CircuitStart: A Slow Start For Multi-Hop Anonymity Systems

In order to improve the performance of anonymity networks like Tor, custom transport protocols have been proposed to efficiently deal with the multi-hop nature of such overlay networks. In this work, we tackle the issue of quickly, but safely, ramping up the congestion window during the initial phase of a circuit's lifetime. We propose a tailored startup mechanism called CircuitStart that transfers the idea of a traditional slow start to the multi-hop scenario by effectively compensating potential overshooting, improving performance compared to existing approaches

Exploring Deployment Strategies for the Tor Network [Extended Version]

In response to upcoming performance and security challenges of anonymity networks like Tor, it will be of crucial importance to be able to develop and deploy performance improvements and state-of-the-art countermeasures. In this paper, we therefore explore different deployment strategies and review their applicability to the Tor network. In particular, we consider flag day, dual stack, translation, and tunneling strategies and discuss their impact on the network, as well as common risks associated with each of them. In a simulation based evaluation, which stems on historical data of Tor, we show that they can practically be applied to realize significant protocol changes in Tor. However, our results also indicate that during the transitional phase a certain degradation of anonymity is unavoidable with current viable deployment strategies

P2KMV: A Privacy-preserving Counting Sketch for Efficient and Accurate Set Intersection Cardinality Estimations

In this paper, we propose P2KMV, a novel privacy-preserving counting sketch, based on the k minimum values algorithm. With P2KMV, we offer a versatile privacy-enhanced technology for obtaining statistics, following the principle of data minimization, and aiming for the sweet spot between privacy, accuracy, and computational efficiency. As our main contribution, we develop methods to perform set operations, which facilitate cardinality estimates under strong privacy requirements. Most notably, we propose an efficient, privacy-preserving algorithm to estimate the set intersection cardinality. P2KMV provides plausible deniability for all data items contained in the sketch. We discuss the algorithm's privacy guarantees as well as the accuracy of the obtained estimates. An experimental evaluation confirms our analytical expectations and provides insights regarding parameter choices

Webchain: Verifiable Citations and References for the World Wide Web

Readers’ capability to consider and assess sources is imperative. Digital preservation efforts, however, mostly neglected citation provenance, which is a necessity for transparent source verification. We therefore present Webchain, a new system enabling verifiable citations and references on the World Wide Web. Its architecture combines a distributed ledger with secure timestamping to ensure history of creation, ownership, and referential integrity of online resources. With Webchain, readers can independently detect content manipulation by verifying authenticity, integrity, and time consistency. At the same time, authors gain a proof of existence for referenced articles. Webchain extends a well-known distributed timestamping scheme to handle an open and dynamic network topology by providing a solution for membership management. We examine the security of our approach, particularly regarding forging attacks. Our results show that we are able to render such attacks infeasible, even in the face of a powerful attacker

Exploring Deployment Strategies for the Tor Network

In response to upcoming performance and security challenges of anonymity networks like Tor, it will be of crucial importance to be able to develop and deploy performance improvements and state-of-the-art countermeasures. In this paper, we therefore explore different deployment strategies and review their applicability, impact, and risks to the Tor network. In a simulation-based evaluation, which leverages historical data of Tor, we show that the deployment strategies can practically be applied to realize significant protocol changes in Tor. Our results, however, also indicate that during the transitional phase a certain degradation of anonymity is unavoidable

Towards a Concurrent and Distributed Route Selection for Payment Channel Networks

Payment channel networks use off-chain transactions to provide virtually arbitrary transaction rates. In this paper, we provide a new perspective on payment channels and consider them as a flow network. We propose an extended push-relabel algorithm to find payment flows in a payment channel network. Our algorithm enables a distributed and concurrent execution without violating capacity constraints. To this end, we introduce the concept of capacity locking. We prove that flows are valid and present first results