4. 4.
    Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of service or denial of security? In: Ning, P., De Capitani di Vimercati, S., Syverson, P.F. (eds.) ACM Conference on Computer and Communications Security, pp. 92–102. ACM, New York (2007)Google Scholar
  5. 5.
    Borisov, N., Golle, P. (eds.): PET 2007. LNCS, vol. 4776. Springer, Heidelberg (2007)Google Scholar
  6. 6.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  7. 7.
    Danezis, G.: Mix-networks with restricted routes. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 1–17. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a type III anonymous remailer protocol. In: IEEE Symposium on Security and Privacy, pp. 2–15. IEEE Computer Society, Los Alamitos (2003)Google Scholar
  9. 9.
    Danezis, G., Goldbergp, I.: Sphinx: A compact and provably secure mix format. In: IEEE Symposium on Security and Privacy, pp. 269–282. IEEE Computer Society, Los Alamitos (2009)Google Scholar
  10. 10.
    Danezis, G., Mittal, P.: Sybilinfer: Detecting sybil nodes using social networks. In: NDSS. The Internet Society (2009)Google Scholar
  11. 11.
    Diaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Díaz, C., Troncoso, C., Serjantov, A.: On the impact of social network profiling on anonymity. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 44–62. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  13. 13.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium, vol. 2 (2004)Google Scholar
  14. 14.
    Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: The second-generation onion router. In: USENIX Security Symposium, pp. 303–320. USENIX (2004)Google Scholar
  15. 15.
    Feamster, N., Dingledine, R.: Location diversity in anonymity networks. In: Atluri, V., Syverson, P.F., De Capitani di Vimercati, S. (eds.) WPES, pp. 66–76. ACM, New York (2004)Google Scholar
  16. 16.
    Goldberg, I.: On the security of the tor authentication protocol. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 316–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Johnson, A., Syverson, P.F.: More anonymous onion routing through trust. In: CSF, pp. 3–12. IEEE Computer Society, Los Alamitos (2009)Google Scholar
  18. 18.
    Kate, A., Zaverucha, G.M., Goldberg, I.: Pairing-based onion routing. In: Borisov, Golle (eds.) [5], pp. 95–112Google Scholar
  19. 19.
    Kesdogan, D., Agrawal, D., Pham, D.V., Rautenbach, D.: Fundamental limits on the anonymity provided by the mix technique. In: IEEE Symposium on Security and Privacy, pp. 86–99. IEEE Computer Society, Los Alamitos (2006)Google Scholar
  20. 20.
    Laurie, B.: Apres - a system for anonymous presence. Technical reportGoogle Scholar
  21. 21.
    Mittal, P., Borisov, N.: Information leaks in structured peer-to-peer anonymous communication systems. In: Syverson, P., Jha, S., Zhang, X. (eds.) Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), Alexandria, Virginia, USA, October 2008, pp. 267–278. ACM Press, New York (2008)CrossRefGoogle Scholar
  22. 22.
    Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster Protocol — Version 2. Draft (July 2003)Google Scholar
  23. 23.
    Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of tor. In: IEEE Symposium on Security and Privacy, pp. 183–195. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  24. 24.
    Murdoch, S.J., Zielinski, P.: Sampled traffic analysis by internet-exchange-level adversaries. In: Borisov, Golle (eds.) [5], pp. 167–183Google Scholar
  25. 25.
    O’Connor, L.: Entropy bounds for traffic confirmation. Technical Report 2008/365, IACR (October 2008)Google Scholar
  26. 26.
    Pfitzmann, A., Pfitzmann, B., Waidner, M.: ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead. Informatik-Fachberichte, pp. 451–463 (1991)Google Scholar
  27. 27.
    Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudonymity - A proposal for terminology. In: Federrath, H. (ed.) PET 2000. LNCS, vol. 2009, pp. 1–9. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  28. 28.
    Reardon, J.: Improving Tor using a TCP-over-DTLS tunnel. Master’s thesis, University of Waterloo (September 2008)Google Scholar
  29. 29.
    Reiter, M.K., Rubin, A.D.: Anonymous web transactions with crowds. Commun. ACM 42(2), 32–38 (1999)CrossRefGoogle Scholar
  30. 30.
    Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  31. 31.
    Syverson, P., Tsudik, G., Reed, M., Landwehr, C.: Towards an analysis of onion routing security. In: Federrath, H. (ed.) PET 2000. LNCS, vol. 2009, pp. 96–114. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  32. 32.
    Troncoso, C., Danezis, G.: The bayesian traffic analysis of mix networks. In: Al-Shaer, E., Jha, S., Keromytis, A.D. (eds.) ACM Conference on Computer and Communications Security, pp. 369–379. ACM, New York (2009)Google Scholar
  33. 33.
    Varouhakis, M.: Greek intelligence and the capture of PKK leader abdullah ocalan in 1999. Studies in Intelligence 53(1) (Extracts) (March 2009)Google Scholar
  34. 34.
    Venkitasubramaniam, P., He, T., Tong, L.: Relay secrecy in wireless networks with eavesdroppers. In: Proceedings of the Allerton Conference on Communication, Control and Computing (2006)Google Scholar
  35. 35.
    Watts, D.J., Strogatz, S.H.: Collective dynamics of ‘small-world’ networks. Nature 393, 440–442 (1998)CrossRefGoogle Scholar
  36. 36.
    Wright, C.V., Coull, S.E., Monrose, F.: Traffic morphing: An efficient defense against statistical traffic analysis. In: Proceedings of the Network and Distributed Security Symposium - NDSS 2009, February 2009. IEEE, Los Alamitos (2009)Google Scholar
  37. 37.
    Wright, C.V., Ballard, L., Coull, S.E., Monrose, F., Masson, G.M.: Spot me if you can: Uncovering spoken phrases in encrypted voip conversations. In: IEEE Symposium on Security and Privacy, pp. 35–49. IEEE Computer Society, Los Alamitos (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • George Danezis
    • 1
  • Claudia Diaz
    • 2
  • Carmela Troncoso
    • 2
  • Ben Laurie
    • 3
  1. 1.Microsoft Research CambridgeUSA
  2. 2.K.U. Leuven/IBBT, ESAT/SCD-COSICBelgium
  3. 3.Google, Inc.USA

Personalised recommendations