PriFi: Low-Latency Anonymity for Organizational Networks

Ludovic Barman 1 , Italo Dacosta 2 , Mahdi Zamani 3 , Ennan Zhai 4 , Apostolos Pyrgelis 5 , Bryan Ford 6 , Joan Feigenbaum 7 ,  and Jean-Pierre Hubaux 8
  • 1 EPFL,
  • 2 , UBS
  • 3 Visa Research,
  • 4 , Alibaba Group
  • 5 EPFL,
  • 6 EPFL,
  • 7 Yale University,
  • 8 EPFL,

Abstract

Organizational networks are vulnerable to trafficanalysis attacks that enable adversaries to infer sensitive information fromnetwork traffic—even if encryption is used. Typical anonymous communication networks are tailored to the Internet and are poorly suited for organizational networks.We present PriFi, an anonymous communication protocol for LANs, which protects users against eavesdroppers and provides high-performance traffic-analysis resistance. PriFi builds onDining Cryptographers networks (DC-nets), but reduces the high communication latency of prior designs via a new client/relay/server architecture, in which a client’s packets remain on their usual network path without additional hops, and in which a set of remote servers assist the anonymization process without adding latency. PriFi also solves the challenge of equivocation attacks, which are not addressed by related work, by encrypting traffic based on communication history. Our evaluation shows that PriFi introduces modest latency overhead (≈ 100ms for 100 clients) and is compatible with delay-sensitive applications such as Voice-over-IP.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] S. Angel and S. Setty. Unobservable communication over fully untrusted infrastructure. In 12th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 16), pages 551–569, 2016.

  • [2] L. Barman, M. Zamani, I. Dacosta, J. Feigenbaum, B. Ford, J.- P. Hubaux, and D. Wolinsky. PriFi: A low-latency and trackingresistant protocol for local-area anonymous communication. In Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society, pages 181–184. ACM, 2016.

  • [3] L. Barman, I. Dacosta, M. Zamani, E. Zhai, B. Ford, J.-P. Hubaux, and J. Feigenbaum. PriFi: Low-latency metadata protection for organizational network (extended version). https://arxiv.org/abs/1710.10237, 2020.

  • [4] M. Blum, P. Feldman, and S. Micali. Non-interactive zero-knowledge and its applications. In Proceedings of the twentieth annual ACM symposium on Theory of computing, pages 103–112. ACM, 1988.

  • [5] D. Boneh. The decision diffie-hellman problem. In International Algorithmic Number Theory Symposium, pages 48–63. Springer, 1998.

  • [6] D. Boneh, D. Mazieres, and R. A. Popa. Remote oblivious storage: Making oblivious RAM practical, 2011. Technical Report, 2011.

  • [7] J. Brooks et al. Ricochet: Anonymous instant messaging for real privacy, 2016. https://ricochet.im.

  • [8] X. Cai, X. C. Zhang, B. Joshi, and R. Johnson. Touching from a distance: Website fingerprinting attacks and defenses. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 605–616. ACM, 2012.

  • [9] Y.-C. Chang, K.-T. Chen, C.-C. Wu, and C.-L. Lei. Inferring speech activity from encrypted skype traffic. In Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE, pages 1–5. IEEE, 2008.

  • [10] D. Chaum. The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of cryptology, 1(1): 65–75, 1988.

  • [11] C. Chen, D. E. Asoni, D. Barrera, G. Danezis, and A. Perrig. Hornet: high-speed onion routing at the network layer. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 1441–1454. ACM, 2015.

  • [12] C. Chen, D. E. Asoni, A. Perrig, D. Barrera, G. Danezis, and C. Troncoso. Taranet: Traffic-analysis resistant anonymity at the network layer. In 2018 IEEE European Symposium on Security and Privacy (EuroS&P), pages 137–152. IEEE, 2018.

  • [13] B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan. Private information retrieval. In Proceedings of IEEE 36th Annual Foundations of Computer Science, pages 41–50. IEEE, 1995.

  • [14] H. Corrigan-Gibbs and B. Ford. Dissent: accountable anonymous group messaging. In CCS, pages 340–350, 2010.

  • [15] H. Corrigan-Gibbs, D. I. Wolinsky, and B. Ford. Proactively accountable anonymous messaging in Verdict. In USENIX Security, 2013.

  • [16] H. Corrigan-Gibbs, D. Boneh, and D. Mazieres. Riposte: An anonymous messaging system handling millions of users. In IEEE Security and Privacy, 2015.

  • [17] CRAWDAD. A community resource for archiving wireless data at dartmouth. http://crawdad.org/, 2016.

  • [18] G. Danezis and A. Serjantov. Statistical disclosure or intersection attacks on anonymity systems. In International Workshop on Information Hiding, pages 293–308. Springer, 2004.

  • [19] G. Danezis, R. Dingledine, and N. Mathewson. Mixminion: Design of a type iii anonymous remailer protocol. In 2003 Symposium on Security and Privacy, 2003., pages 2–15. IEEE, 2003.

  • [20] D. Das, S. Meiser, E. Mohammadi, and A. Kate. Anonymity trilemma: Strong anonymity, low bandwidth overhead, low latency-choose two. In 2018 IEEE Symposium on Security and Privacy (SP), pages 108–126. IEEE, 2018.

  • [21] E. Debuf. Tools to do the job: The ICRC’s legal status, privileges and immunities. https://www.icrc.org/en/international-review/article/tools-do-job-icrcs-legal-status-privileges-and-immunities, 2016.

  • [22] DEDIS. Kyber. https://github.com/dedis/kyber/, 2020.

  • [23] U. S. Department. Privileges and immunities, 2018. URL https://www.state.gov/ofm/accreditation/privilegesandimmunities/index.htm.

  • [24] L. C. C. Desmond, C. C. Yuan, T. C. Pheng, and R. S. Lee. Identifying unique devices through wireless fingerprinting. In Proceedings of the first ACM conference on Wireless network security, pages 46–55. ACM, 2008.

  • [25] DeterLab. Deterlab: Cyber-defense technology experimental research laboratory. https://www.isi.deterlab.net, 2016.

  • [26] R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. Technical report, Naval Research Lab Washington DC, 2004.

  • [27] R. Dubin, A. Dvir, O. Pele, and O. Hadar. I know what you saw last minute—encrypted http adaptive video streaming title classification. IEEE Transactions on Information Forensics and Security, 12(12):3039–3049, 2017.

  • [28] C. Dwork, A. Roth, et al. The algorithmic foundations of differential privacy. Foundations and Trends® in Theoretical Computer Science, 9(3–4):211–407, 2014.

  • [29] K. P. Dyer, S. E. Coull, T. Ristenpart, and T. Shrimpton. Peek-a-boo, i still see you: Why efficient traffic analysis countermeasures fail. In Security and Privacy (SP), 2012 IEEE Symposium on, pages 332–346. IEEE, 2012.

  • [30] J. Franklin, D. McCoy, P. Tabriz, V. Neagoe, J. V. Randwyk, and D. Sicker. Passive data link layer 802.11 wireless device driver fingerprinting. In USENIX Security Symposium, volume 3, pages 16–89, 2006.

  • [31] M. J. Freedman and R. Morris. Tarzan: A peer-to-peer anonymizing network layer. In Proceedings of the 9th ACM conference on Computer and communications security, pages 193–206. ACM, 2002.

  • [32] P. García, J. van de Graaf, A. Hevia, and A. Viola. Beating the birthday paradox in dining cryptographer networks. In International Conference on Cryptology and Information Security in Latin America, pages 179–198. Springer, 2014.

  • [33] P. Garcia, J. Van de Graaf, G. Montejano, D. Riesco, N. Debnath, and S. Bast. Storage optimization for non interactive dining cryptographers (nidc). In Information Technology-New Generations (ITNG), 2015 12th International Conference on, pages 55–60. IEEE, 2015.

  • [34] S. Goel, M. Robson, M. Polte, and E. Sirer. Herbivore: A scalable and efficient protocol for anonymous communication. Technical Report TR2003-1890, Cornell University, 2003.

  • [35] P. Golle and A. Juels. Dining cryptographers revisited. In Eurocrypt, 2004.

  • [36] X. Gong, N. Kiyavash, and N. Borisov. Fingerprinting websites using remote traffic analysis. In Proceedings of the 17th ACM conference on Computer and communications security, pages 684–686. ACM, 2010.

  • [37] J. Hall, M. Barbeau, and E. Kranakis. Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. In Communications, internet, and information technology, pages 201–206, 2004.

  • [38] H.-C. Hsiao, T. H.-J. Kim, A. Perrig, A. Yamada, S. C. Nelson, M. Gruteser, and W. Meng. Lap: Lightweight anonymity and privacy. In 2012 IEEE Symposium on Security and Privacy, pages 506–520. IEEE, 2012.

  • [39] J. Korhonen and Y. Wang. Effect of packet size on loss rate and delay in wireless links. In IEEE Wireless Communications and Networking Conference, 2005, volume 3, pages 1608–1613. IEEE, 2005.

  • [40] A. Krasnova, M. Neikes, and P. Schwabe. Footprint scheduling for dining-cryptographer networks. In International Conference on Financial Cryptography and Data Security, pages 385–402. Springer, 2016.

  • [41] A. Kwon, D. Lazar, S. Devadas, and B. Ford. Riffle: An efficient communication system with strong anonymity. In PETS, 2016.

  • [42] A. Kwon, H. Corrigan-Gibbs, S. Devadas, and B. Ford. Atom: Horizontally scaling strong anonymity. In Proceedings of the 26th Symposium on Operating Systems Principles, pages 406–422. ACM, 2017.

  • [43] A. Kwon, D. Lu, and S. Devadas. {XRD}: Scalable messaging system with cryptographic privacy. In 17th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 20), pages 759–776, 2020.

  • [44] L. Lamport et al. Paxos made simple. ACM Sigact News, 32 (4):18–25, 2001.

  • [45] A. Langley. Pond, 2016. https://github.com/agl/pond.

  • [46] D. Lazar and N. Zeldovich. Alpenhorn: Bootstrapping secure communication without leaking metadata. In 12th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 16), pages 571–586, 2016.

  • [47] D. Lazar, Y. Gilad, and N. Zeldovich. Karaoke: Distributed private messaging immune to passive traffic analysis. In 13th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 18), pages 711–725, 2018.

  • [48] D. Lazar, Y. Gilad, and N. Zeldovich. Yodel: strong metadata security for voice calls. In Proceedings of the 27th ACM Symposium on Operating Systems Principles, pages 211–224, 2019.

  • [49] S. Le Blond, D. Choffnes, W. Zhou, P. Druschel, H. Ballani, and P. Francis. Towards efficient traffic-analysis resistant anonymity networks. ACM SIGCOMM Computer Communication Review, 43(4):303–314, 2013.

  • [50] S. Le Blond, D. Choffnes, W. Caldwell, P. Druschel, and N. Merritt. Herd: A scalable, traffic analysis resistant anonymity network for voip systems. ACM SIGCOMM Computer Communication Review, 45(4):639–652, 2015.

  • [51] S. Le Blond, A. Cuevas, J. R. Troncoso-Pastoriza, P. Jovanovic, B. Ford, and J.-P. Hubaux. On enforcing the digital immunity of a large humanitarian organization. In 2018 IEEE Symposium on Security and Privacy (SP), pages 424–440. IEEE, 2018.

  • [52] N. Mathewson and R. Dingledine. Practical traffic analysis: Extending and resisting statistical disclosure. In International Workshop on Privacy Enhancing Technologies, pages 17–34. Springer, 2004.

  • [53] R. Meier, D. Gugelmann, and L. Vanbever. itap: In-network traffic analysis prevention using software-defined networks. In Proceedings of the Symposium on SDN Research, pages 102–114, 2017.

  • [54] C. A. Neff. Verifiable mixing (shuffling) of ElGamal pairs. VHTi Technical Document, VoteHere, Inc., 2003.

  • [55] L. Nguyen and R. Safavi-naini. Breaking and mending resilient mix-nets. In PETS, pages 66–80, 2003.

  • [56] A. Panchenko, L. Niessen, A. Zinnen, and T. Engel. Website fingerprinting in onion routing based anonymization networks. In Proceedings of the 10th annual ACM workshop on Privacy in the electronic society, pages 103–114. ACM, 2011.

  • [57] T. Peng, C. Leckie, and K. Ramamohanarao. Protection from distributed denial of service attacks using history-based ip filtering. In IEEE International Conference on Communications, 2003. ICC’03., volume 1, pages 482–486. IEEE, 2003.

  • [58] B. Pfitzmann. Breaking an efficient anonymous channel. In Advances in Cryptology-Eurocrypt 1995, 1995.

  • [59] C. Phillips and S. Singh. CRAWDAD dataset pdx/vwave (v. 2007-09-14). Downloaded from http://crawdad.org/pdx/vwave/20070914/wlan_pcap, Sept. 2007. traceset: wlan_pcap.

  • [60] A. M. Piotrowska, J. Hayes, T. Elahi, S. Meiser, and G. Danezis. The loopix anonymity system. In 26th {USENIX} Security Symposium ({USENIX} Security 17), pages 1199–1216, 2017.

  • [61] M. A. Poletto and A. E. Dudfield. Architecture to thwart denial of service attacks, Feb. 2 2010. US Patent 7,657,934.

  • [62] PriFi. PriFi - Github. https://www.github.com/dedis/prifi, 2020.

  • [63] PriFi. PriFi Logs - Github. https://github.com/lbarman/prifiexperiments, 2020.

  • [64] M. K. Reiter and A. D. Rubin. Crowds: Anonymity for web transactions. ACM transactions on information and system security (TISSEC), 1(1):66–92, 1998.

  • [65] P. Rogaway. Nonce-based symmetric encryption. In International Workshop on Fast Software Encryption, pages 348–358, 2004.

  • [66] T. Ruffing, P. Moreno-Sanchez, and A. Kate. P2p mixing and unlinkable bitcoin transactions. In NDSS, 2017.

  • [67] J. Sankey and M. Wright. Dovetail: Stronger anonymity in next-generation internet routing. In International Symposium on Privacy Enhancing Technologies Symposium, pages 283–303. Springer, 2014.

  • [68] R. Schuster, V. Shmatikov, and E. Tromer. Beauty and the burst: Remote identification of encrypted video streams. In 26th {USENIX} Security Symposium ({USENIX} Security 17), pages 1357–1374, 2017.

  • [69] S. Sengupta, H. Gupta, N. Ganguly, B. Mitra, P. De, and S. Chakraborty. CRAWDAD dataset iitkgp/apptraffic (v. 2015-11-26). Downloaded from http://crawdad.org/iitkgp/apptraffic/20151126/apptraffictraces, Nov. 2015. traceset: apptraffictraces.

  • [70] D. Shah et al. Gossip algorithms. Foundations and Trends® in Networking, 3(1):1–125, 2009.

  • [71] R. K. Sheshadri and D. Koutsonikolas. On packet loss rates in modern 802.11 networks. In IEEE INFOCOM 2017-IEEE Conference on Computer Communications, pages 1–9. IEEE, 2017.

  • [72] R. Skowyra, K. Bauer, V. Dedhia, and H. Okhravi. Have no phear: Networks without identifiers. In Proceedings of the 2016 ACM Workshop on Moving Target Defense, pages 3–14, 2016.

  • [73] E. Syta, B. Peterson, D. I. Wolinsky, M. Fischer, and B. Ford. Deniable anonymous group authentication. Technical Report YALEU/DCS/TR-1486, Department of Computer Science, Yale University, 2014. Available at http://cpsc.yale.edu/sites/default/files/files/TR1486.pdf.

  • [74] M. Tibouchi. Elligator squared: Uniform points on elliptic curves of prime order as uniform random strings. In International Conference on Financial Cryptography and Data Security, pages 139–156. Springer, 2014.

  • [75] N. Tyagi, Y. Gilad, D. Leung, M. Zaharia, and N. Zeldovich. Stadium: A distributed metadata-private messaging system. In Proceedings of the 26th Symposium on Operating Systems Principles, pages 423–440, 2017.

  • [76] I. T. Union. ITU-T G.114 - Amendment 2: New Appendix III – Delay variation on unshared access lines, 2009. URL https://www.itu.int/rec/T-REC-G.114-200911-I!Amd2/en.

  • [77] J. Van Den Hooff, D. Lazar, M. Zaharia, and N. Zeldovich. Vuvuzela: Scalable private messaging resistant to traffic analysis. In Proceedings of the 25th Symposium on Operating Systems Principles, pages 137–152. ACM, 2015.

  • [78] VoIP-Info. VOIP QoS requirements. https://www.voipinfo.org/wiki/view/QoS, 2017.

  • [79] T. Wang and I. Goldberg. Improved website fingerprinting on tor. In Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society, pages 201–212. ACM, 2013.

  • [80] T. Wang, X. Cai, R. Nithyanand, R. Johnson, and I. Goldberg. Effective attacks and provable defenses for website fingerprinting. In USENIX Security Symposium, pages 143–157, 2014.

  • [81] A. M. White, A. R. Matthews, K. Z. Snow, and F. Monrose. Phonotactic reconstruction of encrypted voip conversations: Hookt on fon-iks. In 2011 IEEE Symposium on Security and Privacy, pages 3–18. IEEE, 2011.

  • [82] P. Winter, T. Pulls, and J. Fuss. Scramblesuit: A polymorphic network protocol to circumvent censorship. In Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society, pages 213–224. ACM, 2013.

  • [83] D. I. Wolinsky, H. Corrigan-Gibbs, B. Ford, and A. Johnson. Dissent in numbers: Making strong anonymity scale. In OSDI, 2012.

  • [84] D. I. Wolinsky, H. Corrigan-Gibbs, B. Ford, and A. Johnson. Scalable anonymous group communication in the anytrust model. In EuroSec, 2012.

  • [85] D. I. Wolinsky, E. Syta, and B. Ford. Hang with your buddies to resist intersection attacks. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 1153–1166. ACM, 2013.

  • [86] C. V. Wright, S. E. Coull, and F. Monrose. Traffic morphing: An efficient defense against statistical traffic analysis. In NDSS, volume 9. Citeseer, 2009.

  • [87] Q. Xu, R. Zheng, W. Saad, and Z. Han. Device fingerprinting in wireless networks: Challenges and opportunities. IEEE Communications Surveys & Tutorials, 18(1):94–104, 2016.

  • [88] T. Zhu, D. Feng, Y. Hua, F. Wang, Q. Shi, and J. Liu. Mic: An efficient anonymous communication system in data center networks. In 2016 45th International Conference on Parallel Processing (ICPP), pages 11–20. IEEE, 2016.

OPEN ACCESS

Journal + Issues

Search