Octopus: Anonymous and Secure DHT Lookup

Distributed Hash Table (DHT) lookup is a core technique in structured peer-to-peer (P2P) networks. Its decentralized nature introduces security and privacy vulnerabilities for applications built on top of them; we thus set out to design a lookup mechanism achieving both security and anonymity, heretofore an open problem. We first explore the essential anonymity vulnerabilities in DHT lookups, and propose mechanisms to address them. We present Octopus, a novel anonymous and secure DHT lookup, which provides strong guarantees for both anonymity and security. We design a novel attacker identification mechanism to discover and remove misbehaving malicious nodes, thus severely limiting an adversary’s ability to carry out active attacks. We analyze the security of Octopus by developing an event-based simulator to show that the attacker discovery mechanism can rapidly identify malicious nodes with low error rate. We calculate the anonymity of Octopus using probabilistic modeling and show that Octopus can achieve near-optimal anonymity guarantees: the anonymity provided by Octopus is 4-6 times better than that of any existing scheme (in terms of amount of leaked information). We evaluate Octopus’s efficiency on Planetlab with 207 nodes and show that Octopus has reasonable lookup latency and manageable communication overhead.