TARANET: Traffic-Analysis Resistant Anonymity at the NETwork layer
This addresses the need for secure, high-performance anonymity in interactive applications, offering a novel hybrid approach.
The paper tackles the problem of limited security against traffic analysis in low-latency anonymity systems by proposing TARANET, which implements network-layer protection with reduced latency and overhead, achieving over 50 Gbps forwarding speeds in a prototype.
Modern low-latency anonymity systems, no matter whether constructed as an overlay or implemented at the network layer, offer limited security guarantees against traffic analysis. On the other hand, high-latency anonymity systems offer strong security guarantees at the cost of computational overhead and long delays, which are excessive for interactive applications. We propose TARANET, an anonymity system that implements protection against traffic analysis at the network layer, and limits the incurred latency and overhead. In TARANET's setup phase, traffic analysis is thwarted by mixing. In the data transmission phase, end hosts and ASes coordinate to shape traffic into constant-rate transmission using packet splitting. Our prototype implementation shows that TARANET can forward anonymous traffic at over 50~Gbps using commodity hardware.