A Kademlia-Based Node Lookup System for Anonymization Networks

  • Benedikt Westermann
  • Andriy Panchenko
  • Lexi Pimenidis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5576)


Node lookup mechanisms constitute an integral part of any overlay network, and hence also of anonymous communication networks. Today, most anonymizers use centralized directories, which leads to scalability problems in the long run. Additionally they require the user to trust the directory provider.

In this paper we revisit the concept of distributed hash tables to address these issues. We propose a scalable node lookup system based on Kademlia and show how it notably hardens the eclipse attack and node fingerprinting. Additionally we provide comparative scalability analyses for our approach and Tor’s directory protocol.


Overlay Network Malicious Node Distribute Hash Table Trusted Third Party Consensus Document 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: Proceedings of the 13th USENIX Security Symposium (2004)Google Scholar
  2. 2.
    Tor Network Status,
  3. 3.
    Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A system for anonymous and unobservable Internet access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Gogolewski, M., Klonowski, M., Kutylowski, M.: Local View Attack on Anonymous Communication. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 475–488. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  5. 5.
    Dingledine, R., Mathewson, N.: Tor Directory Protocol Specification,
  6. 6.
    Freedman, M.J., Morris, R.: Tarzan: A Peer-to-Peer Anonymizing Network Layer. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), Washington, DC (November 2002)Google Scholar
  7. 7.
    Freedman, M.J., Sit, E., Cates, J., Morris, R.: Introducing Tarzan, a Peer-to-Peer Anonymizing Network Layer. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 121–129. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Rennhard, M., Plattner, B.: Introducing MorphMix: Peer-to-Peer based Anonymous Internet Usage with Collusion Detection. In: Proceedings of the Workshop on Privacy in the Electronic Society, Washington, DC, USA (November 2002)Google Scholar
  9. 9.
    Tabriz, P., Borisov, N.: Breaking the collusion detection mechanism of morphmix. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 368–383. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  10. 10.
    Nambiar, A., Wright, M.: Salsa: a structured approach to large-scale anonymity. In: CCS 2006: Proceedings of the 13th ACM conference on Computer and communications security, pp. 17–26. ACM, New York (2006)Google Scholar
  11. 11.
    Mittal, P., Borisov, N.: Information leaks in structured peer-to-peer anonymous communication systems. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), Alexandria, Virginia, USA, pp. 267–278. ACM Press, New York (2008)CrossRefGoogle Scholar
  12. 12.
    Maymounkov, P., Mazires, D.: Kademlia: A peer-to-peer information system based on the xor metric. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  13. 13.
    Danezis, G., Clayton, R.: Route fingerprinting in anonymous communications. In: Peer-to-Peer Computing, pp. 69–72. IEEE Computer Society, Los Alamitos (2006)Google Scholar
  14. 14.
    Singh, A., Ngan, T.W., Druschel, P., Wallach, D.S.: Eclipse attacks on overlay networks: Threats and defenses. In: INFOCOM. IEEE, Los Alamitos (2006)Google Scholar
  15. 15.
    Douceur, J.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, p. 251. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  16. 16.
    Motwani, R., Raghaven, P.: Randomized Algorithms. Cambridge University Press, Cambridge (1995)CrossRefGoogle Scholar
  17. 17.
    Danezis, G., Syverson, P.: Bridging and fingerprinting: Epistemic attacks on route selection. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 151–166. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Benedikt Westermann
    • 1
  • Andriy Panchenko
    • 2
  • Lexi Pimenidis
    • 3
  1. 1.Center for Quantifiable Quality of Service in Communication SystemsNTNUTrondheimNorway
  2. 2.Computer Science Department, Informatik IVRWTH Aachen UniversityAachenGermany
  3. 3.Chair for IT SecurityUniversity of SiegenSiegenGermany

Personalised recommendations