Privacy-Preserving P2P Data Sharing with OneSwarm

Download Report

Transcript Privacy-Preserving P2P Data Sharing with OneSwarm

Privacy-Preserving P2P Data Sharing
with OneSwarm
-Piggy
Outline
•
•
•
•
•
•
Overview
Related Works
Data Sharing with OneSwarm
Protocol Design
Security Analysis
Evaluation
Overview
• P2P file sharing is efficient and common
• Most P2P application allow third parties to
monitor users behaviour
• Privacy
-the protection of information from
unauthorized disclosure
• Attackers can get some privacy information by
observing user behaviour
ex: using BitTorrent to download security
patch
Related Works
• BitTorrent
A common P2P file sharing protocol with high
efficiency but without privacy protection
• Tor
Uses onion routing techniques to anonymize
request via a set of relay nodes
• Freenet
Uses an anonymous P2P publishing system
Data Sharing with OneSwarm
• An exmaple
Data Sharing with OneSwarm
• Public distribution
• Everyone in the network can download file freely
• All data need not be private
• Serves as a fully backwards compatible BitTorrent
client
Data Sharing with OneSwarm
• With permission
• Only users with permission can download files
• Uses persistent identities to define per-file
permission
• Allows all permitted users to recognize one
another and engage in swarming downlod
Data Sharing with OneSwarm
• Without attribution
• Depends on obscuring attribution of source
and/or destination
• Instead of directly advertise data, it uses privacypreserving keyword search
• Data is relayed through unknown number of
intermediaries
• Apprpriate for sensitive material
Protocol Design
• Two major tasks
• Defining and maintaining the overlay topology
• Locating and transferring data objects
• Topology
• Define overlay links by exchanging public keys
• Peers are either trusted or untrusted
Protocol Design
• Transport
• The mesh defined by the web of trust among users is
ued to locate and transfer data
• Inspired by existing P2P swarming systems e.g.,
BitTorrent
• Restrics direct communication to a small number of
persistent contacts
• Locates distant data source by flooding through the
overlay
• Data transfers occur over the reverse search path
• Obscuring the identities of sender and receiver when
sharing data without attribution
Protocol Design
• Linking Peers with Trust relationships
• 1024 bit RSA public/private key pair, public key
serves as its identity (persistent) among its peers
• Key exchange
• Discover and exchange over local area network
• Piggy-back on existing social network e.g., Google Talk
• By email invitations
Protocol Design
• Managing Groups and Trusted Peers
• Private Community Server
• Maintains a list of registered users
• Provides authorized subscibers with a current set of
public keys
• Public Community Server
• Allows new users to easily obtain a set of untrusted
peers
Protocol Design
• Identity and Connectivity
• Long-term identities are linked to transient IP and
port number via DHT
• DHT entries are encrypted with public key
• ID->{IP, Port}
• Various key exchange + DHT => overlay mesh
Protocol Design
• Naming and Locating Data
• Between connected peers => exchange file list
• Naming
• 160 bit SHA-1 hash of name and content
• Low order 6 bit => file ID in search message
• Congestion Aware Search
• Tradeoff between overhead and performance
• Shortest path
• Management of propagation of searches
Protocol Design
• Naming and Locating Data
• Congestion Aware Search
• Search message don’t have time-to-live
• Maintaining a set of rotating Bloom filter and forward
search message if the forwarder had idle cpacity and
hasnot yet forwrded it
• Forward to untrusted peer probabilistically
• Delay 150ms before forwarding
• Terminate with search cancel message
Protocol Design
• Naming and Locating Data
• Path Setup
• Search message matched => search reply (delayed)
• Search identifier
• Path identifier
Protocol Design
• Swarming Data Transfer
• Keep alive message refresh path
• Tunnels BitTorrent traffic through overlay paths
• Dicover new path by periodically flooding search
message
• Enhance load balance and efficiency
Protocol Design
• Incentives
• Client maintain tansfer statistics for each peer
• Retain tic-for-tac in BitTorrent
• Contention => weight decided by ratio of
contribution and net consumption
• Forwarding is sum to 0
Security Analysis
• Goal
• Improve privacy by allowing users to control
information disclosure
• Resistent to the disclosure of user behaviour to an
attacker with control over a limited # of overlay
nodes
Security Analysis
• Attacks and Defenses
• Persistent peering relationship limit monitoring
power
• Heterogeneity of trust relationship foils timing
attacks
• Lack of source routing limits correlation attacks
• Constrained reandomness frustrates statistical
attacks
• Network dynamics limit value of historical data
Security Analysis
• Timming Attacks
Security Analysis
• Collusion Attacks
Evaluation
• Overlay structure
Evaluation
• Multiple-path Transfer
Evaluation
• Comparison with existing systems
Evaluation
• Overhead
Evaluation
• Utilization
Conclusion
• Strength
• Data collected from real world
• Weakness
• Not well organized