170 likes | 275 Views
Resilient P2P Anonymous Routing by Using Redundancy. Yingwu Zhu. Outline. Introduction Motivation Design Evaluation Conclusion and Future Work. Introduction. Two main groups of anonymity protocols in the literature Multicast-based (through multicast groups)
E N D
Resilient P2P Anonymous Routing by Using Redundancy Yingwu Zhu
Outline • Introduction • Motivation • Design • Evaluation • Conclusion and Future Work
Introduction • Two main groups of anonymity protocols in the literature • Multicast-based (through multicast groups) • Mix-based (through a set of relay nodes)
Why P2P anonymous routing? • A potentially large anonymity set • Sidesteps political background and local jurisdiction issues • Good scalability • Communication patterns and heterogeneity of peer node’s location render P2P networks an appealing environment for hiding anonymous traffics
Motivation of this work • Churn is a hurdle to P2P anonymous routing • Complicates anonymous path construction in mix-based protocols, usually involving expensive asymmetric encryption/decryption • Makes anonymous paths fragile and short-lived, resulting in message loss and communication failures
Naïve design • Use broadcasting/multicasting • But, it incurs costly bandwidth consumption due to • Massive messages • Cover traffics
Our approach • Simple yet powerful idea: routing resilience can be achieved by redundancy • Message redundancy using erasure coding • Path redundancy • Using Onion Routing scheme • Goals: strike a balance between resilience and bandwidth cost while preserving sender anonymity
Our design (SimEra) • A sender needs to anonymously send a message M to a responder • Use erasure coding to spit M into n segments, each of length |M|/m • Evenly distribute n segments over k paths, each of which consists of L relay nodes • The responder reconstructs M upon receiving m segments • Thus, tolerate up to k(1 - (1/r)) path failures, where r = n/m
Message segment allocation in SimEra • Provide 3 observations • A guideline for choosing k and replication factor r in erasure coding upon different node availabilities in order to maximize routing resilience
Evaluation • P2PSim 3.0 developed by MIT • Node membership management by OneHop, a hierarchical gossip protocol • Compare SimEra and CurMix (current mix-based protocols) • Measure path construction success rate and routing resilience under churn
Validation of 3 observations in SimEra Different ks have different impact on SimEra (success of routing) under different node availabilities of 0.70, 0.86, and 0.95
Performance comparisons • Node churn follows a Pareto distribution • Message size is 1KB • SimEra improves both path construction and routing resilience, at the cost of • moderate bandwidth overhead
Performance of SimEra under different churn rates • Lower (median) node lifetimes mean higher churn, modeled as a Pareto distribution • K=4, r=4
Performance of SimEra under different node churn distributions • k=4, r=4
Conclusion • P2P anonymous routing resilience can be achieved by message redundancy based on erasure coding and path redundancy • Strike a balance between resilience and bandwidth cost by choosing different ks and rs
Future work • Explore weighted message segment allocations over k paths • Choose stable nodes as mix in each single path, prolonging single path durability • Compare with existing work such as TAP and Cashmere
Q&A • ?