ATTENTION/WARNING - NE PAS DÉPOSER ICI/DO NOT SUBMIT HERE

Ceci est la version de TEST de DIAL.mem. Veuillez ne pas soumettre votre mémoire sur ce site mais bien à l'URL suivante: 'https://thesis.dial.uclouvain.be'.
This is the TEST version of DIAL.mem. Please use the following URL to submit your master thesis: 'https://thesis.dial.uclouvain.be'.
 

Synchronous mix networks for anonymous web communication

de Wasseige, John
(2019)

Files

Dewasseige_52241300_2019.pdf
  • Open access
  • Adobe PDF
  • 4.23 MB
Download

Details

Supervisors
Pereira, Olivier ; Standaert, François-Xavier
Faculty
Ecole polytechnique de Louvain
Degree label
Master [120] : ingénieur civil en science des données
Abstract
As the amount of users' private data collected by companies and institutions is increasing, privacy has become an important issue. In particular, data from users' Internet activity often contain sensitive information such as their personal interests, health or financial situation, and are therefore a threat to the users' right to privacy. Furthermore, recent revelations of surveillance programs and of leakages or misuse of users' private data have raised the need and demand for anonymous web communication. As of today, Tor is the only widely deployed anonymity network used for web communications and provides privacy by routing the user's requests through network relays such that the actual web request is made by a computer different to the one used by the user himself. However, it has been shown that Tor is vulnerable to traffic confirmation by an attacker correlating the traffic coming in and going out of the network. Synchronous mix networks are another type of privacy-enhancing networks that provide stronger security than Tor by additionally forcing the relays along the messages path to wait a fixed amount of time before sending them as a batch. Even though synchronous mix networks guarantee stronger anonymity than Tor, their usage so far has been limited due to their increased latency overhead. In this thesis, the problem of using synchronous mix networks for web communication between users and high traffic websites with small sized requests is analysed. Current research generalizes web traffic and does not take into account how specific types of web traffic might have favourable properties for ensuring anonymity. Our objective is thus to assess whether focusing on high rate and small-sized traffic can render mix networks usable for web communication while providing better anonymity than Tor. Our contribution is fourfold. First, based on the literature of anonymity networks, a definition and metric of anonymity is proposed and realistic adversaries for web communication are also reviewed. Second, metrics describing the robustness and anonymity of mix networks are defined and evaluated according to their potential to improve state of the art systems. Third, a use case of mix networks for a popular search engine is conducted and the practicality of designing such a mix network is discussed, and a tool to scale and design such network optimally depending on available resources is implemented.Fourth, the Panoramix API, which aims to create and operate asynchronous mix networks for secure messaging, is studied and contributions to extend its use to the specific traffic considered and for synchronous networks have been implemented. The resulting analysis of the search engine use case leads to the conclusion that synchronous mix networks are a viable solution to improve anonymity for this type of traffic given realistic resources. In further work, real logs of user queries could be used to make even more accurate anonymity evaluations.