Professional Documents
Culture Documents
Ijesat 2012 02 Si 01 16
Ijesat 2012 02 Si 01 16
ISSN: 22503676
Volume - 2, Special Issue - 1, 81 87
M.Tech, CSE, KL University, Andhra Pradesh,India,minny2k8@gmail.com Professor, CSE, KL University, Andhra Pradesh, India,smkodukula@yahoo.com
Abstract
This paper describes about the Mix networks that are designed to provide anonymity for users in a variety of applications, including anonymous web browsing and numerous E-commerce systems. These networks have been shown to be susceptible to flow correlation attacks empirically. This paper also describes about the anonymous communication and the realization in the onion routing and helps in exploring their use in variety of applications.
Index Terms: Mix Network, Anonymity Network, Onion Routing, Tor -------------------------------------------------------------------- *** ----------------------------------------------------------------------1. INTRODUCTION In today's expanding on-line world, there is an increasing concern about the protection of anonymity and privacy in electronic services. In the past, many technical solutions have been proposed that hide a user's identity in various applications and services. Anonymity is an important issue in electronic payments, electronic voting, electronic auctions, but also for email and web browsing. This paper describes how a freely available system, onion routing, can be used to protect a variety of Internet services against both eavesdropping and traffic analysis attacks, from both the network and outside observers. This paper includes a specification sufficient to guide both re implementations and new applications of onion routing. We also discuss configurations of onion routing networks and applications of onion routing, including Virtual Private Networks (VPN), Web browsing, e-mail, remote login, and electronic cash. A purpose of traffic analysis is to reveal who is talking to whom. The anonymous connections described here are designed to be resistant to traffic analysis, i.e., to make it difficult for observers to learn identifying information from the connection (e.g., by reading packet headers, tracking encrypted payloads, etc.). Any identifying information must be passed as data through the anonymous connections. Our implementation of anonymous connections, onion routing, provides protection against eavesdropping as a side effect 2. MIX NETWORK Digital mixes (also known as mix networks) were invented by David Chaum [1] in 1981. Digital mixes create hard-totrace communications by using a chain of proxy servers. Each message is encrypted to each proxy using public key cryptography; the resulting encryption is layered like a Russian doll (except that each "doll" is of the same size) with the message as the innermost layer. Each proxy server strips off its own layer of encryption to reveal where to send the message next. If all but one of the proxy servers is compromised by the tracer, untraceability can still be achieved against some weaker adversaries. Some anonymous remailers (such as Mixmaster) [2] and onion routing (including Tor) are based on this idea. There is another kind of mix net that consists of re-encryption operations. In these mix nets each mix node re-encrypts the set of received messages and the decryption is done in a single step. Homomorphic encryption schemes allow that. The goal of most Mix based systems is to offer sender and relationship anonymity. This means that the receiver should not find out who the sender is and an eavesdropper should not able to detect that there is a communication relationship between two parties. Although there are applications for receiver anonymity ex: Anonymous web publishing most internet activities where anonymity is desired require only sender and relationship anonymity.
B. MINNY PRISCILLA* et al. [IJESAT] INTERNATIONAL JOURNAL OF ENGINEERING SCIENCE & ADVANCED TECHNOLOGY
ISSN: 22503676
Volume - 2, Special Issue - 1, 81 87
Where: Kb = Bs public key, K1 = the mixs public key. A destination can reply to a source without sacrificing source anonymity. The reply message shares all of the performance and security benefits with the anonymous messages from source to destination.
2.3 Benefits
Figure 1: Basic Mix Network The current model offers several benefits, the most dominating ones are briefly described in the following paragraphs.
2.3.1Accessibility
Using well-known MIXes makes it straightforward for a user to access them. Their identities (host names or IP addresses) can be made public through web sites or news messages in the Usenet and the addition and removal of MIXes can also be made public in this way. In general, it is not expected that MIXes appear and disappear frequently. Rather, the model assumes that each MIX remains operational for a long time (e.g. months or years) before it terminates its service.
2.3.2Authentication
Using digital certificates makes it possible to control which MIXes are allowed to offer their services. This prevents unauthorized (and potentially malicious) MIXes from joining the system and collecting information and in addition gives the user the possibility to identify and authenticate the MIXes she is using. A centralized system could play the role of the certification authority responsible for issuing certificates for MIXes. This does of course not guarantee that malicious MIXes are present in the system, but gives at least the possibility to evaluate the trustworthiness of a MIX before certifying it.
2.3.3 Reliability
By controlling who is allowed to operate a MIX, one can make sure that only highly reliable MIXes are present in the system. In addition, there could be minimal requirements for the computing power of the MIXes and for the network connection they offer in order to make sure that no particular MIX becomes a bottleneck in the system.
3. ANONYMITY NETWORK
The Anonymity Network (AN) [3] is a MIX network to enable anonymous Web browsing. Its basic architecture is similar to that of Onion Routing, Freedom, or Pipe Net [4].This enables
B. MINNY PRISCILLA* et al. [IJESAT] INTERNATIONAL JOURNAL OF ENGINEERING SCIENCE & ADVANCED TECHNOLOGY users to access the Web while blocking any tracking or tracing of their identity on the Internet. This type of online anonymity moves Internet traffic through a worldwide network of volunteer servers. Anonymity networks prevent traffic analysis and network surveillance - or at least make it more difficult.
ISSN: 22503676
Volume - 2, Special Issue - 1, 81 87
As an example consider the network shown above, in here A,B,C and D are users (senders), Q,R,S, and T are servers (receivers), the boxes are mixes, and, The degree of anonymity takes into account the probability associated with each user.
it begins by defining the entropy of the system (here is where the papers differ slightly but only with notation,
We will use the notation from, where H(X) is the entropy of the network, N is the number of nodes in the network, and pi is the probability associated with node i. Now the maximal entropy of a network occurs when there is uniform probability associated with each node ( ) and this yields
The degree of anonymity (now the papers differ slightly in the definition here, defines a bounded degree where it is compared to HM and gives an unbounded definitionusing the entropy directly, we will consider only the bounded case here) is defined as.
B. MINNY PRISCILLA* et al. [IJESAT] INTERNATIONAL JOURNAL OF ENGINEERING SCIENCE & ADVANCED TECHNOLOGY Using this anonymity systems can be compared and evaluated using a quantitatively analysis.
ISSN: 22503676
Volume - 2, Special Issue - 1, 81 87
4. ONION ROUTING
This refers to the layered nature of the encryption service: The original data is encrypted and re-encrypted multiple times, then sent through successive Tor relays, each one of which decrypts a "layer" of encryption before passing the data on to the next relay and, ultimately, its destination. This reduces the possibility of the original data being unscrambled or understood in transit. In onion routing [6], instead of making socket connections directly to a responding machine, initiating applications make connections through a sequence of machines called onion routers. The onion routing net-work allows the connection between the initiator and responder to remain anonymous. Anonymous connections hide who is connected to whom, and for what purpose, from both outside eavesdroppers and compromised onion routers. If the initiator also wants to remain anonymous to the responder, then all identifying information must be removed from the data stream before being sent over the anonymous connection. Onion routers in the network are connected by longstanding (permanent) socket connections. Anonymous connections through the network are multiplexed over the longstanding connections. For any anonymous connection, the sequence of onion routers in a route is strictly defined at connection setup. However, each onion router can only identify the previous and next hops along a route. Data passed along the anonymous connection appears different at each onion router, so data cannot be tracked en route, and compromised onion routers cannot cooperate by correlating the data stream each sees. We will also see that they cannot make use of replayed onions or replayed data.
content via Tor's anonymous hidden service feature. Furthermore, by keeping some of the entry relays (bridge relays) secret, users can evade Internet censorship which relies upon blocking public Tor relays.
4.2 Operation:
Tor aims to conceal its users identities and their network activity from surveillance and traffic analysis by separating identification and routing. It is an implementation of onion routing, which encrypts and then randomly bounces communications through a network of relays run by volunteers throughout the globe. These onion routers employ encryption in a multi-layered manner (hence the onion metaphor) to ensure perfect forward secrecy between relays, thereby providing users with anonymity in network location. That anonymity extends to the hosting of censorship-resistant content via Tor's anonymous hidden service feature. By keeping some of the entry relays secret (bridge relays), users can evade Internet censorship that relies upon blocking public Tor relays. Because the internet address of the sender and the recipient are not both in clear text at any hop along the way(and at middle relays neither piece of information is in clear text), someone eavesdropping at any point along the communication channel cannot directly identify both ends. Furthermore, to the recipient it appears that the last Tor node (exit relay) is the originator of the communication rather than the sender.
B. MINNY PRISCILLA* et al. [IJESAT] INTERNATIONAL JOURNAL OF ENGINEERING SCIENCE & ADVANCED TECHNOLOGY include misconfigured services (e.g. identifying information included by default in web server error responses) uptime and downtime statistics, intersection attacks and user error.
ISSN: 22503676
Volume - 2, Special Issue - 1, 81 87
5.2Anonymous Chatting
Anonymous connections can be used in a service similar to IRC, where many parties meet to chat at some central server. The chat server may mate several anonymous connections carrying matching tokens. Each party defines the part of the connection leading back to itself, so no party has to trust the other to maintain its privacy. If the communicating parties layer end-to-end encryption over the mated anonymous connections, they also prevent the central server from listening in on the conversation.
B. MINNY PRISCILLA* et al. [IJESAT] INTERNATIONAL JOURNAL OF ENGINEERING SCIENCE & ADVANCED TECHNOLOGY
ISSN: 22503676
Volume - 2, Special Issue - 1, 81 87
different applications to share the same communication infrastructure increases the ability of the network to resist traffic analysis.
REFERENCES
[1] D. Chaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms, Comm. ACM, vol. 24, no. 2, pp. 84-90, Feb. 1981. [2]L.cotterell, Mixmaster and remailer attacks,1994.http://www.obscura.com/-loki/remailer/remaileressay.html. [3] Marc Rennhard Design, Implementation, and Analysis of an Anonymity Network for Web Browsing, February, 2002. [4]WeiDai.PipeNet.http://www.eskimo.com/~weidai/pipenet.t xt. [5] C. Daz, S. Seys, J. Claessens, and B. Preneel, Towards Measuring Anonymity, Proc. Privacy Enhancing Technologies Workshop (PET 02), R. Dingledine and P. Syverson, eds., pp. 54-68, Apr. 2002. [6] P.F. Syverson, D.M. Goldschlag, and M.G. Reed, Anonymous Connections and Onion Routing, Proc. IEEE Symp. Security and Privacy, pp. 44-54, 1997. [7] S.J. Murdoch and G. Danezis, Low-Cost Traffic Analysis of Tor, Proc. 2005 IEEE Symp. Security and Privacy, pp. 183-195, May 2005. [8] L. verlier and P. Syverson, Locating Hidden Servers, Proc. IEEE Symp. Security and Privacy May 2006.
BIOGRAPHIES
B.Minny Priscilla received B.Tech Degree in Information Technology from St.Anns college of Engineering And Technology, JNT University, Kakinada in the year 2010 is currently pursuing M.Tech in the Department of Computer Science and engineering at KL University, Vijayawada.
6. CONCLUSION
This paper describes about the versatility of anonymous communications by exploring their use in variety of applications, these include standard internet services such as web browsing, remote login and electronic mail. Onion routing communication moves the anonymous communication infrastructure below the Application level properly separating communication and applications. Since the efficiency depends upon sufficient network traffic allowing
B. MINNY PRISCILLA* et al. [IJESAT] INTERNATIONAL JOURNAL OF ENGINEERING SCIENCE & ADVANCED TECHNOLOGY Dr. Kodukula Subrahmanyam, a Gold Medalist from Andhra University (1992-93) is currently working as a Professor in Computer Science & Engineering Department, School of Computing of KL University, Guntur. He is in teaching profession for the past 20 years and prior to joining KL University he worked as Programme Leader in the School of Engineering, Science & Technology at KDU University, Malaysia for about 10 years. He has published more than 30 papers in both national and international journals/conferences and attended various workshops in Malaysia, Singapore, USA & India. His research interests include Knowledge Management, Communication Technologies & Soft Systems Methodologies. He has guided 100 over students towards their Masters and Bachelor Dissertations and currently guiding 4 towards their PhD.
ISSN: 22503676
Volume - 2, Special Issue - 1, 81 87