Abstract
Onion routing is a technique for anonymous and privacy preserving communication at the base of popular Internet anonymity tools such as Tor. In onion routing, traffic is relayed by a number of intermediary nodes (called relays) before it reaches the intended destination. To guarantee privacy and prevent tampering, each packet is encrypted multiple times in a layered manner, using the public keys of the relays. Therefore, this mechanism makes two important assumptions: first, that the relays are able to communicate with each other; second, that the user knows the list of available relays and their respective public keys. Tor implements therefore a distributed directory listing the relays and their keys. When a user is not able to communicate with relays directly, he has to use special bridge servers to connect to the onion network.
This construction, however, does not work in a fully peer to peer setting, where each peer only knows a limited number of other peers and may not be able to communicate with some of them due, for instance, to NAT or firewalls. In this paper we propose a key management scheme for onion routing that overcomes these problems. The proposed solution does not need a directory system and does not imply knowledge of all active relays, while it guarantees the secure distribution of public keys. We also present an alternative strategy for building circuit of relays based on bloom filters. The proposed construction overcomes some of the structural inefficiencies of the Tor design, and opens the way for implementing onion routing over a true peer to peer overlay network.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Balakrishnan, H., Kaashoek, M.F., Karger, D.R., Morris, R., Stoica, I.: Looking up data in p2p systems. Commun. ACM 46(2), 43–48 (2003)
Bennett, K., Grothoff, C., Horozov, T., Patrascu, I.: Efficient sharing of encrypted data. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 107–120. Springer, Heidelberg (2002)
Bennett, K., Grothoff, C., Horozov, T., Patrascu, I., Stef, T.: The GNet whitepaper. Tech. rep., Purdue University (2002)
Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970)
Chung, K.-I., Sohn, K., Yung, M. (eds.): WISA 2008. LNCS, vol. 5379. Springer, Heidelberg (2009)
Clarke, I., Sandberg, O., Wiley, B., Hong, T.W.: Freenet: A distributed anonymous information storage and retrieval system. In: Federrath, H. (ed.) Anonymity 2000. LNCS, vol. 2009, pp. 46–66. Springer, Heidelberg (2001)
Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: The second-generation onion router. In: USENIX Security Symposium, pp. 303–320. USENIX (2004)
Isdal, T., Piatek, M., Krishnamurthy, A., Anderson, T.E.: Privacy-preserving p2p data sharing with oneswarm. In: SIGCOMM, pp. 111–122. ACM (2010)
Landsiedel, O., Pimenidis, L., Wehrle, K., Niedermayer, H., Carle, G.: Dynamic multipath onion routing in anonymous peer-to-peer overlay networks. In: GLOBECOM, pp. 64–69. IEEE (2007)
Lu, K., Qian, Y., Guizani, M., Chen, H.H.: A framework for a distributed key management scheme in heterogeneous wireless sensor networks. IEEE Transactions on Wireless Communications 7(2), 639–647 (2008)
Luo, Z., Li, Z., Cai, B.: A self-organized public-key certificate system in p2p network. Journal of Networks 6(10), 1437–1443 (2011)
McLachlan, J., Tran, A., Hopper, N., Kim, Y.: Scalable onion routing with torsk. In: ACM CCS, pp. 590–599 (2009)
van der Merwe, J., Dawoud, D.S., McDonald, S.: A survey on peer-to-peer key management for mobile ad hoc networks. ACM Comput. Surv. 39(1) (2007)
Michéle, B.: Using Onion Routing in Well-Established P2P Networks to Provide Anonymity. Master’s thesis, Technische Universität Berlin (December 2008)
Mittal, P., Borisov, N.: Shadowwalker: peer-to-peer anonymous communication using redundant structured topologies. In: ACM CCS, pp. 161–172 (2009)
Naranjo, J.A.M., López-Ramos, J.A., Casado, L.G.: Key management schemes for peer-to-peer multimedia streaming overlay networks. In: Markowitch, O., Bilas, A., Hoepman, J.-H., Mitchell, C.J., Quisquater, J.-J. (eds.) WISTP 2009. LNCS, vol. 5746, pp. 128–142. Springer, Heidelberg (2009)
Qiu, F., Lin, C., Yin, H.: EKM: An efficient key management scheme for large-scale peer-to-peer media streaming. In: Zhuang, Y., Yang, S.-Q., Rui, Y., He, Q. (eds.) PCM 2006. LNCS, vol. 4261, pp. 395–404. Springer, Heidelberg (2006)
Saboori, E., Mohammadi, S.: Anonymous communication in peer-to-peer networks for providing more privacy and security. CoRR abs/1208.3192 (2012)
Sheehan, K.: Toward a typology of internet users and online privacy concerns. Inf. Soc. 18(1), 21–32 (2002)
Syverson, P.F., Goldschlag, D.M., Reed, M.G.: Anonymous connections and onion routing. In: IEEE Symposium on Security and Privacy, pp. 44–54. IEEE (1997)
Wang, Q., Mittal, P., Borisov, N.: In search of an anonymous and secure lookup: attacks on structured peer-to-peer anonymous communication systems. In: ACM CCS, pp. 308–318. ACM (2010)
Wen, Z., Zhang Niu, S., Cheng Zou, J.: A Key Management Mechanism for DHT Networks. In: IIH-MSP, pp. 339–342. IEEE (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Palmieri, P., Pouwelse, J. (2014). Key Management for Onion Routing in a True Peer to Peer Setting. In: Yoshida, M., Mouri, K. (eds) Advances in Information and Computer Security. IWSEC 2014. Lecture Notes in Computer Science, vol 8639. Springer, Cham. https://doi.org/10.1007/978-3-319-09843-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-09843-2_5
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-09842-5
Online ISBN: 978-3-319-09843-2
eBook Packages: Computer ScienceComputer Science (R0)