Anna Engelmann

Anna Engelmann, Admela Jukan

Anonymity networks are providing practical mechanisms to protect its users against censorship by hiding their identity and information content. The best-known anonymity network, The Onion Routing (Tor) network, is however subject to censorship attacks by blocking the public Tor entry routers and a few secret Tor entry points (bridges), thus preventing users to access the Tor. To further advance the evolution of anonymity networks, while addressing censorship attacks, we propose to enhance the well-known multi-circuit Tor technique with linear network coding (LNC) and analyze the resulting censorship success. The results show that LNC can improve the robustness of Tor against censorship.

Anna Engelmann, Admela Jukan

Privacy in form of anonymous communication could be comparably both faster and harder to break in optical routers than in today's anonymous IP networks based on The Onion Routing (Tor). Implementing the practical privacy alloptically,however, is not straightforward, as it requires key generation in each anonymization node to avoid distribution of long keys, and layered encryption, both at the optical line rate. Due to the unavailability of cryptographically strong optical key generation and encryption components, not only a layered encryption is a challenge, but an optical encryption in general. In this paper, we address the challenges of optical anonymous networking for the first time from the system's perspective, and discuss options for practical implementation of all-optical layered encryption. To this end, we propose an optical anonymization component realized with the state-of-the-art optical XOR logic and optical Linear Feedback Shift Registers (oLFSRs). Given that LFSR alone is known for its weak cryptographic security due to its linear properties, we propose an implementation with parallel oLFSRs and analyze the resulting computational security. The results show that proposed optical anonymization component is promising as it can be practically realized to provide a high computational security against deanonymization (privacy) attack.

Anna Engelmann, Admela Jukan

We propose a novel system for optical encryption based on an optical XOR and optical Linear Feedback Shift Register (oLFSRs). Though we choose LFSR for its ability to process optical signals at line rate, we consider the fact that it offers no cryptographic security. To address the security shortfall, we propose implementation of parallel oLFSRs, whereby the resulting key-stream at line rate is controlled electronically by a nonlinear random number generator at speeds much lower than the optical line rate, which makes the system practically relevant. The analysis of computational security shows that the proposed system is secure against wiretapping and can be engineered with the state of the art optical components.

Anna Engelmann, Admela Jukan

As more and more data is transmitted in the configurable optical layer, whereby all optical switches forward packets without electronic layers involved, we envision privacy as the intrinsic property of future optical networks. In this paper, we propose Optical Onion Routing (OOR) routing and forwarding techniques, inspired by the onion routing in the Internet layer, the best known realization of anonymous communication today, but designed with specific features innate to optical networks. We propose to design the optical anonymization network system with a new optical anonymization node architecture, including the optical components and their electronic counterparts to realize layered encryption. We propose modification to the secret key generation using Linear Feedback Shift Register (LFSR), able to utilize different primitive irreducible polynomials, and the usage optical XOR operation as encryption, an important optical technology coming of age. We prove formally that, for the proposed encryption techniques and distribution of secret information, the optical onion network is perfectly private and secure. The paper aims at providing practical foundations for privacy-enhancing optical network technologies.

Anna Engelmann, Admela Jukan

Recently, physical layer security in the optical layer has gained significant traction. Security treats in optical networks generally impact the reliability of optical transmission. Linear Network Coding (LNC) can protect from both the security treats in form of eavesdropping and faulty transmission due to jamming. LNC can mix original data to become incomprehensible for an attacker and also extend original data by coding redundancy, thus protecting a data from errors injected via jamming attacks. In this paper, we study the effectiveness of LNC to balance reliable transmission and security in optical networks. To this end, we combine the coding process with data flow parallelization of the source and propose and compare optimal and randomized path selection methods for parallel transmission. The study shows that a combination of data parallelization, LNC and randomization of path selection increases security and reliability of the transmission. We analyze the so-called catastrophic security treat of the network and show that in case of conventional transmission scheme and in absence of LNC, an attacker could eavesdrop or disrupt a whole secret data by accessing only one edge in a network.