Homomorphic Routing: Private Data Forwarding in the Internet
Pages 1 - 7
Abstract
We propose a new private routing and packet forwarding scheme for the Internet---Homomorphic Routing (HR)---that enables endpoints to communicate with one another without divulging source or destination addresses to the routers or service providers along the path. This is achieved via homomorphic encryption, whereby domains can match encrypted address ranges with encrypted destinations of packets without the need of decryption. Compared to approaches such as source or onion routing, HR is a hop-by-hop solution that allows current BGP-like decisions and traffic engineering techniques to remain largely unchanged, while per-flow state need not be maintained by routers. Preliminary performance evaluation shows that HR implies a tolerable computational overhead compared to plain text operations. Through aggregation we can compress inter-domain routing rules to around 5% of those required for current IPv6 and we can organize encrypted forwarding rules so that matching can be achieved in logarithmic time.
References
[1]
Gilad Asharov, Daniel Demmler, Michael Schapira, Thomas Schneider, Gil Segev, Scott Shenker, and Michael Zohner. 2017. Privacy-Preserving Interdomain Routing at Internet Scale. Proceedings on Privacy Enhancing Technologies 2017 (07 2017).
[2]
David Barrera, Raphael M. Reischuk, Pawel Szalachowski, and Adrian Perrig. 2015. SCION Five Years Later: Revisiting Scalability, Control, and Isolation on Next-Generation Networks.
[3]
The APNIC Blog. 2023. BGP in 2022 -- the routing table. "https://blog.apnic.net/2023/01/06/bgp-in-2022-the-routing-table/". Accessed: June 2023.
[4]
Carlos Borrego, Marica Amadeo, Antonella Molinaro, and Rutvij H. Jhaveri. 2019. Privacy-Preserving Forwarding Using Homomorphic Encryption for Information-Centric Wireless Ad Hoc Networks. IEEE Communications Letters 23, 10 (2019), 1708--1711.
[5]
R. Braden, L. Zhang, S. Berson, S. Herzog, and S. Jamin. 1997. Resource ReSerVation Protocol (RSVP).
[6]
M. B. Braun and J. Crowcroft. 2014. SNA: Sourceless Network Architecture. Technical Report. University of Cambridge, Computer Laboratory.
[7]
C. Chen and Perrig Adrian. 2017. PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer. Proceedings on Privacy Enhancing Technologies 2017 (2017), 100--117.
[8]
C. Chen, D. E. Asoni, D. Barrera, G. Danezis, and A. Perrig. 2015. Hornet: High-speed onion routing at the network layer. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 1441--1454.
[9]
Martin De Prycker. 1993. Asynchronous Transfer Mode. Solutions for Broadband ISDN. Prentice Hall.
[10]
R. Dingledine, N. Mathewson, and P. Syverson. 2004. TOR: The second generation onion router -- Naval Research Lab Washington DC, Tech. Rep. Technical Report.
[11]
Marwan Fayed, Lorenz Bauer, Vasileios Giotsas, et al. 2021. The Ties That Un-Bind: Decoupling IP from Web Services and Sockets for Robust Addressing Agility at CDN-Scale. In Proceedings of the 2021 ACM SIGCOMM 2021 Conference (Virtual Event, USA). Association for Computing Machinery, 433--446.
[12]
V. Fuller and T. Li. 2006. RFC 4632 - Classless Inter-domain Routing (CIDR): The Internet Address Assignment and Aggregation Plan. Technical Report.
[13]
Debayan Gupta, Aaron Segal, Aurojit Panda, Gil Segev, Michael Schapira, Joan Feigenbaum, Jenifer Rexford, and Scott Shenker. 2012. A new approach to interdomain routing based on secure multi-party computation. Proceedings of the 11th ACM Workshop on Hot Topics in Networks, HotNets-11, 37--42.
[14]
Toufique Morshed, Md Momin Al Aziz, and Noman Mohammed. 2020. CPU and GPU Accelerated Fully Homomorphic Encryption.
[15]
Mohamed Nabeel, Stefan Appel, Elisa Bertino, and Alejandro Buchmann. 2013. Privacy Preserving Context Aware Publish Subscribe Systems. In Network and System Security, Javier Lopez, Xinyi Huang, and Ravi Sandhu (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 465--478.
[16]
Mohamed Nabeel, Ning Shang, and Elisa Bertino. 2012. Efficient privacy preserving content based publish subscribe systems. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT (06 2012).
[17]
Pascal Paillier. 1999. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In Advances in Cryptology --- EUROCRYPT '99, Jacques Stern (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 223--238.
[18]
Palmieri, Calderoni P., L., and D. Maio. 2017. An Anonymous InterNetwork Routing Protocol for the Internet of Things. Journal of CyberSecurity and Mobility 6, 2 (2017), 127--146.
[19]
The Tor Project. 2022. The Tor Project -- Privacy and Anonymity Online. "https://www.torproject.org". Accessed: June 2023.
[20]
Sandeep Sarat, Vasileios Pappas, and Andreas Terzis. 2006. On the Use of Anycast in DNS. In Proceedings of 15th International Conference on Computer Communications and Networks. 71--78.
[21]
F. Shirazi, M. Simeonovski, M. R. Asghar, M. Backes, and C. Diaz. 2018. A survey on routing in anonymous communication protocols. ACM Computing Surveys (CSUR) 51, 3 (2018), 1--39.
[22]
Vasily Sidorov, Ethan Yi Fan Wei, and Wee Keong Ng. 2022. Comprehensive Performance Analysis of Homomorphic Cryptosystems for Practical Data Processing.
[23]
Vikram Sreekanti, Chenggang Wu, Xiayue Lin, Johann Schleier-Smith, Joseph Gonzalez, Joseph Hellerstein, and Alexey Tumanov. 2020. Cloudburst: stateful functions-as-a-service. Proceedings of the VLDB Endowment 13 (08 2020), 2438--2452.
[24]
Francesco Tusa, David Griffin, and Miguel Rio. 2021. Private Routing in the Internet. In 2021 IEEE 22nd International Conference on High Performance Switching and Routing (HPSR). 1--6.
Recommendations
On CCA-Secure somewhat homomorphic encryption
SAC'11: Proceedings of the 18th international conference on Selected Areas in CryptographyIt is well known that any encryption scheme which supports any form of homomorphic operation cannot be secure against adaptive chosen ciphertext attacks. The question then arises as to what is the most stringent security definition which is achievable ...
Chosen ciphertext secure keyed-homomorphic public-key cryptosystems
In homomorphic encryption schemes, anyone can perform homomorphic operations, and therefore, it is difficult to manage when, where and by whom they are performed. In addition, the property that anyone can "freely" perform the operation inevitably means ...
Improved security for linearly homomorphic signatures: a generic framework
PKC'12: Proceedings of the 15th international conference on Practice and Theory in Public Key CryptographyWe propose a general framework that converts (ordinary) signature schemes having certain properties into linearly homomorphic signature schemes, i.e., schemes that allow authentication of linear functions on signed data. The security of the homomorphic ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
September 2023
44 pages
ISBN:9798400702761
DOI:10.1145/3607504
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 10 September 2023
Check for updates
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ACM SIGCOMM '23
Sponsor:
Acceptance Rates
FIRA '23 Paper Acceptance Rate 6 of 9 submissions, 67%;
Overall Acceptance Rate 6 of 9 submissions, 67%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 416Total Downloads
- Downloads (Last 12 months)344
- Downloads (Last 6 weeks)43
Reflects downloads up to 25 Nov 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in