• 290 likes • 479 Views
Privacy-Preserving P2P Data Sharing with OneSwarm. -Piggy. Outline. Overview Related Works Data Sharing with OneSwarm Protocol Design Security Analysis Evaluation. Overview. P2P file sharing is efficient and common Most P2P application allow third parties to monitor users behaviour
E N D
Outline • Overview • Related Works • Data Sharing with OneSwarm • Protocol Design • Security Analysis • Evaluation
Overview • P2P file sharing is efficient and common • Most P2P application allow third parties to monitor users behaviour • Privacy-the protection of information from unauthorized disclosure • Attackers can get some privacy information by observing user behaviourex: using BitTorrent to download security patch
Related Works • BitTorrentA common P2P file sharing protocol with high efficiency but without privacy protection • TorUses onion routing techniques to anonymize request via a set of relay nodes • FreenetUses an anonymous P2P publishing system
Data Sharing with OneSwarm • An exmaple
Data Sharing with OneSwarm • Public distribution • Everyone in the network can download file freely • All data need not be private • Serves as a fully backwards compatible BitTorrent client
Data Sharing with OneSwarm • With permission • Only users with permission can download files • Uses persistent identities to define per-file permission • Allows all permitted users to recognize one another and engage in swarming downlod
Data Sharing with OneSwarm • Without attribution • Depends on obscuring attribution of source and/or destination • Instead of directly advertise data, it uses privacy-preserving keyword search • Data is relayed through unknown number of intermediaries • Apprpriate for sensitive material
Protocol Design • Two major tasks • Defining and maintaining the overlay topology • Locating and transferring data objects • Topology • Define overlay links by exchanging public keys • Peers are either trusted or untrusted
Protocol Design • Transport • The mesh defined by the web of trust among users is ued to locate and transfer data • Inspired by existing P2P swarming systems e.g., BitTorrent • Restrics direct communication to a small number of persistent contacts • Locates distant data source by flooding through the overlay • Data transfers occur over the reverse search path • Obscuring the identities of sender and receiver when sharing data without attribution
Protocol Design • Linking Peers with Trust relationships • 1024 bit RSA public/private key pair, public key serves as its identity (persistent) among its peers • Key exchange • Discover and exchange over local area network • Piggy-back on existing social network e.g., Google Talk • By email invitations
Protocol Design • Managing Groups and Trusted Peers • Private Community Server • Maintains a list of registered users • Provides authorized subscibers with a current set of public keys • Public Community Server • Allows new users to easily obtain a set of untrusted peers
Protocol Design • Identity and Connectivity • Long-term identities are linked to transient IP and port number via DHT • DHT entries are encrypted with public key • ID->{IP, Port} • Various key exchange + DHT => overlay mesh
Protocol Design • Naming and Locating Data • Between connected peers => exchange file list • Naming • 160 bit SHA-1 hash of name and content • Low order 6 bit => file ID in search message • Congestion Aware Search • Tradeoff between overhead and performance • Shortest path • Management of propagation of searches
Protocol Design • Naming and Locating Data • Congestion Aware Search • Search message don’t have time-to-live • Maintaining a set of rotating Bloom filter and forward search message if the forwarder had idle cpacity and hasnot yet forwrded it • Forward to untrusted peer probabilistically • Delay 150ms before forwarding • Terminate with search cancel message
Protocol Design • Naming and Locating Data • Path Setup • Search message matched => search reply (delayed) • Search identifier • Path identifier
Protocol Design • Swarming Data Transfer • Keep alive message refresh path • Tunnels BitTorrent traffic through overlay paths • Dicover new path by periodically flooding search message • Enhance load balance and efficiency
Protocol Design • Incentives • Client maintain tansfer statistics for each peer • Retain tic-for-tac in BitTorrent • Contention => weight decided by ratio of contribution and net consumption • Forwarding is sum to 0
Security Analysis • Goal • Improve privacy by allowing users to control information disclosure • Resistent to the disclosure of user behaviour to an attacker with control over a limited # of overlay nodes
Security Analysis • Attacks and Defenses • Persistent peering relationship limit monitoring power • Heterogeneity of trust relationship foils timing attacks • Lack of source routing limits correlation attacks • Constrained reandomness frustrates statistical attacks • Network dynamics limit value of historical data
Security Analysis • Timming Attacks
Security Analysis • Collusion Attacks
Evaluation • Overlay structure
Evaluation • Multiple-path Transfer
Evaluation • Comparison with existing systems
Evaluation • Overhead
Evaluation • Utilization
Conclusion • Strength • Data collected from real world • Weakness • Not well organized