Abstract
MorphMix is a peer-to-peer circuit-based mix network designed to provide low-latency anonymous communication. MorphMix nodes incrementally construct anonymous communication tunnels based on recommendations from other nodes in the system; this P2P approach allows it to scale to millions of users. However, by allowing unknown peers to aid in tunnel construction, MorphMix is vulnerable to colluding attackers that only offer other attacking nodes in their recommendations. To avoid building corrupt tunnels, MorphMix employs a collusion detection mechanism to identify this type of misbehavior. In this paper, we challenge the assumptions of the collusion detection mechanism and demonstrate that colluding adversaries can compromise a significant fraction of all anonymous tunnels, and in some cases, a majority of all tunnels built. Our results suggest that mechanisms based solely on a node’s local knowledge of the network are not sufficient to solve the difficult problem of detecting colluding adversarial behavior in a P2P system and that more sophisticated schemes may be needed.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
eDonkey File Sharing System (2003)
Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A System for Anonymous and Unobservable Internet Access. In: Workshop on Design Issues in Anonymity and Unobservability, pp. 115–129 (2000)
Bhagwan, R., Savage, S., Voelker, G.: Understanding Availability. In: 2nd International Workshop on Peer-to-Peer Systems (2003)
Chaum, D.: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM 24(2), 84–88 (1981)
Cornelli, F., Damiani, E., De Capitani diVimercati, S., Paraboschi, S., Samarati, P.: Choosing Reputable Servents in a P2P Network. In: WWW, pp. 376–386 (2002)
Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a Type III Anonymous Remailer Protocol. In: Proceedings of the 2003 Symposium on Security and Privacy, pp. 2–15. IEEE Computer Society, Los Alamitos (2003)
Daswani, N., Garcia-Molina, H.: Pong-cache poisoning in GUESS. In: 11th ACM Conference on Computer and Communications Security (2004)
Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: The Second-Generation Onion Router. In: USENIX Security Symposium, pp. 303–320 (2004)
Douceur: The Sybil Attack. In: International Workshop on Peer-to-Peer Systems (IPTPS). LNCS, vol. 1, Springer, Heidelberg (1973)
Freedman, Morris: Tarzan: A Peer-to-Peer Anonymizing Network Layer. In: SIGSAC: 9th ACM Conference on Computer and Communications Security. ACM SIGSAC (2002)
Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The Eigentrust Algorithm for Reputation Management in P2P Networks. In: WWW, pp. 640–651 (2003)
Levine, B.N., Shields, C.: Hordes: a Multicast-Based Protocol for Anonymity. Journal of Computer Security 10(3), 213–240 (2002)
Murdoch, S.J., Danezis, G.: Low-Cost Traffic Analysis of Tor. In: IEEE Symposium on Security and Privacy, pp. 183–195 (2005)
Newsome, J., Shi, E., Song, D., Perrig, A.: The Sybil Attack in Sensor Networks: Analysis & Defenses. In: Proceedings of the Third International Symposium on Information Processing in Sensor Networks (IPSN 2004), April 26–27, pp. 259–268. ACM Press, New York (2004)
Page, L., Brin, S., Motwani, R., Winograd, T.: The PageRank Citation Ranking: Bringing Order to the Web. Technical Report SIDL-WP-1999-0120, Stanford University (November 1999)
Reiter, Rubin: Crowds: Anonymity for Web Transactions. ACMTISS: ACM Transactions on Information and System Security 1 (1998)
Rennhard, M., Plattner, B.: Practical Anonymity for the Masses with MorphMix. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 233–250. Springer, Heidelberg (2004)
Rennhard, M.: PhD thesis, Swiss Federal Institute of Technology Zurich
Rennhard, M.: MorphMix prototype v0.1 (2004)
Rennhard, M., Plattner, B.: Introducing MorphMix: Peer-to-Peer Based Anonymous Internet Usage with Collusion Detection. In: WPES, pp. 91–102 (2002)
Walsh, K., Sirer, E.G.: Fighting Peer-to-Peer SPAM and Decoys with Object Reputation. In: Proceedings of the Third Workshop on the Economics of Peer-to-Peer Systems (P2PECON) (2005)
Zhang, Goel, Govindan, Mason, Van Roy: Making Eigenvector-Based Reputation Systems Robust to Collusion. In: Optimization Techniques 1973. LNCS, vol. 3, Springer, Heidelberg (1973)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tabriz, P., Borisov, N. (2006). Breaking the Collusion Detection Mechanism of MorphMix. In: Danezis, G., Golle, P. (eds) Privacy Enhancing Technologies. PET 2006. Lecture Notes in Computer Science, vol 4258. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11957454_21
Download citation
DOI: https://doi.org/10.1007/11957454_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68790-0
Online ISBN: 978-3-540-68793-1
eBook Packages: Computer ScienceComputer Science (R0)