Privacy-Preserving P2P Data Sharing with OneSwarm

-Piggy

Outline

• Overview• Related Works• Data Sharing with OneSwarm• Protocol Design• Security Analysis• Evaluation

Overview

• P2P file sharing is efficient and common• Most P2P application allow third parties to

monitor users behaviour• Privacy

-the protection of information from unauthorized disclosure

• Attackers can get some privacy information by observing user behaviourex: using BitTorrent to download security patch

Related Works

• BitTorrentA common P2P file sharing protocol with high efficiency but without privacy protection

• TorUses onion routing techniques to anonymize request via a set of relay nodes

• FreenetUses an anonymous P2P publishing system

Data Sharing with OneSwarm

• An exmaple

Data Sharing with OneSwarm

• Public distribution• Everyone in the network can download file freely• All data need not be private• Serves as a fully backwards compatible BitTorrent

client

Data Sharing with OneSwarm

• With permission• Only users with permission can download files• Uses persistent identities to define per-file

permission• Allows all permitted users to recognize one

another and engage in swarming downlod

Data Sharing with OneSwarm

• Without attribution• Depends on obscuring attribution of source

and/or destination• Instead of directly advertise data, it uses privacy-

preserving keyword search• Data is relayed through unknown number of

intermediaries• Apprpriate for sensitive material

Protocol Design

• Two major tasks• Defining and maintaining the overlay topology• Locating and transferring data objects

• Topology• Define overlay links by exchanging public keys• Peers are either trusted or untrusted

Protocol Design

• Transport• The mesh defined by the web of trust among users is ued to

locate and transfer data• Inspired by existing P2P swarming systems e.g., BitTorrent• Restrics direct communication to a small number of

persistent contacts• Locates distant data source by flooding through the overlay• Data transfers occur over the reverse search path• Obscuring the identities of sender and receiver when

sharing data without attribution

Protocol Design

• Linking Peers with Trust relationships• 1024 bit RSA public/private key pair, public key

serves as its identity (persistent) among its peers• Key exchange• Discover and exchange over local area network• Piggy-back on existing social network e.g., Google Talk• By email invitations

Protocol Design

• Managing Groups and Trusted Peers• Private Community Server• Maintains a list of registered users• Provides authorized subscibers with a current set of

public keys

• Public Community Server• Allows new users to easily obtain a set of untrusted

peers

Protocol Design

• Identity and Connectivity• Long-term identities are linked to transient IP and

port number via DHT• DHT entries are encrypted with public key• ID->{IP, Port}• Various key exchange + DHT => overlay mesh

Protocol Design

• Naming and Locating Data• Between connected peers => exchange file list• Naming• 160 bit SHA-1 hash of name and content• Low order 6 bit => file ID in search message

• Congestion Aware Search• Tradeoff between overhead and performance• Shortest path• Management of propagation of searches

Protocol Design

• Naming and Locating Data• Congestion Aware Search• Search message don’t have time-to-live• Maintaining a set of rotating Bloom filter and forward

search message if the forwarder had idle cpacity and hasnot yet forwrded it• Forward to untrusted peer probabilistically• Delay 150ms before forwarding• Terminate with search cancel message

Protocol Design

• Naming and Locating Data• Path Setup• Search message matched => search reply (delayed)• Search identifier• Path identifier

Protocol Design

• Swarming Data Transfer• Keep alive message refresh path• Tunnels BitTorrent traffic through overlay paths• Dicover new path by periodically flooding search

message• Enhance load balance and efficiency

Protocol Design

• Incentives• Client maintain tansfer statistics for each peer• Retain tic-for-tac in BitTorrent• Contention => weight decided by ratio of

contribution and net consumption• Forwarding is sum to 0

Security Analysis

• Goal• Improve privacy by allowing users to control

information disclosure• Resistent to the disclosure of user behaviour to an

attacker with control over a limited # of overlay nodes

Security Analysis

• Attacks and Defenses• Persistent peering relationship limit monitoring

power• Heterogeneity of trust relationship foils timing

attacks• Lack of source routing limits correlation attacks• Constrained reandomness frustrates statistical

attacks• Network dynamics limit value of historical data

Security Analysis

• Timming Attacks

Security Analysis

• Collusion Attacks

Evaluation

• Overlay structure

Evaluation

• Multiple-path Transfer

Evaluation

• Comparison with existing systems

Evaluation

• Overhead

Evaluation

• Utilization

Conclusion

• Strength• Data collected from real world

• Weakness• Not well organized