Hashing it out in public: Common failure modes of DHT-based anonymity schemes

Andrew Tran, Nicholas Hopper, Yongdae Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Scopus citations

Abstract

We examine peer-to-peer anonymous communication systems that use Distributed Hash Table algorithms for relay selection. We show that common design flaws in these schemes lead to highly effective attacks against the anonymity provided by the schemes. These attacks stem from attacks on DHT routing, and are not mitigated by the well-known DHT security mechanisms due to a fundamental mismatch between the security requirements of DHT routing's put/get functionality and anonymous routing's relay selection functionality. Our attacks essentially allow an adversary that controls only a small fraction of the relays to function as a global active adversary. We apply these attacks in more detail to two schemes: Salsa and Cashmere. In the case of Salsa, we show that an attacker that controls 10% of the relays in a network of size 10,000 can compromise more than 80% of all completed circuits; and in the case of Cashmere, we show that an attacker that controls 20% of the relays in a network of size 64000 can compromise 42% of the circuits.

Original languageEnglish (US)
Title of host publicationProceedings of the 8th ACM Workshop on Privacy in the Electronic Society, WPES '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
Pages71-80
Number of pages10
DOIs
StatePublished - 2009
Event8th ACM Workshop on Privacy in the Electronic Society, WPES '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09 - Chicago, IL, United States
Duration: Nov 9 2009Nov 13 2009

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other8th ACM Workshop on Privacy in the Electronic Society, WPES '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
CountryUnited States
CityChicago, IL
Period11/9/0911/13/09

Keywords

  • Anonymity
  • Peer-to-peer networks
  • Selective denial of service

Fingerprint Dive into the research topics of 'Hashing it out in public: Common failure modes of DHT-based anonymity schemes'. Together they form a unique fingerprint.

Cite this