Transcript Privacy-Preserving P2P Data Sharing with OneSwarm

Privacy-Preserving P2P Data Sharing
with OneSwarm
Authors:
Tomas Isdal, Michael Piatek,
Arvind Krishnamurthy, Thomas Anderson
Published In: ACM SIGCOMM, September 2010
Presented By: Muhammad` Faisal Amjad
Acknowledgement
Sources of figures / graphs / tables:
• The paper being presented
• http://oneswarm.cs.washington.edu/
• http://www.bittorrent.com/
Outline
•
•
•
•
•
•
•
•
Introduction to P2P file sharing
The Issue of Privacy in P2P file sharing
Overview of OneSwarm file sharing System
OneSwarm Protocol Design
Security Analysis
Contributions
Weaknesses
Suggested Improvements
Introduction to P2P file sharing
Download from a single Source
Introduction to P2P file sharing
Multiple Computers download the same file from a single Source
Introduction to P2P file sharing
Torrent File
Every Computer becomes part of a network of sources of the same file
Introduction to P2P file sharing
From where to get different pieces of the file ?
Introduction to P2P file sharing
A “Tracker” gives info about various sources called “Peers”, for the file
Privacy ???
The Issue of Privacy in P2P file sharing
• Protocols like BitTorrent offer high performance and
robustness but participants can easily be monitored by
anyone who cares
• Anonymization networks e.g. Tor and FreeNet offer privacy
but at the cost of performance
• Available P2P file sharing systems offer an un-attractive
choice between privacy and performance
OneSwarm File Sharing System
Overview
• Central to the design is the notion of “flexible privacy” and
“friend-to-friend sharing”.
• Instead of relying only on a directory service such as a
“Tracker” to discover peers, OneSwarm builds trusted links
through social network peers
• Users are free to control the tradeoff between performance
and privacy by managing the level of trust in peers.
Overview of OneSwarm file sharing System - Search
Searching for a file through a chain of friends OR Peers
Overview of OneSwarm file sharing System - Response
File is sent on the reverse path
Overview of OneSwarm file sharing System - Anonymity
Receiver’s perspective of the source of file
Overview of OneSwarm file sharing System - Anonymity
Sender’s perspective of the destination of file
Protocol Design
OneSwarm protocol supports two tasks:
• Defining and maintaining the overlay topology
• Locating and transferring data objects
Protocol Design - Tasks
1) Defining and maintaining the overlay topology
• Bootstrapping the mesh network: Exchange of encryption
keys
• Social Network Import – Email, Social NW or LAN
• Community Servers
• Manually
• Name resolution: Distributed Hash Table is maintained by
every user serves as the name resolution service.
Contains encrypted IDs and their mapping for IP / Port
Protocol Design - Tasks
2) Locating and transferring data objects
• Congestion-aware Search: Controlled flooding of search queries
to locate data and construct forwarding paths without overwhelming
the network or exposing endpoints.
• Swarming Data Transport: Data is split into blocks, with active
downloaders redistributing completed blocks. Transfers use multiple
paths and multiple sources, if available.
• Long Term History: Each client maintains transfer volumes for
each peer, using these to prioritize service during periods of
congestion.
So… How does OneSwarm Provide Privacy
Privacy Levels provided by OneSwarm
• Public Distribution – Same as BitTorrent*
• Without Attribution
• Multi-hop (chain of friends) instead of direct P2P transfer
• Changing source + destination IP addresses & Ports at
every hop
• With Permission – Peer identities and resource names are
shared only through Public/Private key combinations
*All OneSwarm transfers are encrypted
Privacy Levels provided by OneSwarm
Security Analysis – Attacks & Defenses
• Timing Attack – Search queries and responses are forwarded after
adding a random delay to inhibit calculation of RTT to infer proximity
• Correlation Attack – Peers have limited view of the overlay and
cannot control path setup beyond directly connected neighbors. Attackers
could use this to correlate performance with ongoing transfers
• Collusion Attack - Search queries and responses are forwarded
probabilistically, making it very hard for directly connected colluding
peers to infer source of data or monitor habits
Performance Evaluation
• File Size – 20 MB
• 120 PlanetLab machines
• To limit overhead, Tor was modified to create 10 new paths every 10 seconds
instead of every 10 minutes
Contributions
• A new system that provides flexibility for the user to manage
the level of privacy for file sharing
• Incorporation of social network for building p2p file sharing
network
Weaknesses
• Evaluation of Protocol in “Privacy-Preserving” modes
• No details are provided regarding the implementation /
functioning of community servers
• Manual bootstrapping of mesh topology has not been
explained
Improvements
• Capability to import friends from other social networks
Questions