Yingjie Xia,Guanghua Song,Yao Zheng,Jun Ni,Mingzhe Zhu

DOI: https://doi.org/10.1109/ICICSE.2008.7

2008-01-01

Abstract:This paper introduces a small world overlay Peer- to-peer (P2P) transfer system with role based and reputation based access control policies, through which we are able to solve several serious problems existed in traditional P2P systems, like resource piracy, user privacy and network jam. The role based access control policy is implemented by the certificate based cryptography, e.g. X509. The reputation based access control policy consists of artificial scoring and automatic scoring components, corresponding to the quality and quantity evaluation of the transfer resources respectively. This system, upon the two policies and the adaptive small world overlay P2P topology, can restrict the peer's role and select a more credible peer to upload and download without any loss of performance, for the reason of the dramatic topology. Indeed it provides a secure, controllable and efficient resource transfer community.

Yanfei Fan,Yixin Jiang,Haojin Zhu,Jiming Chen,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/twc.2011.122010.100087

IF: 10.4

2010-01-01

IEEE Transactions on Wireless Communications

Abstract:Privacy threat is one of the critical issues in multi-hop wireless networks, where attacks such as traffic analysis and flow tracing can be easily launched by a malicious adversary due to the open wireless medium. Network coding has the potential to thwart these attacks since the coding/mixing operation is encouraged at intermediate nodes. However, the simple deployment of network coding cannot achieve the goal once enough packets are collected by the adversaries. On the other hand, the coding/mixing nature precludes the feasibility of employing the existing privacy-preserving techniques, such as Onion Routing. In this paper, we propose a novel network coding based privacy-preserving scheme against traffic analysis in multi-hop wireless networks. With homomorphic encryption on Global Encoding Vectors (GEVs), the proposed scheme offers two significant privacy-preserving features, packet flow untraceability and message content confidentiality, for efficiently thwarting the traffic analysis attacks. Moreover, the proposed scheme keeps the random coding feature, and each sink can recover the source packets by inverting the GEVs with a very high probability. Theoretical analysis and simulative evaluation demonstrate the validity and efficiency of the proposed scheme.

Quan Yuan,Mingyang Sun,Yujie Sheng,Qinglai Guo

DOI: https://doi.org/10.1109/tsg.2024.3406572

IF: 10.275

2024-01-01

IEEE Transactions on Smart Grid

Abstract:The growing development of the fast charging of electric vehicles has strengthened the interdependence between urban transportation networks (UTN) and power distribution networks (PDN). Through cooperative price guidance of UTN operator and PDN operator, the performance of the above networks can be improved coordinately. However, vehicle travelers may not want to share their actual traveling and charging demand information with the UTN and PDN operators for pricing due to privacy concerns. In order to protect travelers privacy while reducing the system operation cost, this paper proposes a privacy-preserving cooperative pricing framework PrivCPM for the power-traffic networks. In particular, a novel privacy preservation mechanism, DPTC, based on the Differential Privacy technique for Traffic and Charging demands is designed with a physics-constrained post-processing (PP) process, which is developed to enhance the utility of the perturbed data significantly (i.e., improve the feasibility of the cooperative pricing optimization problem and reduce the system operation costs) by integrating the actual network constraints and the correlation between various types of vehicles. Comprehensive case studies are conducted based on a 12-node UTN and a 20-node PDN. The results show that, compared to the operation cost obtained using the true data, PrivCPM under the privacy budget (i.e., the upper limit of the amount of information that can be disclosed) of 0.01 can obtain the near-optimal solution with only approximately 2.6% higher cost. Moreover, the proposed PP process can significantly enlarge the range of travelers privacy budget, and the operation cost obtained by using PrivCPM can achieve a 3.35% cost reduction but with a five times lower privacy budget compared to the conventional method (i.e., PrivCPM without PP). In addition, PrivCPM in the above setting merely increased the cost by 7.31% compared to the non-private case.

Zhi-Yu Peng,Shan-Ping Li

DOI: https://doi.org/10.1109/icmlc.2008.4620616

2008-01-01

Abstract:As pervasive computing leading to an increased collection of information in the computational world as well as the real world, privacy leaking becomes a serious issue. Although privacy protection has drawn great attention in recent years, the privacy-preserving trust management has not been brought forward. Credential chain discovery problem is the key issue in trust management, and traditionally credentials are full open in the whole system. This could expose users' access control policies as well as other private information, and leads to a great risk of being cheated by malicious users. This paper advocates a privacy-preserving credential chain discovery mechanism, in which credentials are no longer available to everyone. By merely learning credentials of one's logic neighbors, this mechanism still achieves good results. The simulations show that this mechanism is practical.

Junmo Lee,Seongjun Kim,Sanghyeon Park,Soo-Mook Moon

DOI: https://doi.org/10.48550/arXiv.2012.04254

2020-12-08

Cryptography and Security

Abstract:Cryptocurrencies such as Bitcoin and Ethereum have made payment transactions possible without a trusted third party, but they have a scalability issue due to their consensus mechanisms. Payment networks have emerged to overcome this limitation by executing transactions outside of the blockchain, which is why these are referred to as off-chain transactions. In order to establish a payment channel between two users, the users lock their deposits in the blockchain, and then they can pay each other through the channel. Furthermore, payment networks support multi-hop payments that allow users to transfer their balances to other users who are connected to them via multiple channels. However, multi-hop payments are hard to be accomplished, as they are heavily dependent on routing users on a payment path from a sender to a receiver. Although routing hubs can make multi-hop payments more practical and efficient, they need a lot of collateral locked for a long period and have privacy issues in terms of payment history. We propose RouTEE, a secure payment routing hub that is fully feasible without the hub's deposit. Unlike existing payment networks, RouTEE provides high balance liquidity, and details about payments are concealed from hosts by leveraging trusted execution environments (TEEs). RouTEE is designed to make rational hosts behave honestly, by introducing a new routing fee scheme and a secure settlement method. Moreover, users do not need to monitor the blockchain in real-time or run full nodes. They can participate in RouTEE by simply verifying block headers through light clients; furthermore, having only one channel with RouTEE is sufficient to interact with other users. Our implementation demonstrates that RouTEE is highly efficient and outperforms Lightning Network that is the state-of-the-art payment network.

Matthew Tsao,Kaidi Yang,Karthik Gopalakrishnan,Marco Pavone

DOI: https://doi.org/10.48550/arXiv.2202.13305

2022-03-15

Abstract:Data-driven methodologies offer many exciting upsides, but they also introduce new challenges, particularly in the realm of user privacy. Specifically, the way data is collected can pose privacy risks to end users. In many routing services, a single entity (e.g., the routing service provider) collects and manages user trajectory data. When it comes to user privacy, these systems have a central point of failure since users have to trust that this entity will not sell or use their data to infer sensitive private information. Unfortunately, in practice many advertising companies offer to buy such data for the sake of targeted advertisements. With this as motivation, we study the problem of using location data for routing services in a privacy-preserving way. Rather than having users report their location to a central operator, we present a protocol in which users participate in a decentralized and privacy-preserving computation to estimate travel times for the roads in the network in a way that no individuals' location is ever observed by any other party. The protocol uses the Laplace mechanism in conjunction with secure multi-party computation to ensure that it is cryptogrpahically secure and that its output is differentially private. A natural question is if privacy necessitates degradation in accuracy or system performance. We show that if a road has sufficiently high capacity, then the travel time estimated by our protocol is provably close to the ground truth travel time. We validate the protocol through numerical experiments which show that using the protocol as a routing service provides privacy guarantees with minimal overhead to user travel time.

Cryptography and Security,Systems and Control

Qian Zhang,Sheng Cao,Yi Ni,Ting Chen,Xiaosong Zhang

DOI: https://doi.org/10.1109/icc45855.2022.9839015

2022-01-01

Abstract:The adoption of cryptocurrency based on blockchain technology has grown to an unprecedented level. As an off-chain scaling fashion, payment channel network (PCN) is used to fulfill cryptocurrency transfer conveniently for different users. However, current PCNs cannot guarantee the identity privacy of nodes on channels partly due to various off-chain channel-based threats by wormhole attack. This paper proposes a hybrid multi-hop mechanism, including PCN, onion routing and sidechain to ensure the privacy-preserving off-chain payment. First, we overlay the onion routing on PCN to realize identity anonymity of each node. Then we divide the payment fund into two parts: the transfer amount and fees for intermediate nodes. We apply sidechain to lock the intermediate fees by smart contract to prevent the intermediate fees from being stolen by malicious nodes using wormhole attack. Security analysis and performance evaluation show that our mechanism can effectively improve the identity privacy and transaction security of off-chain payments by reducing computational latency.

Zude Li,Guoqiang Zhan,Xiaojun Ye

DOI: https://doi.org/10.1007/11775300_17

2006-01-01

Abstract:Peer-to-peer (P2P) resource dissemination has raised some security concerns for privacy protection and intellectual property rights protection along resource dissemination over the network. To solve these challenges, we propose the Role-Based P2P model, in which the role notion is functioned as the bridge component between users and resources to enforce secure resource dissemination together with relative constraints. The property rights attached to resource and user's private identity information are both protected as promise by taking each local role as a permission set in local centralized network and each global role as a user's pseudonym in global decentralized network. Furthermore, we propose the access control algorithm to describe how to handle access requests by the role policy in the role-based hybrid P2P model. In addition, we illustrate the intra and inter access schemas as two kinds of access processes. The model is feasible as its role structure and the connection with user and resource in open environment are consistent with the application objectives. The model is extensible, as the role structure can be also available for Purpose-Based Privacy Protection technologies.

Songwei Li,Zhen Wang,Chi Zhang,Lingbo Wei,Jianqing Liu,Ying Ma,Yuguang Fang

DOI: https://doi.org/10.1007/978-3-030-86130-8_26

2021-01-01

Abstract:While Peer-to-peer (P2P) accommodations like Airbnb bring huge convenience and unique experiences to our daily life, a guest taking a P2P accommodation may face great risks, because he/she cannot check the quality of the accommodation before it starts, resulting in a bad experience. Although current P2P accommodation platforms use rating systems and arbitrations to solve the problems, they may not be practical in reality, since interpersonal expectations and interactions between a guest and a host play an important role in rating a P2P accommodation. In this paper, we introduce a new technique based on a credit network to solve these problems. A credit network is a network that uses currency to model transitive trust (or credit) between different users in a distributed fashion. It is modified from the current Bitcoin-based credit network by using a trusted hardware and a protocol for a guest to book a P2P accommodation without revealing unnecessary private information of either the guest or the host with high efficiency. Security and performance analysis shows that our scheme can help a guest find a trustworthy host in a privacy-preserving way, while still achieving high efficiency.

J. Christopher Westland,Tuan Q. Phan,Tianhui Tan

DOI: https://doi.org/10.48550/arXiv.1802.10000

2018-02-12

Abstract:This research investigated the potential for improving Peer-to-Peer (P2P) credit scoring by using "private information" about communications and travels of borrowers. We found that P2P borrowers' ego networks exhibit scale-free behavior driven by underlying preferential attachment mechanisms that connect borrowers in a fashion that can be used to predict loan profitability. The projection of these private networks onto networks of mobile phone communication and geographical locations from mobile phone GPS potentially give loan providers access to private information through graph and location metrics which we used to predict loan profitability. Graph topology was found to be an important predictor of loan profitability, explaining over 5.5% of variability. Networks of borrower location information explain an additional 19% of the profitability. Machine learning algorithms were applied to the data set previously analyzed to develop the predictive model and resulted in a 4% reduction in mean squared error.

General Finance,Social and Information Networks,Risk Management

Binanda Sengupta,Yingjiu Li,Kai Bu,Robert H. Deng

DOI: https://doi.org/10.1145/3372046

IF: 5.3

2020-01-01

ACM Transactions on Internet Technology

Abstract:The end-users communicating over a network path currently have no control over the path. For a better quality of service, the source node often opts for a superior (or premium) network path to send packets to the destination node. However, the current Internet architecture provides no assurance that the packets indeed follow the designated path. Network path validation schemes address this issue and enable each node present on a network path to validate whether each packet has followed the specific path so far. In this work, we introduce two notions of privacy-path privacy and Index privacy-in the context of network path validation. We show that, in case a network path validation scheme does not satisfy these two properties, the scheme is vulnerable to certain practical attacks (that affect the privacy, reliability, neutrality and quality of service offered by the underlying network). To the best of our knowledge, ours is the first work that addresses privacy issues related to network path validation. We design PrivNPV, a privacy-preserving network path validation protocol, that satisfies both path privacy and index privacy. We discuss several attacks related to network path validation and how PrivNPV defends against these attacks. Finally, we discuss the practicality of PrivNPV based on relevant parameters.

Qingqing Cai,Gang Sun,Hongfang Yu,Long Luo

DOI: https://doi.org/10.1109/iscc58397.2023.10218303

2023-01-01

Abstract:The Payment Channel Network (PCN) has emerged as a prominent solution for addressing the scalability limitations of cryptocurrencies. A critical aspect of PCN transactions is the selection of appropriate routing paths between parties. However, the success rate of payment routing in PCNs is significantly influenced by channel capacity and other payments, making path selection in PCNs more challenging than in traditional networks. In this paper, we present a novel path selection algorithm for PCNs that jointly considers path delay, channel capacity, and inter-path impact to achieve high throughput. Our simulation results demonstrate that the proposed algorithm improves throughput by 24.2% compared to the traditional widest path algorithm, and by 5.3% compared to the traditional shortest path algorithm.

Zongqing Lu,Yonggang Wen

DOI: https://doi.org/10.1109/mass.2012.6502514

2012-01-01

Abstract:Source-location privacy became one of major issues due to the open nature of wireless sensor networks. The adversary can eavesdrop and trace the message movements so as to capture the source. In the paper, first we propose Credit routing to provide the source-location privacy protection. Credit routing is able to route the message within the assigned credit at each message and randomize the routing path. Unlike other location privacy protection schemes in WSN, Credit routing not only can provide strong protection but also precisely control the transmission cost of each message. Then, we propose Hybrid credit routing, which routes the message to the receiver through three phases: totally random walk, forwarding random walk and credit random walk. These phases provide tri-fold protection to prevent the source from being captured by the adversary. We evaluate our proposed schemes based on several metrics including safe period, latency and protection efficiency. The simulation results show that Credit is able to provide the strong and efficient protection compared with other schemes including Phantom, LPR and RRIN. It is also shown Hybrid improves the protection strength and efficiency even further. The performance of Credit and Hybrid can be tuned by the assigned credit. For real application, the credit can be the real power consumption for forwarding the message from the source to the sink. So both Credit and Hybrid can be used to precisely control the power consumption for source-location protection.

Yang Qin,Tiantian Zhang,Mengya Li

DOI: https://doi.org/10.1007/978-3-030-38819-5_16

2020-01-01

Abstract:The opportunistic network adopts the disconnected store-and-forward architecture to provide communication support for the nodes without an infrastructure. As there is no stable communication link between the nodes, so that forwarding messages is via any encountered nodes. Social networks based on such opportunistic networks will have privacy challenges. In this paper, we propose a privacy protection scheme routing based on the utility value. We exploit the Bloom filter to obfuscate the friends lists and the corresponding utility values of nodes in order to make the routing decisions. This is easy to implement with high performance. Considering no infrastructure and stable link in opportunistic networks, this paper presents a self-organized key management system consisting of an identity authentication scheme based on the zero-knowledge proof of the elliptic curve and a key agreement scheme based on the threshold cryptography. The nodes prove their identities by themselves, and each node carries a certificate library to improve the authentication efficiency and success rate. In order to ensure the forward security and improve the session key agreement rate and the success rate, we exploit threshold cryptography to divide the session key, which could reduce the communication consumption of the traditional Diffie-Hellman (DH) algorithm. The experimental simulation results show that the proposed schemes are much better than the existing schemes for opportunistic networks.

Ming Liu,Mingyue Zhang,Guangshun Li,Yuemei Hu,Tao Li,Yilei Wang,Bo Lan

DOI: https://doi.org/10.1007/978-981-97-0942-7_6

2024-01-01

Abstract:Payment channel path information includes node identity and balance. With this public information, an attacker can initiate a recurring transaction against the victim node, resulting in the victim node's available balance being fully locked in the recurring transaction, thereby increasing the cost of collateral due to the longer lock time. The current solution primarily focuses on hiding the balance. However, it is not resistant to LockDown attacks because the attacker, as a payment sender, subjectively chooses a looped payment path to initiate a circular transaction. Additionally, existing solutions suffer from high deposit costs due to long loop paths. In this paper, we propose Epoch, a payment channel scheme whose core component is a new cryptographic primitive-optimal path encryption (OPE) protocol, which enables the concealment of path information. Specifically, the administrator uses a homomorphic one-way function to encrypt a payment path that satisfies the sender's requirements, and the results in hiding path information such as the identity of the nodes in this path. This ensures that the sender does not steal information about the payment path in advance of adopting the payment path, and hence cannot initiate circular transactions. We give a security analysis of the OPE protocol in a universal composability (UC) framework, showing that the OPE protocol can hide path information and resist LockDown attacks. Furthermore, our scheme can process transactions in multiple hubs in parallel, which reduces the cost of collateralizing the deposit for transactions going through four Hubs by 75% compared to previous approaches.

Yunhao Liu,Jinsong Han

DOI: https://doi.org/10.14711/thesis-b987542

2007-01-01

Abstract:Peer-to-Peer (P2P) model has become the mainstream of the applications in current and future Internet. Being effective in utilizing and managing globally distributed information over Internet, however, most current P2P systems do not provide protection to their users against the increasing threat from selfish peers or malicious adversaries. Anonymous and trustworthy computing hereby has continuously gained importance because it meets the users’ demands of privacy, fairness, trust, and reliability. In order to construct anonymous and trustworthy P2P systems, we must address several crucial challenges including (1) reliably and efficiently anonymizing the P2P network; (2) authenticating users’ identities; (3) enabling trust management in anonymous environments. Most existing approaches achieve anonymity via fixed paths, which are unreliable and inefficient in dynamic P2P systems. We propose two non-path based protocols to anonymize P2P systems. The results of trace driven simulations show that our proposed protocols are reliable, scalable and effective, and significantly reduce cryptographic overhead. The second issue is that the current authentication approaches face a dilemma in anonymous environments: authenticating other users needs their real identities; while the anonymity requires those users to hide their real identities. We propose a Zero-knowledge based protocol to allow users authenticate with each other without exposing their real identities. We show the effectiveness of our proposed protocol by simulation studies and prototype implementation. We solve the third issue by constructing a reputation based trust management architecture. We particularly focus on the feedback quality problem. In shorting of trusted authority centers in P2P systems, the feedback quality are easily wrecked by the dishonest feedback from malicious peers, which further degrades the computation accuracy of users’ reputation. Our proposed architecture effectively alleviates the damage on computing reputation caused by the feedback cheating. We believe that widely employing above proposed approaches will make P2P systems more secure and reliable. We also extend our study to other distributed systems and propose a privacy-preserving authentication protocol for RFID systems. Keywords: Peer-to-Peer, Anonymity, Privacy-Preserving, Authentication, Key Updating, Secret Sharing, Random Walk, Selected Flooding, Trustworthy Computing, Feedback Quality, Trust Management, Trace Driven Simulation, Zero-Knowledge Proof, Man-in-middle-attack

Rafael Pires,Marcelo Pasin,Pascal Felber,Christof Fetzer

DOI: https://doi.org/10.48550/arXiv.1701.04612

2017-01-17

Distributed, Parallel, and Cluster Computing

Abstract:Content-based routing (CBR) is a powerful model that supports scalable asynchronous communication among large sets of geographically distributed nodes. Yet, preserving privacy represents a major limitation for the wide adoption of CBR, notably when the routers are located in public clouds. Indeed, a CBR router must see the content of the messages sent by data producers, as well as the filters (or subscriptions) registered by data consumers. This represents a major deterrent for companies for which data is a key asset, as for instance in the case of financial markets or to conduct sensitive business-to-business transactions. While there exists some techniques for privacy-preserving computation, they are either prohibitively slow or too limited to be usable in real systems. In this paper, we follow a different strategy by taking advantage of trusted hardware extensions that have just been introduced in off-the-shelf processors and provide a trusted execution environment. We exploit Intel's new software guard extensions (SGX) to implement a CBR engine in a secure enclave. Thanks to the hardware-based trusted execution environment (TEE), the compute-intensive CBR operations can operate on decrypted data shielded by the enclave and leverage efficient matching algorithms. Extensive experimental evaluation shows that SGX adds only limited overhead to insecure plaintext matching outside secure enclaves while providing much better performance and more powerful filtering capabilities than alternative software-only solutions. To the best of our knowledge, this work is the first to demonstrate the practical benefits of SGX for privacy-preserving CBR.

Jiayuan Liu,Canhui Chen,Lulu Zhou,Zhixuan Fang

DOI: https://doi.org/10.23919/wiopt56218.2022.9930529

2022-01-01

Abstract:Payment Channel Network (PCN) is proposed as a promising layer-two solution to tackle the scalability problem of current blockchain systems, which allows the two transacting parties to perform off-chain transactions through their established payment channel. For the transacting parties who are not directly connected, PCN allows them to route the transaction through some intermediate nodes with sufficient balance. Designing an efficient routing protocol is one of the most important and challenging problems in improving the performance of PCN. To tackle this challenge, we propose Real-Time Recursive Routing (RTRR), an efficient routing algorithm that can achieve a short routing time with strong privacy protection and high flexibility in the dynamic scenario. In addition, we investigate the bidding process in RTRR and derive the equilibrium strategy, which implies that the proposed protocol prefers to route the transaction through the nodes with a higher success rate, contributing to a better performance. Both the theoretical analyses and the empirical experiment results demonstrate the high efficiency of RTRR.

Aiguo Chen,Guangchun Luo,Jinsheng Ren

DOI: https://doi.org/10.1587/transinf.e97.d.1656

2014-01-01

IEICE Transactions on Information and Systems

Abstract:Establishing trust measurements among peer-to-peer (P2P) networks is fast becoming a de-facto standard, and a fair amount of work has been done in the area of trust aggregation and calculation algorithms. However, the area of developing secure underlying protocols to distribute and access the trust ratings in the overlay network has been relatively unexplored. We propose an elliptic curve-based trust management protocol for P2P systems, which is designed to provide authentication and signature functions to protect the processes of trust value query and rating report. Additionally, instead of using single identities, the protocol generates two verifiable pseudonyms, one is used for transaction, the other is applied when the peer acts as a trust holding peer. A security analysis shows that the proposed protocol is extremely secure in the face of a variety of possible attacks.

Qingjun Chen,Chen Qian,Sheng Zhong

DOI: https://doi.org/10.1109/icnp.2015.41

2015-01-01

Abstract:Today's large-scale enterprise networks, data center networks, and wide area networks can be decomposed into multiple administrative or geographical domains. Domains may be owned by different administrative units or organizations. Hence protecting domain information is an important concern. Existing general-purpose Secure Multi-Party Computation (SMPC) methods that preserves privacy for domains are extremely slow for cross-domain routing problems. In this paper we present PYCRO, a cryptographic protocol specifically designed for privacy-preserving cross-domain routing optimization in Software Defined Networking (SDN) environments. PYCRO provides two fundamental routing functions, policy-compliant shortest path computing and bandwidth allocation, while ensuring strong protection for the private information of domains. We rigorously prove the privacy guarantee of our protocol. We have implemented a prototype system that runs PYCRO on servers in a campus network. Experimental results using real ISP network topologies show that PYCRO is very efficient in computation and communication costs.