Abstract
Lightweight anonymity protocols in the network layer are promising in terms of high throughput and low latency. The realistic and weak assumption of local adversaries deletes the need for hop-by-hop encryption of onion routing, and this contributes to high throughput and low latency. Among them, PHI and its successor dPHI are promising due to the fact that path-setup packets for anonymous paths are forwarded according to IP routing. This feature enables easy deployment of the protocol on the Internet infrastructure. However, PHI and dPHI are vulnerable to adversaries such as malicious ASes who compromise servers for path setup, called helpers, and malicious ASes who leverage topological information and routing policies of the IP network. The paper resolves the vulnerabilities in the two steps. In the first step, we design attacks that leverage the vulnerabilities to break anonymity. In the second step, we extend dPHI to mitigate such attacks by adding a new server called a guard. The extended protocol is called gPHI, and gPHI is resilient against adversaries who perform such attacks. This paper designs gPHI and validates its resilience through formal proof and simulation.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call