-
VeraSel: Verifiable Random Selection for Mixnets Construction
Authors:
Xinshu Ma,
Florentin Rochet,
Tariq Elahi
Abstract:
The security and performance of Mixnets depends on the trustworthiness of the Mixnodes in the network. The challenge is to limit the adversary's influence on which Mixnodes operate in the network. A trusted party (such as the Mixnet operator) may ensure this, however, it is a single point of failure in the event of corruption or coercion. Therefore, we study the problem of how to select a subset o…
▽ More
The security and performance of Mixnets depends on the trustworthiness of the Mixnodes in the network. The challenge is to limit the adversary's influence on which Mixnodes operate in the network. A trusted party (such as the Mixnet operator) may ensure this, however, it is a single point of failure in the event of corruption or coercion. Therefore, we study the problem of how to select a subset of Mixnodes in a distributed way for Mixnet construction. We present VeraSel, a scheme that enables Mixnodes to be chosen according to their weights in a distributed, unbiased, and verifiable fashion using Verifiable Random Functions (VRFs). It is shown that VeraSel enables any party to learn and verify which nodes has been selected based on the commitments and proofs generated by each Mixnode with VRF.
△ Less
Submitted 22 January, 2023;
originally announced January 2023.
-
Stop** Silent Sneaks: Defending against Malicious Mixes with Topological Engineering
Authors:
Xinshu Ma,
Florentin Rochet,
Tariq Elahi
Abstract:
Mixnets provide strong meta-data privacy and recent academic research and industrial projects have made strides in making them more secure, performance, and scalable. In this paper, we focus our work on stratified Mixnets -- a popular design with real-world adoption -- and identify that there still exist heretofore inadequately explored practical aspects such as: relay sampling and topology placem…
▽ More
Mixnets provide strong meta-data privacy and recent academic research and industrial projects have made strides in making them more secure, performance, and scalable. In this paper, we focus our work on stratified Mixnets -- a popular design with real-world adoption -- and identify that there still exist heretofore inadequately explored practical aspects such as: relay sampling and topology placement, network churn, and risks due to real-world usage patterns. We show that, due to the lack of incorporating these aspects, Mixnets of this type are far more susceptible to user deanonymization than expected. In order to reason and resolve these issues, we model Mixnets as a three-stage ``Sample-Placement-Forward'' pipeline, and using the results of our evaluation propose a novel Mixnet design, Bow-Tie. Bow-Tie mitigates user deanonymization through a novel adaption of Tor's guard design with an engineered guard layer and client guard-logic for stratified mixnets. We show that Bow-Tie has significantly higher user anonymity in the dynamic setting, where the Mixnet is used over a period of time, and is no worse in the static setting, where the user only sends a single message. We show the necessity of both the guard layer and client guard-logic in tandem as well as their individual effect when incorporated into other reference designs. Ultimately, Bow-Tie is a significant step towards addressing the gap between the design of Mixnets and practical deployment and wider adoption because it directly addresses real-world user and Mixnet operator concerns.
△ Less
Submitted 4 August, 2022; v1 submitted 1 June, 2022;
originally announced June 2022.
-
Towards Flexible Anonymous Networks
Authors:
Florentin Rochet,
Tariq Elahi
Abstract:
Anonymous Communication designs such as Tor build their security upon distributing the trust in many volunteers running relays in many locations globally. In practice, it leads to a heterogeneous network in which many versions of the same Tor software exist, with a different set of protocol features. Because of the heterogeneous aspect of the network, the maintainers employ forward-compatible prot…
▽ More
Anonymous Communication designs such as Tor build their security upon distributing the trust in many volunteers running relays in many locations globally. In practice, it leads to a heterogeneous network in which many versions of the same Tor software exist, with a different set of protocol features. Because of the heterogeneous aspect of the network, the maintainers employ forward-compatible protocol design strategies to maintain network extensibility. These strategies aim to guarantee that different versions of the Tor software interact without unrecoverable errors. In this work, we cast the protocol tolerance enabled with forward-compatible protocol considerations as a fundamental security issue. Despite being beneficial for the developers, we argue that protocol tolerance is the cause of many strong attacks against Tor in the past fifteen years. To address this issue, we propose FAN for Flexible Anonymous Network, a new software architecture for volunteer-based distributed networks that shifts the dependence away from protocol tolerance without losing the ability for the developers to ensure the continuous evolution of their software. We realize an implementation, evaluate the overheads and, experiment with several of FAN's benefits to defend against a severe attack still applicable to Tor today.
△ Less
Submitted 23 March, 2023; v1 submitted 7 March, 2022;
originally announced March 2022.
-
Flexible Anonymous Network
Authors:
Florentin Rochet,
Olivier Bonaventure,
Olivier Pereira
Abstract:
Internet technologies have been designed from guidelines like the robustness principle also known as Postel's law. Jon Postel's law is described as: "Be conservative in what you do, be liberal in what you accept from others." Fundamentally, it advises protocol designs to be tolerant with what they accept from the other peers. We propose to take a step back and wonder how the robustness principle c…
▽ More
Internet technologies have been designed from guidelines like the robustness principle also known as Postel's law. Jon Postel's law is described as: "Be conservative in what you do, be liberal in what you accept from others." Fundamentally, it advises protocol designs to be tolerant with what they accept from the other peers. We propose to take a step back and wonder how the robustness principle could be revisited to support security requirements as well as unifying flexibility from specifications, protocol design and software implementations. Our goal would be to define a software architecture that offers the benefits of the robustness principle (i.e., efficient network services despite the presence of various software versions), while also guaranteeing that this robustness cannot be exploited by making sure that it is only used to support authentic evolution of the protocol specification.
△ Less
Submitted 27 June, 2019;
originally announced June 2019.
-
Waterfiling: Balancing the Tor network with maximum diversity
Authors:
Florentin Rochet,
Olivier Pereira
Abstract:
We present the Waterfilling circuit selection method, which we designed in order to mitigate the risks of a successful end-to-end traffic correlation attack. Waterfilling proceeds by balancing the Tor network load as evenly as possible on endpoints of user paths. We simulate the use of Waterfilling thanks to the TorPS and Shadow tools. Applying several security metrics, we show that the adoption o…
▽ More
We present the Waterfilling circuit selection method, which we designed in order to mitigate the risks of a successful end-to-end traffic correlation attack. Waterfilling proceeds by balancing the Tor network load as evenly as possible on endpoints of user paths. We simulate the use of Waterfilling thanks to the TorPS and Shadow tools. Applying several security metrics, we show that the adoption of Waterfilling considerably increases the number of nodes that an adversary needs to control in order to be able to mount a successful attack, while somewhat decreasing the minimum amount of bandwidth required to do so. Moreover, we evaluate Waterfilling into Shadow and show that it does not impact significantly the performance of the network. Furthermore, Waterfilling reduces the benefits that an attacker could obtain by hacking into a top bandwidth Tor relay, hence limiting the risks raised by such relays.
△ Less
Submitted 30 November, 2016; v1 submitted 14 September, 2016;
originally announced September 2016.