1. bookVolume 2017 (2017): Issue 1 (January 2017)
Journal Details
First Published
16 Apr 2015
Publication timeframe
4 times per year
access type Open Access

PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer

Published Online: 22 Dec 2016
Page range: 100 - 117
Received: 31 May 2016
Accepted: 02 Sep 2016
Journal Details
First Published
16 Apr 2015
Publication timeframe
4 times per year

We identify two vulnerabilities for existing highspeed network-layer anonymity protocols, such as LAP and Dovetail. First, the header formats of LAP and Dovetail leak path information, reducing the anonymity-set size when an adversary launches topological attacks. Second, ASes can launch session hijacking attacks to deanonymize destinations. HORNET addresses these problems but incurs additional bandwidth overhead and latency.


[1] CAIDA AS-relationship dataset. http://www.caida.org/ data/as-relationships/.Search in Google Scholar

[2] curve25519-donna. https://code.google.com/p/curve25519-donna/.Search in Google Scholar

[3] DPDK: Data Plane Development Kit. http://dpdk.org/.Search in Google Scholar

[4] Global surveillance disclosures (2013-present). https://en.wikipedia.org/wiki/Global_surveillance_disclosures_(2013%E2%80%93present).Search in Google Scholar

[5] Intel AESNI Sample Library. https://software.intel.com/enus/articles/download-the-intel-aesni-sample-library.Search in Google Scholar

[6] The invisible internet project. https://geti2p.net/en/.Search in Google Scholar

[7] iPlane dataset. http://iplane.cs.washington.edu/data/data.html.Search in Google Scholar

[8] JonDonym anonymous proxy servers. https://anon.inf.tudresden.de/index_en.html.Search in Google Scholar

[9] NSA collecting phone records of millions of verizon customers daily. http://www.theguardian.com/world/2013/jun/06/nsa-phone-records-verizon-court-order.Search in Google Scholar

[10] RouteView project. http://www.routeviews.org/.Search in Google Scholar

[11] Spirent TestCenter. http://www.spirent.com/~/media/Datasheets/Broadband/PAB/SpirentTestCenter/STC_Packet_Generator-Analyzer_BasePackage_datasheet.pdf.Search in Google Scholar

[12] The CAIDA UCSD Anonymized Internet Traces 2015 - equinix-chicago 2015-01-20. http://www.caida.org/data/passive/passive_2015_dataset.xml.Search in Google Scholar

[13] Tor metrics: Ddrect users by country. "https://metrics.torproject.org/userstats-relay-country.html. Retrieved on Nov.3, 2015.Search in Google Scholar

[14] Tor project. https://www.torproject.org/.Search in Google Scholar

[15] B. Augustin, X. Cuvellier, B. Orgogozo, F. Viger, T. Friedman, M. Latapy, C. Magnien, and R. Teixeira. Avoiding traceroute anomalies with Paris traceroute. In ACM IMC, 2006.Search in Google Scholar

[16] O. Berthold, H. Federrath, and S. Köpsell. Web mixes: A system for anonymous and unobservable internet access. In PETS, 2001.Search in Google Scholar

[17] S. Chakravarty, M. V. Barbera, G. Portokalidis, M. Polychronakis, and A. D. Keromytis. On the effectiveness of traffic analysis against anonymity networks using flow records. In PAM, 2014.Search in Google Scholar

[18] D. Chaum. The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of cryptology, 1(1):65-75, 1988.Search in Google Scholar

[19] D. Chaum, F. Javani, A. Kate, A. Krasnova, J. de Ruiter, and A. T. Sherman. cMix: Anonymization by highperformance scalable mixing. Technical report, 2016. https://eprint.iacr.org/2016/008.Search in Google Scholar

[20] D. L. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 24(2):84-88, Feb.1981.Search in Google Scholar

[21] C. Chen, D. E. Asoni, D. Barrera, G. Danezis, and A. Perrig. HORNET: High-speed onion routing at the network layer. In ACM CCS, 2015.Search in Google Scholar

[22] G. Danezis. The traffic analysis of continuous-time mixes. In PETS, 2004.Search in Google Scholar

[23] G. Danezis, C. Diaz, C. Troncoso, and B. Laurie. Drac: An architecture for anonymous low-volume communications. In PETS, 2010.Search in Google Scholar

[24] G. Danezis, R. Dingledine, and N. Mathewson. Mixminion: Design of a type III anonymous remailer protocol. In IEEE S&P, 2003.Search in Google Scholar

[25] G. Danezis and I. Goldberg. Sphinx: A compact and provably secure mix format. In IEEE S&P, 2009.Search in Google Scholar

[26] S. DiBenedetto, P. Gasti, G. Tsudik, and E. Uzun. ANDaNA: Anonymous named data networking application. arXiv preprint arXiv:1112.2205, 2011.Search in Google Scholar

[27] R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. In USENIX Security, 2004.Search in Google Scholar

[28] R. Dingledine and S. J. Murdoch. Performance improvements on Tor or, why Tor is slow and what we’re going to do about it. Online: http://www.torproject.org/press/presskit/2009-03-11-performance.pdf, 2009. Search in Google Scholar

[29] M. J. Freedman and R. Morris. Tarzan: A peer-to-peer anonymizing network layer. In ACM CCS, 2002.Search in Google Scholar

[30] P. Godfrey, I. Ganichev, S. Shenker, and I. Stoica. Pathlet routing. ACM SIGCOMM CCR, 39(4):111-122, 2009.Search in Google Scholar

[31] C. Gülcü and G. Tsudik. Mixing email with babel. In NDSS, 1996.Search in Google Scholar

[32] N. Hopper, E. Y. Vasserman, and E. Chan-Tin. How much anonymity does network latency leak? ACM Transactions on Information and System Security, 13(2), February 2010.Search in Google Scholar

[33] A. Houmansadr, N. Kiyavash, and N. Borisov. RAINBOW: A robust and invisible non-blind watermark for network flows. In NDSS, 2009.Search in Google Scholar

[34] H. C. Hsiao, T. H. J. Kim, A. Perrig, A. Yamada, S. C. Nelson, M. Gruteser, and W. Meng. LAP: Lightweight anonymity and privacy. In IEEE Security & Privacy, 2012.Search in Google Scholar

[35] S. Le Blond, D. Choffnes, W. Caldwell, P. Druschel, and N. Merritt. Herd: A scalable, traffic analysis resistant anonymity network for VoIP systems. In ACM SIGCOMM, 2015.Search in Google Scholar

[36] S. Le Blond, D. Choffnes, W. Zhou, P. Druschel, H. Ballani, and P. Francis. Towards efficient traffic-analysis resistant anonymity networks. In ACM SIGCOMM, 2013.Search in Google Scholar

[37] V. Liu, S. Han, A. Krishnamurthy, and T. Anderson. Tor instead of ip. In ACM HotNets, 2011.Search in Google Scholar

[38] P. Mahadevan, D. Krioukov, M. Fomenkov, B. Huffaker, X. Dimitropoulos, k. claffy, and A. Vahdat. The Internet AS-level topology: Three data sources and one definitive metric. ACM SIGCOMM CCR, 36(1):17-26, Jan 2006.Search in Google Scholar

[39] N. Mathewson and R. Dingledine. Practical traffic analysis: Extending and resisting statistical disclosure. In PETS, 2005.Search in Google Scholar

[40] P. Mittal, A. Khurshid, J. Juen, M. Caesar, and N. Borisov. Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting. In ACM CCS, 2011.Search in Google Scholar

[41] U. Möller, L. Cottrell, P. Palfrader, and L. Sassaman. Mixmaster protocol (version 2). IETF Internet Draft, July 2003.Search in Google Scholar

[42] S. J. Murdoch and G. Danezis. Low-cost traffic analysis of Tor. In IEEE S&P, 2005.Search in Google Scholar

[43] L. Overlier and P. Syverson. Locating hidden servers. In IEEE S&P, 2006.Search in Google Scholar

[44] A. Pfitzmann and M. Köhntopp. Anonymity, unobservability, and pseudonymity - a proposal for terminology. In PETS, 2001.Search in Google Scholar

[45] Y. Rekhter and T. Li. A border gateway protocol 4 (BGP-4), 1995.Search in Google Scholar

[46] J. Sankey and M. Wright. Dovetail: Stronger anonymity in next-generation internet routing. In PETS, 2014.Search in Google Scholar

[47] R. Sherwood, B. Bhattacharjee, and A. Srinivasan. P5: A protocol for scalable anonymous communication. In IEEE S&P, 2002.Search in Google Scholar

[48] D. I. Wolinsky, H. Corrigan-Gibbs, B. Ford, and A. Johnson. Dissent in numbers: Making strong anonymity scale. In Usenix OSDI, 2012.Search in Google Scholar

[49] X. Yang, D. Clark, and A. W. Berger. NIRA: a new interdomain routing architecture. IEEE/ACM Transactions on Networking, 15(4):775-788, 2007.Search in Google Scholar

[50] X. Zhang, H.-C. Hsiao, G. Hasker, H. Chan, A. Perrig, and D. G. Andersen. SCION: Scalability, control, and isolation on next-generation networks. In IEEE S&P, 2011. Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo