Abstract
Traditional anonymous networks (e.g., Tor) are vulnerable to traffic analysis attacks that monitor the whole network traffic to determine which users are communicating. To preserve user anonymity against traffic analysis attacks, the emerging mix networks mess up the order of packets through a set of centralized and explicit shuffling nodes. However, this centralized design of mix networks is insecure against targeted DoS attacks that can completely block these shuffling nodes. In this article, we present <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">DAENet</i> , an efficient mix network that resists both targeted DoS attacks and traffic analysis attacks with a new abstraction called <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Stealthy Peer-to-Peer (P2P) Network</i> . The <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">stealthy P2P network</i> effectively hides the shuffling nodes used in a routing path into the whole network, such that adversaries cannot distinguish specific shuffling nodes and conduct targeted DoS attacks to block these nodes. In addition, to handle traffic analysis attacks, we leverage the confidentiality and integrity protection of Intel SGX to ensure trustworthy packet shuffles at each distributed host and use multiple routing paths to prevent adversaries from tracking and revealing user identities. We show that our system is scalable with moderate latency (2.2s) when running in a cluster of 10,000 participants and is robust in the case of machine failures, making it an attractive new design for decentralized anonymous communication. DAENet ’s code is released on <uri xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">https://github.com/hku-systems/DAENet</uri> .
Highlights
T HE Internet allows convenient communications between users, but it leads to great concerns about anonymity since communications can be surveilled by powerful malicious attackers such as network service providers, Internet Service Providers and National Security Agency (NSA)
We present DAENet1, the first anonymous communication system based on Software Guard eXtension (SGX) that can meet the three desirable requirements
Dissent suffers from long-term active intersection attacks [56], it is well-known for its support of low-latency communications compared to other shuffle-based systems (e.g., Riposte, Atom)
Summary
T HE Internet allows convenient communications between users, but it leads to great concerns about anonymity since communications can be surveilled by powerful malicious attackers such as network service providers (e.g., chatting services), Internet Service Providers and National Security Agency (NSA) These adversaries usually determine if two users are talking to each other by analyzing network communication traffics [1], [2], [3]. To hide user identities during network communications, more and more users turn to anonymous communication systems (e.g., Tor [6], Loopix [7]) It is desirable for an anonymous system to meet three requirements: lowlatency, resisting traffic analysis attacks and resisting targeted Denial-of-Service (DoS) attacks. SGX-Tor inherits Tor’s susceptibility to traffic analysis attacks
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
