Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6–9, 2021, Proceedings, Part I

Research Article

GuardedGossip: Secure and Anonymous Node Discovery in Untrustworthy Networks

  • @INPROCEEDINGS{10.1007/978-3-030-90019-9_7,
        author={Andriy Panchenko and Asya Mitseva and Torsten Ziemann and Till Hering},
        title={GuardedGossip: Secure and Anonymous Node Discovery in Untrustworthy Networks},
        proceedings={Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6--9, 2021, Proceedings, Part I},
        proceedings_a={SECURECOMM},
        year={2021},
        month={11},
        keywords={Node lookup DHT Tor Onion routing Anonymity},
        doi={10.1007/978-3-030-90019-9_7}
    }
    
  • Andriy Panchenko
    Asya Mitseva
    Torsten Ziemann
    Till Hering
    Year: 2021
    GuardedGossip: Secure and Anonymous Node Discovery in Untrustworthy Networks
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-030-90019-9_7
Andriy Panchenko1, Asya Mitseva1, Torsten Ziemann1, Till Hering2
  • 1: Brandenburg University of Technology
  • 2: RWTH Aachen University

Abstract

Node discovery is a fundamental service for any overlay network. It is a particular challenge to provide unbiased discovery in untrustworthy environments, e.g., anonymization networks. Although a major line of research focused on solving this problem, proposed methods have been shown to be vulnerable either to active attacks or to leak routing information, both threatening the anonymity of users. In response, we propose GuardedGossip—a novel gossip-based node discovery protocol—that achieves an unbiased random node discovery in a fully-decentralized and highly-scalable fashion. It is built on top of a Chord distributed hash table (DHT) and relies on witness nodes and bound checks to resist active attacks. To limit routing information leakages, GuardedGossip uses gossiping to create uncertainty in the process of node discovery. By incorporating the principles of DHTs with the unstructured nature of gossiping in a subtle way, we profit from the strengths of both techniques while carefully mitigating their shortcomings. We show that GuardedGossip provides a sufficient level of security for users even if 20% of the participating nodes are malicious. Concurrently, our system scales gracefully and provides an adequate overhead for its security and privacy benefits.