Node Management without Directory Servers in DHT-based Anonymous Communication Systems using ID-based Encryption

Abstract

Since the problem of disclosing personal information on the Internet continues to increase, many anonymous communication systems have been studied. Such systems usually use directory servers to manage the public keys of participant nodes and such node information as IP address, port number, and NodeID. However, this reduces anonymity because the query messages for the directory servers can give adversaries route information of anonymous communication channels. To solve this problem, applying ID-Based Encryption has been proposed, but in the existing method, directory servers continue to exist. Our novel method, which can grasp assigned NodeIDs without directory servers, can be applied to existing Distributed Hash Table (DHT)-based anonymous communication systems. Our proposal enhances scalability. This paper describes the structure of our proposed system and its application. As Internet proliferation continues, it provides more and more services, some of which need high confidentiality, including medical treatment and psychological counseling. Hence, research is intensely investigating anonymous communication systems to ensure anonymity on the Internet. Anonymous communication must satisfy the following three requirements [11]: a source node cannot be identified, a destination node cannot be identified, and the data flow cannot be traced. These properties are collectively called anonymity, and communication with anonymity is called anonymous communication. Furthermore, communication channels with anonymous communication are called anonymous communication channels. A typical technique to realize anonymous communication is a multistage relaying method that uses such multiple encryptions as Onion Routing [4, 16]. This method sends messages to a destination by multiple relay nodes, and a source multiply encrypts messages using the public keys of relay nodes and the destination to conceal the final destination from all relay nodes. Relay nodes can only get the next-hop node after decrypting the messages. The method requires a source to obtain the public keys and such node information of each relay node as IP address, port number, and NodeID. For that purpose, Cashmere [20], Bifrost [7], and Bluemoon [13] need directory servers to manage the public keys and node information. However, the method compromises anonymity because query messages for directory servers can reveal the routing information of anonymous communication channels to adversaries. This is obvious from research that infers client behavior from name resolution by DNS [5, 18]. To solve the first problem of obtaining public keys, anonymous communication with ID-Based Encryption (IBE) [2] has been proposed [6]. With IBE, communication for obtaining public keys can be omitted. However, sources must choose the NodeIDs, which are IDs for IBE, of all relay nodes before building new anonymous communication channels. But the sources do not know how many nodes have already joined and been assigned NodeIDs. Hence, they cannot choose any NodeIDs for relay nodes. Because Kate et al.’s proposal [6] requires directory servers to distribute assigned NodeIDs, it cannot remove directory servers from anonymous communication systems. Moreover, directory servers become bottlenecked and reduce scalability. We propose a novel method that can grasp the assigned NodeIDs without directory servers and improve scalability. The second problem is how to acquire the node information of the destination. Tor [3] introduces Introduction Points to solve it without directory servers. Introduction Points are nodes that arrange to meet sources and destinations. However, the solution reduces anonymity, because an Introduction Point and a destination share a one-on-one relationship. Therefore, the Introduction Point can learn the related destination. We expand Introduction Point to improve anonymity. International Journal for Information Security Research (IJISR), Volume 2, Issue 2, June 2012 Copyright © 2012, Infonomics Society 154