44,673 research outputs found
Scalable and Anonymous Group Communication
Today\u27s Internet is not designed to protect the privacy of its users against network surveillance, and source and destination of any communication is easily exposed to third party observer. Tor, a volunteer-operated anonymity network, offers low-latency practical performance for unicast anonymous communication without central point of trust. However, Tor is known to be slow and it can not support group communication with scalable performance. Despite the extensive public interest in anonymous group communication, there is no system that provides anonymous group communication without central point of trust.
This dissertation presents MTor, a low-latency anonymous group communication system. We construct MTor as an extension to Tor, allowing the construction of multi-source multicast trees on top of the existing Tor infrastructure. MTor does not depend on an external service (e.g., an IRC server or Google Hangouts) to broker the group communication, and avoids central points of failure and trust. MTor\u27s substantial bandwidth savings and graceful scalability enable new classes of anonymous applications that are currently too bandwidth-intensive to be viable through traditional unicast Tor communication---e.g., group file transfer, collaborative editing, streaming video, and real-time audio conferencing.
We detail the design of MTor and then analyze its performance and anonymity. By simulating MTor in Shadow and TorPS using realistic models of the live Tor network\u27s topology and recent consensus records from the live Tor network, we show that MTor achieves 29% savings in network bandwidth and 73% reduction in transmission time as compared to the baseline approach for anonymous group communication among 20 group members. We also demonstrate that MTor scales gracefully with the number of group participants, and allows dynamic group composition over time. Importantly, as more Tor users switch to group communication, we show that the overall performance and bandwidth utilization for group communication improves. Finally, we discuss the anonymity implications of MTor and measure its resistance to traffic correlation attacks
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
A framework for proving the self-organization of dynamic systems
This paper aims at providing a rigorous definition of self- organization, one
of the most desired properties for dynamic systems (e.g., peer-to-peer systems,
sensor networks, cooperative robotics, or ad-hoc networks). We characterize
different classes of self-organization through liveness and safety properties
that both capture information re- garding the system entropy. We illustrate
these classes through study cases. The first ones are two representative P2P
overlays (CAN and Pas- try) and the others are specific implementations of
\Omega (the leader oracle) and one-shot query abstractions for dynamic
settings. Our study aims at understanding the limits and respective power of
existing self-organized protocols and lays the basis of designing robust
algorithm for dynamic systems
Solutions and Tools for Secure Communication in Wireless Sensor Networks
Secure communication is considered a vital requirement in Wireless Sensor Network (WSN) applications. Such a requirement embraces different aspects, including confidentiality, integrity and authenticity of exchanged information, proper management of security material, and effective prevention and reaction against security threats and attacks. However, WSNs are mainly composed of resource-constrained devices. That is, network nodes feature reduced capabilities, especially in terms of memory storage, computing power, transmission rate, and energy availability.
As a consequence, assuring secure communication in WSNs results to be more difficult than in other kinds of network. In fact, trading effectiveness of adopted solutions with their efficiency becomes far more important. In addition, specific device classes or technologies may require to design ad hoc security solutions. Also, it is necessary to efficiently manage security material, and dynamically cope with changes of security requirements. Finally, security threats and countermeasures have to be carefully considered since from the network design phase.
This Ph.D. dissertion considers secure communication in WSNs, and provides the following contributions. First, we provide a performance evaluation of IEEE 802.15.4 security services. Then, we focus on the ZigBee technology and its security services, and propose possible solutions to some deficiencies and inefficiencies. Second, we present HISS, a highly scalable and efficient key management scheme, able to contrast collusion attacks while displaying a graceful degradation of performance. Third, we present STaR, a software component for WSNs that secures multiple traffic flows at the same time. It is transparent to the application, and provides runtime reconfigurability, thus coping with dynamic changes of security requirements. Finally, we describe ASF, our attack simulation framework for WSNs. Such a tool helps network designers to quantitatively evaluate effects of security attacks, produce an attack ranking based on their severity, and thus select the most appropriate countermeasures
- …