Anonymous Networking Amidst Eavesdroppers

The problem of security against packet timing based traffic analysis in wireless networks is considered in this work. An analytical measure of ldquoanonymityrdquo of routes in eavesdropped networks is proposed using the information-theoretic equivocation. For a physical layer with orthogonal transmitter directed signaling, scheduling and relaying techniques are designed to maximize achievable network performance for any desired level of anonymity. The network performance is measured by the total rate of packets delivered from the sources to destinations under strict latency and medium access constraints. In particular, analytical results are presented for two scenarios: For a single relay that forwards packets from users, relaying strategies are provided that minimize the packet drops when the source nodes and the relay generate independent transmission schedules. A relay using such an independent scheduling strategy is undetectable by an eavesdropper and is referred to as a covert relay. Achievable rate regions are characterized under strict and average delay constraints on the traffic, when schedules are independent Poisson processes. For a multihop network with an arbitrary anonymity requirement, the problem of maximizing the sum-rate of flows (network throughput) is considered. A randomized selection strategy to choose covert relays as a function of the routes is designed for this purpose. Using the analytical results for a single covert relay, the strategy is optimized to obtain the maximum achievable throughput as a function of the desired level of anonymity. In particular, the throughput-anonymity relation for the proposed strategy is shown to be equivalent to an information-theoretic rate-distortion function.

[1]  P. Venkitasubramaniam,et al.  Packet Scheduling Against Stepping-Stone Attacks with Chaff , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.

[2]  David R. Cox,et al.  The Theory of Stochastic Processes , 1967, The Mathematical Gazette.

[3]  David L. Neuhoff,et al.  Causal source codes , 1982, IEEE Trans. Inf. Theory.

[4]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[5]  Paul E. McKenney,et al.  Packet recovery in high-speed networks using coding and buffer management , 1990, Proceedings. IEEE INFOCOM '90: Ninth Annual Joint Conference of the IEEE Computer and Communications Societies@m_The Multiple Facets of Integration.

[6]  Lang Tong,et al.  Throughput Anonymity Trade-off in Wireless Networks under Latency Constraints , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[7]  Edward W. Felten,et al.  Timing attacks on Web privacy , 2000, CCS.

[8]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[9]  Axthonv G. Oettinger,et al.  IEEE Transactions on Information Theory , 1998 .

[10]  Bruce Hajek,et al.  Hiding traffic flow in communication networks , 1992, MILCOM 92 Conference Record.

[11]  Lang Tong,et al.  Detection of Information Flows , 2008, IEEE Transactions on Information Theory.

[12]  Luigi Rizzo,et al.  Effective erasure codes for reliable computer communication protocols , 1997, CCRV.

[13]  Birgit Pfitzmann,et al.  ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead , 1991, Kommunikation in Verteilten Systemen.

[14]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[15]  Dogan Kesdogan,et al.  Stop-and-Go-MIXes Providing Probabilistic Anonymity in an Open System , 1998, Information Hiding.

[16]  Dawn Xiaodong Song,et al.  Timing Analysis of Keystrokes and Timing Attacks on SSH , 2001, USENIX Security Symposium.

[17]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[18]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[19]  Madhu Sudan,et al.  Priority encoding transmission , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[20]  Gene Tsudik,et al.  Mixing E-mail with Babel , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[21]  Jean-François Raymond,et al.  Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[22]  Richard E. Blahut,et al.  Computation of channel capacity and rate-distortion functions , 1972, IEEE Trans. Inf. Theory.

[23]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[24]  Lili Qiu,et al.  Statistical identification of encrypted Web browsing traffic , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[25]  Lang Tong,et al.  Anonymous Networking with Minimum Latency in Multihop Networks , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[26]  Riccardo Bettati,et al.  On Flow Correlation Attacks and Countermeasures in Mix Networks , 2004, Privacy Enhancing Technologies.

[27]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[28]  Dawn Xiaodong Song,et al.  Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds , 2004, RAID.

[29]  Nick Mathewson,et al.  Practical Traffic Analysis: Extending and Resisting Statistical Disclosure , 2004, Privacy Enhancing Technologies.

[30]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[31]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.