Strong Anonymous Communication System Based on Segment Routing Over SDN

Abstract

AbstractSoftware defined networking (SDN) has brought a novel networking paradigm for achieving the goal of anonymous communication. In this paper, we propose a strong anonymous communication scheme based on segment routing (STAR), which does not need all forwarding devices to support OpenFlow protocol and is easy to deploy in SDNs. In STAR, by expanding the packet format of segment routing via Sphinx protocol, the required routing information is encrypted and hidden in the packet header to prevent the enemy from associating with the communication parties. Moreover, to avoid the adversary connecting the communication parties based on load information, the trust controller is employed as an auxiliary node to negotiate the symmetric key between the communication parties for encrypting the packet load. The theoretical analysis shows that, when the adversary compromises multiple intermediate nodes, a low correct linking probability and effective attack resistance are obtained, which proves the weak correlation and stronger anonymity of STAR. Besides, evaluation results confirm that, compared with existing anonymous systems, the proposed STAR can ensure stronger anonymity and higher throughput (83.7% for that of no anonymity) by just introducing very small communication latency (microseconds) and resource cost. Especially for the large-volume data in large-scale SDNs, the advantages will be more obvious.