1,160 research outputs found

    Octopus: A Secure and Anonymous DHT Lookup

    Full text link
    Distributed Hash Table (DHT) lookup is a core technique in structured peer-to-peer (P2P) networks. Its decentralized nature introduces security and privacy vulnerabilities for applications built on top of them; we thus set out to design a lookup mechanism achieving both security and anonymity, heretofore an open problem. We present Octopus, a novel DHT lookup which provides strong guarantees for both security and anonymity. Octopus uses attacker identification mechanisms to discover and remove malicious nodes, severely limiting an adversary's ability to carry out active attacks, and splits lookup queries over separate anonymous paths and introduces dummy queries to achieve high levels of anonymity. We analyze the security of Octopus by developing an event-based simulator to show that the attacker discovery mechanisms can rapidly identify malicious nodes with low error rate. We calculate the anonymity of Octopus using probabilistic modeling and show that Octopus can achieve near-optimal anonymity. We evaluate Octopus's efficiency on Planetlab with 207 nodes and show that Octopus has reasonable lookup latency and manageable communication overhead

    A Flexible Network Approach to Privacy of Blockchain Transactions

    Full text link
    For preserving privacy, blockchains can be equipped with dedicated mechanisms to anonymize participants. However, these mechanism often take only the abstraction layer of blockchains into account whereas observations of the underlying network traffic can reveal the originator of a transaction request. Previous solutions either provide topological privacy that can be broken by attackers controlling a large number of nodes, or offer strong and cryptographic privacy but are inefficient up to practical unusability. Further, there is no flexible way to trade privacy against efficiency to adjust to practical needs. We propose a novel approach that combines existing mechanisms to have quantifiable and adjustable cryptographic privacy which is further improved by augmented statistical measures that prevent frequent attacks with lower resources. This approach achieves flexibility for privacy and efficency requirements of different blockchain use cases.Comment: 6 pages, 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS

    Mixcoin Anonymity for Bitcoin with accountable mixes (Full version)

    Get PDF
    Abstract. We propose Mixcoin, a protocol to facilitate anonymous payments in Bitcoin and similar cryptocurrencies. We build on the emergent phenomenon of currency mixes, adding an accountability mechanism to expose theft. We demonstrate that incentives of mixes and clients can be aligned to ensure that rational mixes will not steal. Our scheme is efficient and fully compatible with Bitcoin. Against a passive attacker, our scheme provides an anonymity set of all other users mixing coins contemporaneously. This is an interesting new property with no clear analog in better-studied communication mixes. Against active attackers our scheme offers similar anonymity to traditional communication mixes.

    Quisquis: A new design for anonymous cryptocurrencies

    Get PDF
    Despite their usage of pseudonyms rather than persistent identifiers, most existing cryptocurrencies do not provide users with any meaningful levels of privacy. This has prompted the creation of privacy-enhanced cryptocurrencies such as Monero and Zcash, which are specifically designed to counteract the tracking analysis possible in currencies like Bitcoin. These cryptocurrencies, however, also suffer from some drawbacks: in both Monero and Zcash, the set of potential unspent coins is always growing, which means users cannot store a concise representation of the blockchain. Additionally, Zcash requires a common reference string and the fact that addresses are reused multiple times in Monero has led to attacks to its anonymity. In this paper we propose a new design for anonymous cryptocurrencies, Quisquis, that achieves provably secure notions of anonymity. Quisquis stores a relatively small amount of data, does not require trusted setup, and in Quisquis each address appears on the blockchain at most twice: once when it is generated as output of a transaction, and once when it is spent as input to a transaction. Our result is achieved by combining a DDH-based tool (that we call updatable keys) with efficient zero-knowledge arguments

    Privacy preservation using spherical chord

    Get PDF
    Structured overlay networks are primarily used in data storage and data lookup, but they are vulnerable against many kinds of attacks. Within the realm of security, overlay networks have demonstrated applicability in providing privacy, availability, integrity, along with scalability. The thesis first analyses the Chord and the SALSA protocols which are organized in structured overlays to provide data with a certain degree of privacy, and then defines a new protocol called Spherical Chord which provides data lookup with privacy, while also being scalable, and addresses critical existing weaknesses in Chord and SALSA protocols. Spherical Chord is a variant of the Chord, and utilizes the concept of distributed hash table (DHT). Chord sends packets uni-directionally over a virtual id space in the overlay. While this feature provides lower latencies, it can be used by attackers to misroute and drop packets. Spherical Chord protocol introduces additional connections in the structured overlay and increases the path length and the number of paths for sending messages, hence making it more resilient to routing attacks. A new protocol focusing for constructing the Spherical Chord, followed by a new lookup protocol is defined in this thesis. The protocols are analyzed and it is demonstrated using both theoretical analysis and simulations that improved path availability helps in maintaining privacy, while also limiting the impact of routing attacks. --Abstract, page iii

    Privacy-preserving Cooperative Services for Smart Traffic

    Get PDF
    Communication technology and the increasing intelligence of things enable new qualities of cooperation. However, it is often unclear how complex functionality can be realized in a reliable and abuse-resistant manner without harming users\u27 privacy in the face of strong adversaries. This thesis focuses on three functional building blocks that are especially challenging in this respect: cooperative planning, geographic addressing and the decentralized provision of pseudonymous identifiers

    Efficient Data Collection in IoT Networks using Trajectory Encoded with Geometric Shapes

    Get PDF
    The mobile edge computing (MEC) paradigm changes the role of edge devices from data producers and requesters to data consumers and processors. MEC mitigates the bandwidth limitation between the edge server and the remote cloud by directly processing the large amount of data locally generated by the network of the internet of things (IoT) at the edge. An efficient data-gathering scheme is crucial for providing quality of service (QoS) within MEC. To reduce redundant data transmission, this paper proposes a data collection scheme that only gathers the necessary data from IoT devices (like wireless sensors) along a trajectory. Instead of using and transmitting location information (which may leak the location anonymity), a virtual coordinate system called \u27distance vector of hops to anchors\u27 (DV-Hop) is used. The proposed trajectory encoding algorithm uses ellipse and hyperbola constraints to encode the position of interest (POI) and the trajectory route to the POI. Sensors make routing decisions only based on the geometric constraints and the DV-Hop information, both of which are stored in their memory. Also, the proposed scheme can work in heterogeneous networks (with different radio ranges) where each sensor can calculate the average one-hop distance within the POI dynamically. The proposed DV-Hop updating algorithm enables the users to collect data in an IoT network with mobile nodes. The experiments show that in heterogeneous IoT networks, the proposed data collection scheme outperforms two other state-of-the-art topology-based routing protocols, called ring routing, and nested ring. The results also show that the proposed scheme has better latency, reliability, coverage, energy usage, and provide location privacy compared to state-of-the-art schemes

    Overlay networks for smart grids

    Get PDF

    Scalable and Robust Distributed Algorithms for Privacy-Preserving Applications

    Get PDF
    We live in an era when political and commercial entities are increasingly engaging in sophisticated cyber attacks to damage, disrupt, or censor information content and to conduct mass surveillance. By compiling various patterns from user data over time, untrusted parties could create an intimate picture of sensitive personal information such as political and religious beliefs, health status, and so forth. In this dissertation, we study scalable and robust distributed algorithms that guarantee user privacy when communicating with other parties to either solely exchange information or participate in multi-party computations. We consider scalability and robustness requirements in three privacy-preserving areas: secure multi-party computation (MPC), anonymous broadcast, and blocking-resistant Tor bridge distribution. We propose decentralized algorithms for MPC that, unlike most previous work, scale well with the number of parties and tolerate malicious faults from a large fraction of the parties. Our algorithms do not require any trusted party and are fully load-balanced. Anonymity is an essential tool for achieving privacy; it enables individuals to communicate with each other without being identified as the sender or the receiver of the information being exchanged. We show that our MPC algorithms can be effectively used to design a scalable anonymous broadcast protocol. We do this by developing a multi-party shuffling protocol that can efficiently anonymize a sequence of messages in the presence of many faulty nodes. Our final approach for preserving user privacy in cyberspace is to improve Tor; the most popular anonymity network in the Internet. A current challenge with Tor is that colluding corrupt users inside a censorship territory can completely block user\u27s access to Tor by obtaining information about a large fraction of Tor bridges; a type of relay nodes used as the Tor\u27s primary mechanism for blocking-resistance. We describe a randomized bridge distribution algorithm, where all honest users are guaranteed to connect to Tor in the presence of an adversary corrupting an unknown number of users. Our simulations suggest that, with minimal resource costs, our algorithm can guarantee Tor access for all honest users after a small (logarithmic) number of rounds

    Data and resource management in wireless networks via data compression, GPS-free dissemination, and learning

    Get PDF
    “This research proposes several innovative approaches to collect data efficiently from large scale WSNs. First, a Z-compression algorithm has been proposed which exploits the temporal locality of the multi-dimensional sensing data and adapts the Z-order encoding algorithm to map multi-dimensional data to a one-dimensional data stream. The extended version of Z-compression adapts itself to working in low power WSNs running under low power listening (LPL) mode, and comprehensively analyzes its performance compressing both real-world and synthetic datasets. Second, it proposed an efficient geospatial based data collection scheme for IoTs that reduces redundant rebroadcast of up to 95% by only collecting the data of interest. As most of the low-cost wireless sensors won’t be equipped with a GPS module, the virtual coordinates are used to estimate the locations. The proposed work utilizes the anchor-based virtual coordinate system and DV-Hop (Distance vector of hops to anchors) to estimate the relative location of nodes to anchors. Also, it uses circle and hyperbola constraints to encode the position of interest (POI) and any user-defined trajectory into a data request message which allows only the sensors in the POI and routing trajectory to collect and route. It also provides location anonymity by avoiding using and transmitting GPS location information. This has been extended also for heterogeneous WSNs and refined the encoding algorithm by replacing the circle constraints with the ellipse constraints. Last, it proposes a framework that predicts the trajectory of the moving object using a Sequence-to-Sequence learning (Seq2Seq) model and only wakes-up the sensors that fall within the predicted trajectory of the moving object with a specially designed control packet. It reduces the computation time of encoding geospatial trajectory by more than 90% and preserves the location anonymity for the local edge servers”--Abstract, page iv
    • …
    corecore