Octopus: A Secure and Anonymous DHT Lookup

TL;DR

Octopus is a novel DHT lookup protocol that enhances security and anonymity in peer-to-peer networks by identifying malicious nodes and anonymizing queries, while maintaining efficiency on real-world networks.

Contribution

It introduces a new secure and anonymous DHT lookup mechanism combining attacker detection and query anonymization, addressing a previously open challenge.

Findings

Rapid attacker identification with low error rate

Near-optimal anonymity achieved through probabilistic modeling

Reasonable lookup latency and communication overhead on Planetlab

Abstract

Distributed Hash Table (DHT) lookup is a core technique in structured peer-to-peer (P2P) networks. Its decentralized nature introduces security and privacy vulnerabilities for applications built on top of them; we thus set out to design a lookup mechanism achieving both security and anonymity, heretofore an open problem. We present Octopus, a novel DHT lookup which provides strong guarantees for both security and anonymity. Octopus uses attacker identification mechanisms to discover and remove malicious nodes, severely limiting an adversary's ability to carry out active attacks, and splits lookup queries over separate anonymous paths and introduces dummy queries to achieve high levels of anonymity. We analyze the security of Octopus by developing an event-based simulator to show that the attacker discovery mechanisms can rapidly identify malicious nodes with low error rate. We calculate the anonymity of Octopus using probabilistic modeling and show that Octopus can achieve near-optimal anonymity. We evaluate Octopus's efficiency on Planetlab with 207 nodes and show that Octopus has reasonable lookup latency and manageable communication overhead.