• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.71-82
• /
• 2009

There have been a lot of researches on providing privacy in MANET (Mobile Ad hoc NETwork) using trapdoor, onion, and anonymous authentication. Privacy protection in MANET can be divided into satisfying ID privacy, location privacy, route privacy, and unlinkability between sessions. Most of the previous works, however, were unsatisfactory with respect to location privacy or route privacy. Moreover, in previous schemes, cryptographic operation cost needed to meet the privacy requirements was relatively high. In this paper, we propose a new efficient anonymous routing protocol that satisfies all the privacy requirements and reduces operation costs. The proposed scheme does not use onion or anonymous authentication techniques in providing privacy. We also provide a more accurate analysis of our scheme's efficiency by considering all the nodes involved in the route establishment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.3
• /
• pp.380-399
• /
• 2010

In this paper, we present a new class of attacks against an anonymous communication protocol, originally presented in ACNS 2008. The protocol itself was proposed as an improved version of ModOnions, which exploits universal re-encryption in order to avoid replay attacks. However, ModOnions allowed the detour attack, introduced by Danezis to re-route ModOnions to attackers in such a way that the entire path is revealed. The ACNS 2008 proposal addressed this by using a more complicated key management scheme. The revised protocol is immune to detour attacks. We show, however, that the ModOnion construction is highly malleable and this property can be exploited in order to redirect ModOnions. Our attacks require detailed probing and are less efficient than the detour attack, but they can nevertheless recover the full onion path while avoiding detection and investigation. Motivated by this, we present modifications to the ModOnion protocol that dramatically reduce the malleability of the encryption primitive. It addresses the class of attacks we present and it makes other attacks difficult to formulate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.65-76
• /
• 2007

The P2P file sharing system sends the results to users by searching the files in the shared folders. In the process of it, the problem is that the transferred information includes the pathname and file information and it can be revealed who searches which files. In related to this problem, anonymous file sharing P2P protocol has been an active research area where a number of works have been produced. However, the previous studies still have a few of weakness. Therefore, We propose two anonymous P2P file sharing protocols based on the decentralized and unstructured Random Walk. The first scheme uses the dynamic onion routing where the requester can receive the wanted file without knowing other peers' IDs. The second scheme uses the IP multicast method which lowers the computational overhead. Both of them are more suited for the dynamic P2P system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.705-707
• /
• 2013

The second-generation onion routing(Tor)는 전 세계의 Tor 사용자들이 자발적으로 Onion router(OR)이 되어서 다른 Tor 사용자들의 인터넷 익명성을 보장해 준다. 이때 Tor는 수 많은 OR들 중에서 임의적으로 그리고 일정 기준을 통과한 3개를 선택하여 Tor circuit 을 생성하게 된다. Tor를 연구하는데 있어서 가장 큰 문제점은 전세계 다양한 OR을 통과하여 이동하기 때문에 Tor 네트워크를 통해서 이동하는 패킷에 대한 내용을 확인하기 어렵다는 점이다. 하지만 Tor circircuit 구성하는 과정에서 자신이 지정한 OR들을 통해 패킷이 이동한다면 Tor 네트워크의 특징을 연구하는데 큰 도움이 된다. 이를 위해 사용자가 지정한 OR을 이용하도록 소스코드를 수정해 보았다.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.155-162
• /
• 2024

Anonymity online has been an ever so fundamental topic among journalists, experts, cybersecurity professionals, corporate whistleblowers. Highest degree of anonymity online can be obtained by mimicking a normal everyday user of the internet. Without raising any flags of suspicion and perfectly merging with the masses of public users. Online Security is a very diverse topic, with new exploits, malwares, ransomwares, zero-day attacks, breaches occurring every day, staying updated with the latest security measures against them is quite expensive and resource intensive. Network security through anonymity focuses on being unidentifiable by disguising or blending into the public to become invisible to the targeted attacks. By following strict digital discipline, we can avoid all the malicious attacks as a whole. In this paper we have demonstrated a proof of concept and feasibility of securing yourself on a network by being anonymous.

• Journal of Korea Multimedia Society
• /
• v.15 no.9
• /
• pp.1126-1132
• /
• 2012

To enhance network efficiency, CCN allow intermediate network nodes between a content consumer and a content publisher to temporarily cache transmitted contents. Then the network nodes immediately return back the cached contents to another consumers when the nodes receives relevant contents request messages from the consumers. For that, CCN utilizes hierarchical content names to forward a request message as well as a response message. However, such content names semantically contain much information about domain/user as well as content itself. So it is possible to invade users' privacy. In this paper, we first review both the problem of CCN name in the view point of privacy and proposed schemes. Then we propose an improved name management scheme for users' privacy preservation.