SlideShare a Scribd company logo

Anonymous ipsec wseas-1

G
granite
Technology
1 of 7
Download to read offline
Nested Encryption Library for automated IPSec-based Anonymous Circuits Establishment Hervé AIACHE, Mattéo LAURIANO, Corinne SIEUX and Cédric TAVERNIER THALES Communications S.A. BP 82 – 160, boulevard de Valmy – 92 704 Colombes Cedex FRANCE {firstname.name}@fr.thalesgroup.com Abstract: Nowadays, security and privacy are becoming two of the most critical issues for current and future generation of communications systems. Since the 80’s, many efficient systems aiming at ensuring flows anonymity, mainly derived from the so-called Chaum’s Mix networks. However, these solutions suffer from a lack of integration with standardized IP approaches and therefore missed a wide adoption by the general public. This paper proposes an anonymous circuit establishment scheme derived from the powerful Mix concept and inheriting from the IPSec Framework. This solution has been implemented and experimented over a real testbed in view to analyze its impacts on multimedia flows end-to-end transmission. Key-Words: Anonymous routing, Privacy, TFC, IPSec, Chaum’s Mix. 1 Introduction security solutions requires today to protect enhanced Nowadays, security and privacy are becoming two of personal information in view to not be disclose to the most critical issues for current and future generation unauthorized part, which could passively collect them of communications systems, as illustrated by the huge for undesired, and illegal, purposes. number of attacks identified and numbered day-by-day Since the 80’s, many efficient systems (e.g. [4], [5], over the Internet. In fact, a lot of the services providers [3]) aiming at ensuring users’ communications flows of the new economy are requesting (and in most cases, anonymity have been proposed to solve users’ privacy collecting) personal information in order to access to and requirements and are mainly derived from the so-called to exploit attractive context aware and customized Chaum’s Mix concept [4]. However, these solutions, services (e.g. digital stores, location services or bank mainly using proprietary anonymized content delivery access). In this context, general users are required to give services, suffer of a lack of integration with standardized up to the providers, their personal information such as IP approaches. This explains for part that they have not identity, bank account, location, preferences and so on. really been widely adopted by the general public. Therefore, attackers that only observe a network can acquire easily sensitive private information about users, Therefore, this paper presents an anonymous circuit which are not classically protected by information establishment scheme derived from the powerful Mix security techniques. concept and inheriting from the IPSec Framework. This paper is structured in three main sections: the section II Moreover, even security problems of IT systems (i.e. details, for the first time, a functional view describing integrity, authentication, confidentiality and non- most of the proposed anonymous routing solutions (e.g. repudiation) can be solved using encryptions, hash and [Tarzan[5], Mix[4], OR[6], TOR[3], Morphix[8]...), the MAC functions, these solutions are not really suited to section III details the Mix-like solution based on nested solve privacy issues. In fact, private information IPSec tunnels, the section IV reports results obtained protection requires others techniques that enable to from real experiments analyzing the impacts of masquerade traffic source and destination, traffic paths cryptographic algorithms on multimedia flows end-to- and the type of traffic the users generate. Basically, end transmission. encryption techniques allow hiding “what users are sending” but not “who is sending”, “who is receiving”, 2 Functional view of anonymous routing “where the users are”, “what the paths inside the network approaches are” and “what the types of traffic are”. This means that Two main groups of privacy solutions exist : the privacy protection is not only related to the protection of peer to peer and the onion routing architecture which are the content that the users are sending but also to their mainly based on a node mix approach, but developed on behaviors (and the associated traffic or routing distributed and dynamic environment for the first one information) on the network. In this way, privacy and (Tarzan, Crowds[7], MorphMix) and more centralized
and fixed for the others one (Chaum’s mix net, most cases a particular topology construction algorithm mixMasater, Mixonion, Web-Mixes, TOR). The (e.g. CHORD, CAN or Gossip for P2P) in view to better functional analysis of these various existing anonymous control the infrastructure. At last, mainly associated to systems approaches shows that most of the fundamental the anonymous infrastructure topology functions a anonymous routing solutions mainly rely on four main particular anonymous paths selection strategy is components and one building block defining specific implemented in view to choose the MIX-peers transmission policies. composing a given anonymous path, when applications requests it for anonymity service access. 2.2 Anonymous Routing Topology Knowledge Management This building block integrates all the information structures (e.g. tables, databases) that are needed to know how the anonymous infrastructure is structured and what is the related cryptographic material (mainly public keys). The table are initiated and filled during the MIX-peers discovery phase and updated by anonymous routing protocol/procedures. All these information will be used afterward to setup anonymous connections, as it will be described later. 2.3 Traffic Flows Confidentiality This building block enables auto- configurable operations in order to masquerade traffic flows characteristics. It mainly relies on two specific sub-functionalities: modifications of the packet (i.e. padding and timing operations), and management of dummy packets. Fig. 1. Functional modelling of anonymous routing approaches. It solves the problems of “correlation” and “timing” attacks. In most of the proposed approaches, Two components (sections 2.1 and 2.2) are more these kind of problems would be solved by the definition linked to the routing schemes (node discovery, topology of a particular Traffic Flows Confidentiality (TFC) establishment, trust validation) and the three others algorithm. (sections 2.3 to 2.5) more linked to the forwarding plane. All these build blocks are illustrated in Figure 1 2.4 Anonymous Paths Management and are described in the following. This building block commonly instantiates a pure or a variant of the well-known Chaum’s MIX approach 2.1 Anonymous Routing Infrastructure (such as [4]) in order to protect the identities of the Topology Maintenance sender and/or the receiver (i.e. the MIX-peers identifiers This building block groups all the functions or addresses). Mainly, this basic functionality aims at required to manage the MIX-peers access/leave inside setting up an anonymous path based on the request the anonymous infrastructure, to exchange information issued by a specific MIX-peers set selection strategy on the MIX-peers in view to maintain the topology of (specified by the anonymous routing scheme). It usually the anonymous network. Note that, depending on the sends a so-called onion-like signaling message (e.g. anonymous routing approach, these operations can TOR[3], [6]) to pine the anonymous paths within the operated statically based on procedures (or particular anonymous overlay infrastructure (through a specific refresh based on a central server – e.g. TOR[3])or format depending of the solution). Moreover, the dynamically, such as in [2, 5], relying on specific peer- management of the anonymous paths is articulated to-peer protocols. around a particular management of circuit identifiers and The set of functions implementing the anonymous is commonly and based on a particular nested encryption routing infrastructure topology maintenance defines in
strategy (i.e. successive layers of encryption), which is in node considered. In fact, a Mix-node can initiate the most cases elaborated through symmetric cryptography setup (or the removal) of an anonymous circuit (i.e. by algorithms. being the source node or acting for it) or a Mix-node can be an intermediary Mix-node of the selected anonymous 2.5 Anonymous Forwarding Rules path and, in this case, has to contribute to the This set of rules groups a set of policies necessary establishment (or to the local removal) of the anonymous at the transmission level to guarantee communication connection. flows anonymity. This is required since the other Therefore, this distinction is important to better functional components cannot masquerade all the information necessary to ensure properly the forwarding operation (e.g. MIX-peers identifiers or addresses change). Another usage of these forwarding rules can be also interesting to remove previously stored information on the communication flows and which are commonly recorded for optimization in current legacy communication stack (e.g. last IP headers). Figure 3. Software architecture of the APM module. 3 Design and Implementation understand how the APM software component After fifteen years of efficient research and (illustrated by the Figure 3) will act to implement these developments, the powerful obtained approaches have two different operations. In the case of an anonymous not really been integrated into Internet infrastructures. path setup, the Mix-node will have to generate all the This is mainly due to the fact that solutions have not necessary cryptographic material to establish the path, been built around standardized IP related security when in the case of an onion-like signaling message standards[1]. Therefore, to fill this gap, this paper reception, it will have to enforce the corresponding specifies and designs a nested encryption circuit IPSec tunnel configuration and to forward the peeled establishment natively inscribed in the IPSec framework onion to the selected next Mix-node. These two different and a software library to easily implement anonymous phases are explained in the following sections. The use routing over IPSec. This solution answers to the passive of standardized and widely implemented solutions is attacks by traffic analysis and avoid source/destination recommended because they allow a simpler linkability. The solutions refers to the function block implementation and integration with the existing Anonymous Path Management (APM) of the functional network infrastructures. Furthermore, the use of existing approach. This approach complements the IETF RFC solutions is the best approach because their weakness 4303 that proposes the possible anonymisation of the and flaws are tested and well known so the problem is traffic by de-correlating the traffic useful for timing reduced to find a solution in order to solve these attack (Traffic Flow Confidentiality). An example of the systems’ vulnerabilities and to adapt them to allow the solution illustrating the tunnelling technique is shown untraceability and unobservability of traffic flows. below in Figure 2. 3.2 Operations overview 3.2.1 Setup operation of an anonymous path After receiving a request for anonymity issued by an application, the Anonymous Paths Selection Strategy Algorithm asks for the enforcement of the elected Figure 2. Nested TunnellingTechnique. anonymous circuit formed by several Mix-nodes, by calling the functions apsm_anonymous_connection() of the Anonymous Paths Signalling Manager. The IP 3.1 Software design addresses of the selected Mix-nodes composing the The management of anonymous paths performed anonymous circuit are provided as input parameters of by the APM component can be decomposed into two this function. Note that the order of the IP addresses is distinct operations depending on the position of the Mix- important since the anonymous connection will be
established by contacting one by one each of the function nitcm_request_ipsec_info(). Note that the corresponding Mix-nodes in the same order. onion-like information data (i.e. the not encrypted one) Then, the Anonymous Paths Signalling Manager is given as input parameter of this function. The demands the generation of several SPIs depending on the Anonymous Connections Information Manager creates a number of Mix-nodes new soft-state for this involved in the anonymous anonymous circuit connection, by calling the demand, which is stored function internally. Then the nitcm_generate_spi() Anonymous of the Security Parameter Connections Indexes Generator. After Information Manager this operation, the enforces the Anonymous Paths corresponding nested Signalling Manager IPSec tunnels requires the generation the configuration by calling appropriate onion-like Figure 4. APM software components interactions to setup an anonymous path. the function signalling message: this is done by calling the function nitcm_ipsec_translator() of the IPSec Configuration nesm_construct_onion() of the Nested-Encryption Translator. Signalling Message Manager. The list of the Mix-nodes Once the corresponding IPSec configuration has IP addresses and the previously generated set of SPIs are been enforced, the Anonymous Paths Signalling given as input parameters of this function. Manager sends the onion-like signalling message (the In view to generate the onion-like signalling encrypted one) to the first Mix-node, by calling the message, the Nested Encryption Signalling Message function apsm_send_onion_msg() of the Nested Manager retrieves first the public keys (and the Encryption associated cryptographic Signalling Message algorithms to be used), Handler. corresponding to the list of The Figure 4 Mix-nodes, by calling the illustrates how and function in which order the mtt_lookup_public_key() (and the function APM software mtt_lookup_crypto_info()) components of the Mix-nodes Topology interacts among Table. Then, the Nested each other to send Encryption Signalling the onion-like Message Manager demands signalling message Figure 5. Treatment of an anonymous path signalling message by the APM in view to setup an the generation of a set of software components. symmetric cryptographic keys anonymous path. (that will be distributed to the set of Mix-nodes), by calling the function nesm_generate_sym_key() of the 3.2.2 Treatment of an anonymous path Symmetric Cryptographic Key Generator. At this stage, signaling message all the necessary cryptographic materials and information are known: the Nested Encryption When an anonymous paths signalling message is Signalling Message Manager is now able to construct received by the APM daemon, it arrives inside the the onion-like signalling message. This operation is Nested Encryption Signalling Message Handler and is performed by calling appropriately the function passed the Anonymous Paths Signalling Manager thanks nesm_encrypt_data() offered by the Cryptographic to the handler called apsm_receive_onion_msg(). Algorithms and Operations block. Then, the onion-like Once received, the Anonymous Paths Signalling signalling message and its homologue data (i.e. the same Manager peels a first layer of encryption of the onion- information but not encrypted) are then returned to the like signalling message by calling the function Anonymous Path Signalling Manager, as the result of the nesm_extract_onion_info() of the Nested Encryption previous call to the function nesm_construct_onion(). Signalling Message Manager. The Anonymous Path Signalling Manager informs Then the Nested Encryption Signalling Message then the Anonymous Connections Information Manager Manager extracts the required cryptographic materials of this new anonymous circuit demand by calling the and information thanks to the function of the nesm_decrypt_data() offered by the Cryptographic
Algorithms and Operations block, using the private key of the Mix-node. After the performed decryption operations, the Nested Encryption Signalling Message Manager is able to separate the information related to the requested IPSec tunnel configuration (the symmetric cryptographic key to be used, the SPIs and the next Mix- node in the anonymous path) from the following of the onion-like signalling message that is made up of the other nodes’ information (and encrypted with their public keys – so it is unable to decrypt). The extracted IPSec tunnel configuration and the IP Figure 6. APM experimental platform. address of the next Mix-node are returned to the Five configurations were used: without tunnels, Anonymous Paths Signalling Manager, as the result of with one, two, three and four tunnels. Two different the previous call to the function encryption algorithm were used: 3DES CBC and nesm_extract_onion_info(). Note also that after the Rijndael CBC with its three different key sizes, i.e. 128, call to this function the onion-like signalling message, 192 and 256 bits. For each configuration measures have given as input parameter, has been peeled of its first been done for packet size of 64, 128, 256, 512, 1024, layer of encryption and, in this way is ready to be sent to 2048 and 4096 bytes. the next Mix-node. At this stage, the Anonymous Paths In this section the measurements results are Signalling Manager demands then to the Anonymous presented. In order to simplify the presentation two Connections Information Manager to enforce this new subsections are defined. The first one is about ICMP anonymous circuit establishment request by calling the measures; the second one is about UDP. function nitcm_request_ipsec_info(). As previously, the Anonymous Connections Information Manager creates and stores a new soft-state for this anonymous 4.1 ICMP measurements connection. And asks the IPSec Configuration Manager to enforce the corresponding IPSec tunnels configuration The Round Trip Time (RTT) depending on packets by calling the function nitcm_ipsec_translator(). size for a fixed encryption algorithm is presented. In Once informed of the IPSec configuration each figure there are five curves; four of them represent enforcement, the Anonymous Paths Signalling Manager the four configurations previously presented, the last sends the peeled onion-like signalling message to the one represents the case in which any tunnel is set up (the next Mix-node, by calling the function reference case). apsm_send_onion_msg() of the Nested Encryption ICMP - 3DES Signalling Message Handler. 20,000 18,000 The Figure 5 illustrates all these steps entering in 16,000 14,000 the treatment of an anonymous paths signalling message. 1 Tunnel 12,000 RTT (ms) 2 Tunnels 10,000 3 Tunnels 4 Experimentations 8,000 4 Tunnels Without Tunnels 6,000 This section describes the environment in which 4,000 measurements have been done. The APM platform has 2,000 been exploited in order to collect data. The platform is 0,000 composed by five computers, as shown in Figure 6. 64 128 256 512 1024 2048 4096 Packet Size (bytes) The five computers run Linux 2.6 and are connected in a chain. In this way four switched networks Figure 7. RTT vs. Packet Size using 3DES are defined. Three of them supports 100 Mbps, the Generally, the 3DES algorithm presents bad fourth is 10 Mbps. performances as shown in Figure 7; if packet size is not too large, i.e. minor or equal to 256 bytes, there are not The aim is to demonstrate if it possible to have great differences in the RTT between the configuration secure communications for near real-time traffic and with one and two tunnels. Relevant differences appears real-time traffic. for packet size of 1024 bytes. In this case the four tunnels configuration presents a RTT of 50% higher than the case without tunnels.
ICMP - Rijndael 128 figure, different curves are available, the parameter is 18,000 packet size. The knowledge of the jitter is interesting 16,000 because high value or variation of this value can 14,000 determine the difficulties to transmit real-time services. 12,000 1 Tunnel UDP Jitter - 3DES CBC RTT (ms) 10,000 2 Tunnels 3 Tunnels 1,6 8,000 4 Tunnels 6,000 Without tunnels 1,4 4,000 1,2 64 bytes 2,000 128 bytes 1 Jitter (ms) 0,000 256 bytes 64 128 256 512 1024 2048 4096 0,8 512 bytes c Packet Size (bytes) 1024 bytes 0,6 2048 bytes Figure 8. RTT vs. Packet Size using Rijndael 128. 0,4 4096 bytes 0,2 ICMP - Rijndael 192 0 T0 T1 T2 T3 T4 18,000 AP Length (tunnel) 16,000 14,000 Figure 11. Jitter vs. Anonymous Path Length using 3DES. 12,000 1 Tunnel Figure 11 shows jitter measured when 3DES RTT (ms) 10,000 2 Tunnels 8,000 3 Tunnels algorithm is used. In this case 3DES is not the worst 4 Tunnels 6,000 Without Tunnels algorithm but a similar behaviour is observed with the 4,000 other algorithm. Packets of 128, 256 and 512 bytes have 2,000 the best behaviour because they are approximately 0,000 constants when the number of tunnels changes. 64 128 256 512 1024 2048 4096 Packet Size (bytes) UDP Jitter - Rijndael CBC 128 Figure 9. RTT vs. Packet Size using Rijndael 192. 1,6 1,4 ICMP - Rijndael 256 1,2 64 bytes 128 bytes 1 Jitter (ms) 18 256 bytes 0,8 512 bytes 16 1024 bytes 14 0,6 1 Tunnel 2048 bytes 12 RTT (ms) 2 Tunnels 0,4 4096 bytes 10 3 Tunnels 0,2 8 4 Tunnels 6 0 4 Without Tunnels T0 T1 T2 T3 T4 AP Length (tunnel) 2 0 Figure 12: Jitter vs. Anonymous Path Length using Rijndael 128 64 128 256 512 1024 2048 4096 Packet size (bytes) UDP Jitter - Rijndael CBC 192 Figure 10: RTT vs. Packet Size using Rijndael 256 1,4 Figure 8, Figure 9 and Figure 10 present the RTT 1,2 using the Rijndael algorithm with, respectively, 128, 192 1 64 bytes 128 bytes and 256 bits keys. It is important to underline that Jitter (ms) 0,8 256 bytes between these curves there are not big differences. 0,6 512 bytes 1024 bytes Rijndael 128 is faster but differences are less than 0.3 2048 bytes 0,4 4096 bytes ms. This is an interesting result because it means that it 0,2 is possible to increment the security of a transmission by the use of the longer key with a good level of 0 T0 T1 T2 T3 T4 performances. If packet size are not large, i.e. equal or AP Length (tunnel) greater than 1024 bytes, good values are reached. Figure 13: Jitter vs. Anonymous Path Length using Rijndael 192 4.2 UDP measurements This subsection discuss UDP jitter measures. These measures are evaluated for a fixed encryption algorithm and let’s varying nested tunnels numbers. For each
UDP Jitter - Rijndael CBC 256 multiple routes are used and, in this way, the global 1,6 performance would be increased, keeping in the same 1,4 time a given privacy protection level. In other words, 1,2 such a technique would improve the end-to-end 64 bytes 1 128 bytes performances due to the minor number of Jitter (ms) 0,8 256 bytes 512 bytes encryption/decryption operations calls. 0,6 1024 bytes In addition to efforts around the improvements of 2048 bytes 0,4 4096 bytes the solution, we plan to conduct work on performance 0,2 measurements with audio/video streaming components. 0 T0 T1 T2 AP Length (tunnel) T3 T4 6 Acknowledgements We would like to acknowledge our partners from Figure 14: Jitter vs. Anonymous Path Length using Rijndael 256 the DISCREET project with whom we have worked on The same conduct can be observed in Figure 12, interactions between the Anonymous Paths Management Figure 13 and Figure 14. Packets of 512 bytes have the and Traffic Flows Confidentiality components. The best performance; if 3DES or Rijndael 128 are used, DISCREET project was funded in part by the European they are the most regulars. In each case 64 bytes packets Commission's Information Society Technology 6th reach high value when three and four nested tunnels are Framework Programme. It started in December 2005 and established. 1024, 2048 and 4096 bytes packets are will end in February 2008. For more information visit irregular. Generally, firstly they increase and then the the project web site http://www.ist-discreet.org/. decrease the jitter values when tunnels number increases. The higher values are reached by packets of 1024 bytes References: when Rijndael is used and does not depend on the key [1] S. Kent. IP Encapsulating Security Payload (ESP). length. IETF RFC 4303. December 2005. [2] M. J. Freedman, R. Morris, “Tarzan: A Peer-to-Peer 5 Conclusion and future works Anonymizing Network Layer”, Proceedings of the 9th This paper addressed and presented the critical ACM Conference on Computer and Communications main issues that IP networks have to face today: security Security (CCS 2002), 2002. and privacy protection. First, this paper extracted a [3] R. Dingledine, N. Mathewson, P. Syverson, “TOR: functional modelling that applies to most of the The Second-Generation Onion Router”, Proceedings anonymous routing solutions proposed in the literature. of 13th Usenix Security Simposyum , August 2004. Then, a Mix-like scheme based on a nested IPSec [4] D. Chaum. Untraceable Electronic Mail, Return tunnelling technique has been proposed in view to Addresses, and Digital Pseudonyms. ensure IP flows untraceability and unobservability. The Communications of the ACM, Vol. 24 Number 2, particularity of the approach consist mainly in the Feb. 1981. management of anonymous circuits inside the [5] M. J. Freedman, E. Sit, J. Cates, R. Morris. standardized IPSec framework. Such a standardized Introducing Tarzan, a Peer-to-Peer Anonymizing environment constitutes one of the main constraints to Network Layer. Proceedings of the 1st International the large scale deployment and the wide adoption of Workshop on Peer-to-Peer Systems (IPTPS02). current anonymous routing systems. 2002. Moreover, the proposed solution has been [6] D. M. Goldschlag, M. G. Reed, P. F. Syverson. implemented and tested over a real experimental Hiding Routing Information. Workshop on platform in view to characterise its impacts on Information Hiding, Cambridge, UK. May 1996. multimedia flows (i.e. RTT and jitter) in function of the [7] M. K. Reiter, A. D. Rubin. Crowds: Anonymity for cryptosystem involved and depending of the anonymous web transactions. ACM TISSEC, 1(1), June 1998. circuit length. [8] M. Rennhard, B. Plattner. Introducing MorphMix: Future work along these lines would include the Peer-to-Peer based Anonymous Internet Usage with performance improvements of the solution based on the Collusion Detection. 2002. implementation and tests of particular “Message Splitting” technique strategies. In this way, the IP packets sent by a given source would be transmitted to the same destination using different routes to make harder most of passive attacks. In this case, the number of tunnels used for a given path could be decreased if

Recommended

Peace
PeacePeace
Peaceingenioustech
 
thilaganga journal 2
thilaganga journal 2thilaganga journal 2
thilaganga journal 2thilaganga
 
Tor Project overview
Tor Project overviewTor Project overview
Tor Project overviewJorge Couchet
 
Corporate Lifecycle Presentation
Corporate Lifecycle PresentationCorporate Lifecycle Presentation
Corporate Lifecycle Presentationdavis1cc
 
Cryptoanarchism
CryptoanarchismCryptoanarchism
Cryptoanarchismq3XKFc5XR
 
A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...IAEME Publication
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous CommunicationFabio Pietrosanti
 
Anonymizing Networks
Anonymizing NetworksAnonymizing Networks
Anonymizing Networkspauldeng
 

Recommended

Peace
PeacePeace
Peaceingenioustech
 
thilaganga journal 2
thilaganga journal 2thilaganga journal 2
thilaganga journal 2thilaganga
 
Tor Project overview
Tor Project overviewTor Project overview
Tor Project overviewJorge Couchet
 
Corporate Lifecycle Presentation
Corporate Lifecycle PresentationCorporate Lifecycle Presentation
Corporate Lifecycle Presentationdavis1cc
 
Cryptoanarchism
CryptoanarchismCryptoanarchism
Cryptoanarchismq3XKFc5XR
 
A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...IAEME Publication
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous CommunicationFabio Pietrosanti
 
Anonymizing Networks
Anonymizing NetworksAnonymizing Networks
Anonymizing Networkspauldeng
 
Anonymity Systems: Tor
Anonymity Systems: TorAnonymity Systems: Tor
Anonymity Systems: Torantitree
 
Multipath TCP
Multipath TCPMultipath TCP
Multipath TCPOlivier Bonaventure
 
Perl programming language
Perl programming languagePerl programming language
Perl programming languageElie Obeid
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routern|u - The Open Security Community
 
Modern Perl Catch-Up
Modern Perl Catch-UpModern Perl Catch-Up
Modern Perl Catch-UpDave Cross
 
Perl Scripting
Perl ScriptingPerl Scripting
Perl ScriptingVaradharajan Mukundan
 
DBIx::Class beginners
DBIx::Class beginnersDBIx::Class beginners
DBIx::Class beginnersleo lapworth
 
Introduction to Perl - Day 2
Introduction to Perl - Day 2Introduction to Perl - Day 2
Introduction to Perl - Day 2Dave Cross
 
LPW: Beginners Perl
LPW: Beginners PerlLPW: Beginners Perl
LPW: Beginners PerlDave Cross
 
Introduction to Perl - Day 1
Introduction to Perl - Day 1Introduction to Perl - Day 1
Introduction to Perl - Day 1Dave Cross
 
Cisco final ppt
Cisco final pptCisco final ppt
Cisco final pptAmin Hajoli
 
Cisco Case Analysis
Cisco Case AnalysisCisco Case Analysis
Cisco Case Analysisperk2624
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersBrent Muir
 
Topic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptxTopic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptxAyeCS11
 
OSI Model and TCP/IP Model.
OSI Model and TCP/IP Model.OSI Model and TCP/IP Model.
OSI Model and TCP/IP Model.City University, Dhaka, Bangladesh
 
Analysis of threats and security issues evaluation in mobile P2P networks
Analysis of threats and security issues evaluation in mobile P2P networks Analysis of threats and security issues evaluation in mobile P2P networks
Analysis of threats and security issues evaluation in mobile P2P networks IJECEIAES
 
Network Advantages And Disadvantages
Network Advantages And DisadvantagesNetwork Advantages And Disadvantages
Network Advantages And DisadvantagesRenee Jones
 
Osi model and tcpip model.
Osi model and tcpip model.Osi model and tcpip model.
Osi model and tcpip model.kona paul
 
Osi model
Osi modelOsi model
Osi modelNazifa95
 
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Eswar Publications
 
Impact of Mobility for Qos Based Secure Manet
Impact of Mobility for Qos Based Secure Manet Impact of Mobility for Qos Based Secure Manet
Impact of Mobility for Qos Based Secure Manet graphhoc
 
ISO layer
ISO layerISO layer
ISO layerDipak Nidhi
 

More Related Content

Viewers also liked

Anonymity Systems: Tor
Anonymity Systems: TorAnonymity Systems: Tor
Anonymity Systems: Torantitree
 
Perl programming language
Perl programming languagePerl programming language
Perl programming languageElie Obeid
 
Modern Perl Catch-Up
Modern Perl Catch-UpModern Perl Catch-Up
Modern Perl Catch-UpDave Cross
 
DBIx::Class beginners
DBIx::Class beginnersDBIx::Class beginners
DBIx::Class beginnersleo lapworth
 
Introduction to Perl - Day 2
Introduction to Perl - Day 2Introduction to Perl - Day 2
Introduction to Perl - Day 2Dave Cross
 
LPW: Beginners Perl
LPW: Beginners PerlLPW: Beginners Perl
LPW: Beginners PerlDave Cross
 
Introduction to Perl - Day 1
Introduction to Perl - Day 1Introduction to Perl - Day 1
Introduction to Perl - Day 1Dave Cross
 
Cisco Case Analysis
Cisco Case AnalysisCisco Case Analysis
Cisco Case Analysisperk2624
 

Viewers also liked (12)

Anonymity Systems: Tor
Anonymity Systems: TorAnonymity Systems: Tor
Anonymity Systems: Tor
 
Multipath TCP
Multipath TCPMultipath TCP
Multipath TCP
 
Perl programming language
Perl programming languagePerl programming language
Perl programming language
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
 
Modern Perl Catch-Up
Modern Perl Catch-UpModern Perl Catch-Up
Modern Perl Catch-Up
 
Perl Scripting
Perl ScriptingPerl Scripting
Perl Scripting
 
DBIx::Class beginners
DBIx::Class beginnersDBIx::Class beginners
DBIx::Class beginners
 
Introduction to Perl - Day 2
Introduction to Perl - Day 2Introduction to Perl - Day 2
Introduction to Perl - Day 2
 
LPW: Beginners Perl
LPW: Beginners PerlLPW: Beginners Perl
LPW: Beginners Perl
 
Introduction to Perl - Day 1
Introduction to Perl - Day 1Introduction to Perl - Day 1
Introduction to Perl - Day 1
 
Cisco final ppt
Cisco final pptCisco final ppt
Cisco final ppt
 
Cisco Case Analysis
Cisco Case AnalysisCisco Case Analysis
Cisco Case Analysis
 

Similar to Anonymous ipsec wseas-1

TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersBrent Muir
 
Topic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptxTopic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptxAyeCS11
 
Analysis of threats and security issues evaluation in mobile P2P networks
Analysis of threats and security issues evaluation in mobile P2P networks Analysis of threats and security issues evaluation in mobile P2P networks
Analysis of threats and security issues evaluation in mobile P2P networks IJECEIAES
 
Network Advantages And Disadvantages
Network Advantages And DisadvantagesNetwork Advantages And Disadvantages
Network Advantages And DisadvantagesRenee Jones
 
Osi model and tcpip model.
Osi model and tcpip model.Osi model and tcpip model.
Osi model and tcpip model.kona paul
 
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Eswar Publications
 
Impact of Mobility for Qos Based Secure Manet
Impact of Mobility for Qos Based Secure Manet Impact of Mobility for Qos Based Secure Manet
Impact of Mobility for Qos Based Secure Manet graphhoc
 
THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...
THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...
THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...ijcisjournal
 
Distributed Semantic Search System (DSSS)
Distributed Semantic Search System (DSSS)Distributed Semantic Search System (DSSS)
Distributed Semantic Search System (DSSS)Isuru Vincent
 
OSI and TCP/IP reference models in networking
OSI and TCP/IP reference models in networkingOSI and TCP/IP reference models in networking
OSI and TCP/IP reference models in networkingMeenakshiGupta233101
 
Towards secure cloud data management
Towards secure cloud data managementTowards secure cloud data management
Towards secure cloud data managementambitlick
 
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation AnalysisA New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysisijceronline
 
Distributed Digital Artifacts on the Semantic Web
Distributed Digital Artifacts on the Semantic WebDistributed Digital Artifacts on the Semantic Web
Distributed Digital Artifacts on the Semantic WebEditor IJCATR
 
Running Head THE SEVEN LAYER MODEL OF OSIKao 1THE SEVEN LAYE.docx
Running Head THE SEVEN LAYER MODEL OF OSIKao 1THE SEVEN LAYE.docxRunning Head THE SEVEN LAYER MODEL OF OSIKao 1THE SEVEN LAYE.docx
Running Head THE SEVEN LAYER MODEL OF OSIKao 1THE SEVEN LAYE.docxtodd521
 

Similar to Anonymous ipsec wseas-1 (20)

TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
 
Topic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptxTopic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptx
 
OSI Model and TCP/IP Model.
OSI Model and TCP/IP Model.OSI Model and TCP/IP Model.
OSI Model and TCP/IP Model.
 
Analysis of threats and security issues evaluation in mobile P2P networks
Analysis of threats and security issues evaluation in mobile P2P networks Analysis of threats and security issues evaluation in mobile P2P networks
Analysis of threats and security issues evaluation in mobile P2P networks
 
Network Advantages And Disadvantages
Network Advantages And DisadvantagesNetwork Advantages And Disadvantages
Network Advantages And Disadvantages
 
Osi model and tcpip model.
Osi model and tcpip model.Osi model and tcpip model.
Osi model and tcpip model.
 
Osi model
Osi modelOsi model
Osi model
 
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...
Multi Owner Data Sharing & Outsourced Revocation Using Identity Based Encrypt...
 
Impact of Mobility for Qos Based Secure Manet
Impact of Mobility for Qos Based Secure Manet Impact of Mobility for Qos Based Secure Manet
Impact of Mobility for Qos Based Secure Manet
 
ISO layer
ISO layerISO layer
ISO layer
 
Osi model
Osi modelOsi model
Osi model
 
THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...
THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...
THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...
 
Distributed Semantic Search System (DSSS)
Distributed Semantic Search System (DSSS)Distributed Semantic Search System (DSSS)
Distributed Semantic Search System (DSSS)
 
ADAPTIVE
ADAPTIVEADAPTIVE
ADAPTIVE
 
Hy3313681373
Hy3313681373Hy3313681373
Hy3313681373
 
OSI and TCP/IP reference models in networking
OSI and TCP/IP reference models in networkingOSI and TCP/IP reference models in networking
OSI and TCP/IP reference models in networking
 
Towards secure cloud data management
Towards secure cloud data managementTowards secure cloud data management
Towards secure cloud data management
 
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation AnalysisA New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
 
Distributed Digital Artifacts on the Semantic Web
Distributed Digital Artifacts on the Semantic WebDistributed Digital Artifacts on the Semantic Web
Distributed Digital Artifacts on the Semantic Web
 
Running Head THE SEVEN LAYER MODEL OF OSIKao 1THE SEVEN LAYE.docx
Running Head THE SEVEN LAYER MODEL OF OSIKao 1THE SEVEN LAYE.docxRunning Head THE SEVEN LAYER MODEL OF OSIKao 1THE SEVEN LAYE.docx
Running Head THE SEVEN LAYER MODEL OF OSIKao 1THE SEVEN LAYE.docx
 

Recently uploaded

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 

Recently uploaded (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 

Anonymous ipsec wseas-1

  • 1. Nested Encryption Library for automated IPSec-based Anonymous Circuits Establishment Hervé AIACHE, Mattéo LAURIANO, Corinne SIEUX and Cédric TAVERNIER THALES Communications S.A. BP 82 – 160, boulevard de Valmy – 92 704 Colombes Cedex FRANCE {firstname.name}@fr.thalesgroup.com Abstract: Nowadays, security and privacy are becoming two of the most critical issues for current and future generation of communications systems. Since the 80’s, many efficient systems aiming at ensuring flows anonymity, mainly derived from the so-called Chaum’s Mix networks. However, these solutions suffer from a lack of integration with standardized IP approaches and therefore missed a wide adoption by the general public. This paper proposes an anonymous circuit establishment scheme derived from the powerful Mix concept and inheriting from the IPSec Framework. This solution has been implemented and experimented over a real testbed in view to analyze its impacts on multimedia flows end-to-end transmission. Key-Words: Anonymous routing, Privacy, TFC, IPSec, Chaum’s Mix. 1 Introduction security solutions requires today to protect enhanced Nowadays, security and privacy are becoming two of personal information in view to not be disclose to the most critical issues for current and future generation unauthorized part, which could passively collect them of communications systems, as illustrated by the huge for undesired, and illegal, purposes. number of attacks identified and numbered day-by-day Since the 80’s, many efficient systems (e.g. [4], [5], over the Internet. In fact, a lot of the services providers [3]) aiming at ensuring users’ communications flows of the new economy are requesting (and in most cases, anonymity have been proposed to solve users’ privacy collecting) personal information in order to access to and requirements and are mainly derived from the so-called to exploit attractive context aware and customized Chaum’s Mix concept [4]. However, these solutions, services (e.g. digital stores, location services or bank mainly using proprietary anonymized content delivery access). In this context, general users are required to give services, suffer of a lack of integration with standardized up to the providers, their personal information such as IP approaches. This explains for part that they have not identity, bank account, location, preferences and so on. really been widely adopted by the general public. Therefore, attackers that only observe a network can acquire easily sensitive private information about users, Therefore, this paper presents an anonymous circuit which are not classically protected by information establishment scheme derived from the powerful Mix security techniques. concept and inheriting from the IPSec Framework. This paper is structured in three main sections: the section II Moreover, even security problems of IT systems (i.e. details, for the first time, a functional view describing integrity, authentication, confidentiality and non- most of the proposed anonymous routing solutions (e.g. repudiation) can be solved using encryptions, hash and [Tarzan[5], Mix[4], OR[6], TOR[3], Morphix[8]...), the MAC functions, these solutions are not really suited to section III details the Mix-like solution based on nested solve privacy issues. In fact, private information IPSec tunnels, the section IV reports results obtained protection requires others techniques that enable to from real experiments analyzing the impacts of masquerade traffic source and destination, traffic paths cryptographic algorithms on multimedia flows end-to- and the type of traffic the users generate. Basically, end transmission. encryption techniques allow hiding “what users are sending” but not “who is sending”, “who is receiving”, 2 Functional view of anonymous routing “where the users are”, “what the paths inside the network approaches are” and “what the types of traffic are”. This means that Two main groups of privacy solutions exist : the privacy protection is not only related to the protection of peer to peer and the onion routing architecture which are the content that the users are sending but also to their mainly based on a node mix approach, but developed on behaviors (and the associated traffic or routing distributed and dynamic environment for the first one information) on the network. In this way, privacy and (Tarzan, Crowds[7], MorphMix) and more centralized
  • 2. and fixed for the others one (Chaum’s mix net, most cases a particular topology construction algorithm mixMasater, Mixonion, Web-Mixes, TOR). The (e.g. CHORD, CAN or Gossip for P2P) in view to better functional analysis of these various existing anonymous control the infrastructure. At last, mainly associated to systems approaches shows that most of the fundamental the anonymous infrastructure topology functions a anonymous routing solutions mainly rely on four main particular anonymous paths selection strategy is components and one building block defining specific implemented in view to choose the MIX-peers transmission policies. composing a given anonymous path, when applications requests it for anonymity service access. 2.2 Anonymous Routing Topology Knowledge Management This building block integrates all the information structures (e.g. tables, databases) that are needed to know how the anonymous infrastructure is structured and what is the related cryptographic material (mainly public keys). The table are initiated and filled during the MIX-peers discovery phase and updated by anonymous routing protocol/procedures. All these information will be used afterward to setup anonymous connections, as it will be described later. 2.3 Traffic Flows Confidentiality This building block enables auto- configurable operations in order to masquerade traffic flows characteristics. It mainly relies on two specific sub-functionalities: modifications of the packet (i.e. padding and timing operations), and management of dummy packets. Fig. 1. Functional modelling of anonymous routing approaches. It solves the problems of “correlation” and “timing” attacks. In most of the proposed approaches, Two components (sections 2.1 and 2.2) are more these kind of problems would be solved by the definition linked to the routing schemes (node discovery, topology of a particular Traffic Flows Confidentiality (TFC) establishment, trust validation) and the three others algorithm. (sections 2.3 to 2.5) more linked to the forwarding plane. All these build blocks are illustrated in Figure 1 2.4 Anonymous Paths Management and are described in the following. This building block commonly instantiates a pure or a variant of the well-known Chaum’s MIX approach 2.1 Anonymous Routing Infrastructure (such as [4]) in order to protect the identities of the Topology Maintenance sender and/or the receiver (i.e. the MIX-peers identifiers This building block groups all the functions or addresses). Mainly, this basic functionality aims at required to manage the MIX-peers access/leave inside setting up an anonymous path based on the request the anonymous infrastructure, to exchange information issued by a specific MIX-peers set selection strategy on the MIX-peers in view to maintain the topology of (specified by the anonymous routing scheme). It usually the anonymous network. Note that, depending on the sends a so-called onion-like signaling message (e.g. anonymous routing approach, these operations can TOR[3], [6]) to pine the anonymous paths within the operated statically based on procedures (or particular anonymous overlay infrastructure (through a specific refresh based on a central server – e.g. TOR[3])or format depending of the solution). Moreover, the dynamically, such as in [2, 5], relying on specific peer- management of the anonymous paths is articulated to-peer protocols. around a particular management of circuit identifiers and The set of functions implementing the anonymous is commonly and based on a particular nested encryption routing infrastructure topology maintenance defines in
  • 3. strategy (i.e. successive layers of encryption), which is in node considered. In fact, a Mix-node can initiate the most cases elaborated through symmetric cryptography setup (or the removal) of an anonymous circuit (i.e. by algorithms. being the source node or acting for it) or a Mix-node can be an intermediary Mix-node of the selected anonymous 2.5 Anonymous Forwarding Rules path and, in this case, has to contribute to the This set of rules groups a set of policies necessary establishment (or to the local removal) of the anonymous at the transmission level to guarantee communication connection. flows anonymity. This is required since the other Therefore, this distinction is important to better functional components cannot masquerade all the information necessary to ensure properly the forwarding operation (e.g. MIX-peers identifiers or addresses change). Another usage of these forwarding rules can be also interesting to remove previously stored information on the communication flows and which are commonly recorded for optimization in current legacy communication stack (e.g. last IP headers). Figure 3. Software architecture of the APM module. 3 Design and Implementation understand how the APM software component After fifteen years of efficient research and (illustrated by the Figure 3) will act to implement these developments, the powerful obtained approaches have two different operations. In the case of an anonymous not really been integrated into Internet infrastructures. path setup, the Mix-node will have to generate all the This is mainly due to the fact that solutions have not necessary cryptographic material to establish the path, been built around standardized IP related security when in the case of an onion-like signaling message standards[1]. Therefore, to fill this gap, this paper reception, it will have to enforce the corresponding specifies and designs a nested encryption circuit IPSec tunnel configuration and to forward the peeled establishment natively inscribed in the IPSec framework onion to the selected next Mix-node. These two different and a software library to easily implement anonymous phases are explained in the following sections. The use routing over IPSec. This solution answers to the passive of standardized and widely implemented solutions is attacks by traffic analysis and avoid source/destination recommended because they allow a simpler linkability. The solutions refers to the function block implementation and integration with the existing Anonymous Path Management (APM) of the functional network infrastructures. Furthermore, the use of existing approach. This approach complements the IETF RFC solutions is the best approach because their weakness 4303 that proposes the possible anonymisation of the and flaws are tested and well known so the problem is traffic by de-correlating the traffic useful for timing reduced to find a solution in order to solve these attack (Traffic Flow Confidentiality). An example of the systems’ vulnerabilities and to adapt them to allow the solution illustrating the tunnelling technique is shown untraceability and unobservability of traffic flows. below in Figure 2. 3.2 Operations overview 3.2.1 Setup operation of an anonymous path After receiving a request for anonymity issued by an application, the Anonymous Paths Selection Strategy Algorithm asks for the enforcement of the elected Figure 2. Nested TunnellingTechnique. anonymous circuit formed by several Mix-nodes, by calling the functions apsm_anonymous_connection() of the Anonymous Paths Signalling Manager. The IP 3.1 Software design addresses of the selected Mix-nodes composing the The management of anonymous paths performed anonymous circuit are provided as input parameters of by the APM component can be decomposed into two this function. Note that the order of the IP addresses is distinct operations depending on the position of the Mix- important since the anonymous connection will be
  • 4. established by contacting one by one each of the function nitcm_request_ipsec_info(). Note that the corresponding Mix-nodes in the same order. onion-like information data (i.e. the not encrypted one) Then, the Anonymous Paths Signalling Manager is given as input parameter of this function. The demands the generation of several SPIs depending on the Anonymous Connections Information Manager creates a number of Mix-nodes new soft-state for this involved in the anonymous anonymous circuit connection, by calling the demand, which is stored function internally. Then the nitcm_generate_spi() Anonymous of the Security Parameter Connections Indexes Generator. After Information Manager this operation, the enforces the Anonymous Paths corresponding nested Signalling Manager IPSec tunnels requires the generation the configuration by calling appropriate onion-like Figure 4. APM software components interactions to setup an anonymous path. the function signalling message: this is done by calling the function nitcm_ipsec_translator() of the IPSec Configuration nesm_construct_onion() of the Nested-Encryption Translator. Signalling Message Manager. The list of the Mix-nodes Once the corresponding IPSec configuration has IP addresses and the previously generated set of SPIs are been enforced, the Anonymous Paths Signalling given as input parameters of this function. Manager sends the onion-like signalling message (the In view to generate the onion-like signalling encrypted one) to the first Mix-node, by calling the message, the Nested Encryption Signalling Message function apsm_send_onion_msg() of the Nested Manager retrieves first the public keys (and the Encryption associated cryptographic Signalling Message algorithms to be used), Handler. corresponding to the list of The Figure 4 Mix-nodes, by calling the illustrates how and function in which order the mtt_lookup_public_key() (and the function APM software mtt_lookup_crypto_info()) components of the Mix-nodes Topology interacts among Table. Then, the Nested each other to send Encryption Signalling the onion-like Message Manager demands signalling message Figure 5. Treatment of an anonymous path signalling message by the APM in view to setup an the generation of a set of software components. symmetric cryptographic keys anonymous path. (that will be distributed to the set of Mix-nodes), by calling the function nesm_generate_sym_key() of the 3.2.2 Treatment of an anonymous path Symmetric Cryptographic Key Generator. At this stage, signaling message all the necessary cryptographic materials and information are known: the Nested Encryption When an anonymous paths signalling message is Signalling Message Manager is now able to construct received by the APM daemon, it arrives inside the the onion-like signalling message. This operation is Nested Encryption Signalling Message Handler and is performed by calling appropriately the function passed the Anonymous Paths Signalling Manager thanks nesm_encrypt_data() offered by the Cryptographic to the handler called apsm_receive_onion_msg(). Algorithms and Operations block. Then, the onion-like Once received, the Anonymous Paths Signalling signalling message and its homologue data (i.e. the same Manager peels a first layer of encryption of the onion- information but not encrypted) are then returned to the like signalling message by calling the function Anonymous Path Signalling Manager, as the result of the nesm_extract_onion_info() of the Nested Encryption previous call to the function nesm_construct_onion(). Signalling Message Manager. The Anonymous Path Signalling Manager informs Then the Nested Encryption Signalling Message then the Anonymous Connections Information Manager Manager extracts the required cryptographic materials of this new anonymous circuit demand by calling the and information thanks to the function of the nesm_decrypt_data() offered by the Cryptographic
  • 5. Algorithms and Operations block, using the private key of the Mix-node. After the performed decryption operations, the Nested Encryption Signalling Message Manager is able to separate the information related to the requested IPSec tunnel configuration (the symmetric cryptographic key to be used, the SPIs and the next Mix- node in the anonymous path) from the following of the onion-like signalling message that is made up of the other nodes’ information (and encrypted with their public keys – so it is unable to decrypt). The extracted IPSec tunnel configuration and the IP Figure 6. APM experimental platform. address of the next Mix-node are returned to the Five configurations were used: without tunnels, Anonymous Paths Signalling Manager, as the result of with one, two, three and four tunnels. Two different the previous call to the function encryption algorithm were used: 3DES CBC and nesm_extract_onion_info(). Note also that after the Rijndael CBC with its three different key sizes, i.e. 128, call to this function the onion-like signalling message, 192 and 256 bits. For each configuration measures have given as input parameter, has been peeled of its first been done for packet size of 64, 128, 256, 512, 1024, layer of encryption and, in this way is ready to be sent to 2048 and 4096 bytes. the next Mix-node. At this stage, the Anonymous Paths In this section the measurements results are Signalling Manager demands then to the Anonymous presented. In order to simplify the presentation two Connections Information Manager to enforce this new subsections are defined. The first one is about ICMP anonymous circuit establishment request by calling the measures; the second one is about UDP. function nitcm_request_ipsec_info(). As previously, the Anonymous Connections Information Manager creates and stores a new soft-state for this anonymous 4.1 ICMP measurements connection. And asks the IPSec Configuration Manager to enforce the corresponding IPSec tunnels configuration The Round Trip Time (RTT) depending on packets by calling the function nitcm_ipsec_translator(). size for a fixed encryption algorithm is presented. In Once informed of the IPSec configuration each figure there are five curves; four of them represent enforcement, the Anonymous Paths Signalling Manager the four configurations previously presented, the last sends the peeled onion-like signalling message to the one represents the case in which any tunnel is set up (the next Mix-node, by calling the function reference case). apsm_send_onion_msg() of the Nested Encryption ICMP - 3DES Signalling Message Handler. 20,000 18,000 The Figure 5 illustrates all these steps entering in 16,000 14,000 the treatment of an anonymous paths signalling message. 1 Tunnel 12,000 RTT (ms) 2 Tunnels 10,000 3 Tunnels 4 Experimentations 8,000 4 Tunnels Without Tunnels 6,000 This section describes the environment in which 4,000 measurements have been done. The APM platform has 2,000 been exploited in order to collect data. The platform is 0,000 composed by five computers, as shown in Figure 6. 64 128 256 512 1024 2048 4096 Packet Size (bytes) The five computers run Linux 2.6 and are connected in a chain. In this way four switched networks Figure 7. RTT vs. Packet Size using 3DES are defined. Three of them supports 100 Mbps, the Generally, the 3DES algorithm presents bad fourth is 10 Mbps. performances as shown in Figure 7; if packet size is not too large, i.e. minor or equal to 256 bytes, there are not The aim is to demonstrate if it possible to have great differences in the RTT between the configuration secure communications for near real-time traffic and with one and two tunnels. Relevant differences appears real-time traffic. for packet size of 1024 bytes. In this case the four tunnels configuration presents a RTT of 50% higher than the case without tunnels.
  • 6. ICMP - Rijndael 128 figure, different curves are available, the parameter is 18,000 packet size. The knowledge of the jitter is interesting 16,000 because high value or variation of this value can 14,000 determine the difficulties to transmit real-time services. 12,000 1 Tunnel UDP Jitter - 3DES CBC RTT (ms) 10,000 2 Tunnels 3 Tunnels 1,6 8,000 4 Tunnels 6,000 Without tunnels 1,4 4,000 1,2 64 bytes 2,000 128 bytes 1 Jitter (ms) 0,000 256 bytes 64 128 256 512 1024 2048 4096 0,8 512 bytes c Packet Size (bytes) 1024 bytes 0,6 2048 bytes Figure 8. RTT vs. Packet Size using Rijndael 128. 0,4 4096 bytes 0,2 ICMP - Rijndael 192 0 T0 T1 T2 T3 T4 18,000 AP Length (tunnel) 16,000 14,000 Figure 11. Jitter vs. Anonymous Path Length using 3DES. 12,000 1 Tunnel Figure 11 shows jitter measured when 3DES RTT (ms) 10,000 2 Tunnels 8,000 3 Tunnels algorithm is used. In this case 3DES is not the worst 4 Tunnels 6,000 Without Tunnels algorithm but a similar behaviour is observed with the 4,000 other algorithm. Packets of 128, 256 and 512 bytes have 2,000 the best behaviour because they are approximately 0,000 constants when the number of tunnels changes. 64 128 256 512 1024 2048 4096 Packet Size (bytes) UDP Jitter - Rijndael CBC 128 Figure 9. RTT vs. Packet Size using Rijndael 192. 1,6 1,4 ICMP - Rijndael 256 1,2 64 bytes 128 bytes 1 Jitter (ms) 18 256 bytes 0,8 512 bytes 16 1024 bytes 14 0,6 1 Tunnel 2048 bytes 12 RTT (ms) 2 Tunnels 0,4 4096 bytes 10 3 Tunnels 0,2 8 4 Tunnels 6 0 4 Without Tunnels T0 T1 T2 T3 T4 AP Length (tunnel) 2 0 Figure 12: Jitter vs. Anonymous Path Length using Rijndael 128 64 128 256 512 1024 2048 4096 Packet size (bytes) UDP Jitter - Rijndael CBC 192 Figure 10: RTT vs. Packet Size using Rijndael 256 1,4 Figure 8, Figure 9 and Figure 10 present the RTT 1,2 using the Rijndael algorithm with, respectively, 128, 192 1 64 bytes 128 bytes and 256 bits keys. It is important to underline that Jitter (ms) 0,8 256 bytes between these curves there are not big differences. 0,6 512 bytes 1024 bytes Rijndael 128 is faster but differences are less than 0.3 2048 bytes 0,4 4096 bytes ms. This is an interesting result because it means that it 0,2 is possible to increment the security of a transmission by the use of the longer key with a good level of 0 T0 T1 T2 T3 T4 performances. If packet size are not large, i.e. equal or AP Length (tunnel) greater than 1024 bytes, good values are reached. Figure 13: Jitter vs. Anonymous Path Length using Rijndael 192 4.2 UDP measurements This subsection discuss UDP jitter measures. These measures are evaluated for a fixed encryption algorithm and let’s varying nested tunnels numbers. For each
  • 7. UDP Jitter - Rijndael CBC 256 multiple routes are used and, in this way, the global 1,6 performance would be increased, keeping in the same 1,4 time a given privacy protection level. In other words, 1,2 such a technique would improve the end-to-end 64 bytes 1 128 bytes performances due to the minor number of Jitter (ms) 0,8 256 bytes 512 bytes encryption/decryption operations calls. 0,6 1024 bytes In addition to efforts around the improvements of 2048 bytes 0,4 4096 bytes the solution, we plan to conduct work on performance 0,2 measurements with audio/video streaming components. 0 T0 T1 T2 AP Length (tunnel) T3 T4 6 Acknowledgements We would like to acknowledge our partners from Figure 14: Jitter vs. Anonymous Path Length using Rijndael 256 the DISCREET project with whom we have worked on The same conduct can be observed in Figure 12, interactions between the Anonymous Paths Management Figure 13 and Figure 14. Packets of 512 bytes have the and Traffic Flows Confidentiality components. The best performance; if 3DES or Rijndael 128 are used, DISCREET project was funded in part by the European they are the most regulars. In each case 64 bytes packets Commission's Information Society Technology 6th reach high value when three and four nested tunnels are Framework Programme. It started in December 2005 and established. 1024, 2048 and 4096 bytes packets are will end in February 2008. For more information visit irregular. Generally, firstly they increase and then the the project web site http://www.ist-discreet.org/. decrease the jitter values when tunnels number increases. The higher values are reached by packets of 1024 bytes References: when Rijndael is used and does not depend on the key [1] S. Kent. IP Encapsulating Security Payload (ESP). length. IETF RFC 4303. December 2005. [2] M. J. Freedman, R. Morris, “Tarzan: A Peer-to-Peer 5 Conclusion and future works Anonymizing Network Layer”, Proceedings of the 9th This paper addressed and presented the critical ACM Conference on Computer and Communications main issues that IP networks have to face today: security Security (CCS 2002), 2002. and privacy protection. First, this paper extracted a [3] R. Dingledine, N. Mathewson, P. Syverson, “TOR: functional modelling that applies to most of the The Second-Generation Onion Router”, Proceedings anonymous routing solutions proposed in the literature. of 13th Usenix Security Simposyum , August 2004. Then, a Mix-like scheme based on a nested IPSec [4] D. Chaum. Untraceable Electronic Mail, Return tunnelling technique has been proposed in view to Addresses, and Digital Pseudonyms. ensure IP flows untraceability and unobservability. The Communications of the ACM, Vol. 24 Number 2, particularity of the approach consist mainly in the Feb. 1981. management of anonymous circuits inside the [5] M. J. Freedman, E. Sit, J. Cates, R. Morris. standardized IPSec framework. Such a standardized Introducing Tarzan, a Peer-to-Peer Anonymizing environment constitutes one of the main constraints to Network Layer. Proceedings of the 1st International the large scale deployment and the wide adoption of Workshop on Peer-to-Peer Systems (IPTPS02). current anonymous routing systems. 2002. Moreover, the proposed solution has been [6] D. M. Goldschlag, M. G. Reed, P. F. Syverson. implemented and tested over a real experimental Hiding Routing Information. Workshop on platform in view to characterise its impacts on Information Hiding, Cambridge, UK. May 1996. multimedia flows (i.e. RTT and jitter) in function of the [7] M. K. Reiter, A. D. Rubin. Crowds: Anonymity for cryptosystem involved and depending of the anonymous web transactions. ACM TISSEC, 1(1), June 1998. circuit length. [8] M. Rennhard, B. Plattner. Introducing MorphMix: Future work along these lines would include the Peer-to-Peer based Anonymous Internet Usage with performance improvements of the solution based on the Collusion Detection. 2002. implementation and tests of particular “Message Splitting” technique strategies. In this way, the IP packets sent by a given source would be transmitted to the same destination using different routes to make harder most of passive attacks. In this case, the number of tunnels used for a given path could be decreased if