In an era of pervasive online surveillance, Internet users are in need of better anonymity solutions for online communications without sacrificing performance. Existing overlay anonymity tools, such as the Tor network, suffer from performance limitations and recent proposals to embed anonymity into Internet protocols face fundamental deployment challenges. In this paper, we introduce Practical Anonymity at the NEtwork Level (PANEL), a practical light-weight anonymity solution based on hardware switching. We implement a prototype of PANEL on a high-performance hardware switch (namely, Barefoot Tofino) using P4 network programming language, and examine the validity and performance of the prototype. Based on our empirical results, PANEL achieves 96% of the actual throughput of the switch and adds a low-latency overhead (e.g., 3% overhead in Skype calls), while offering partial deployablility and transparency (i.e., PANEL requires neither client-side nor server-side modifications).
翻译:在普遍在线监控的时代,互联网用户需要在不牺牲性能的情况下,为在线通信找到更好的匿名解决方案。Tor网络等现有的重叠匿名工具受到性能限制,最近提出的将匿名纳入互联网协议的建议面临根本性的部署挑战。在本文中,我们在NETwork级别(PANEL)引入了实用的通用匿名解决方案,即基于硬件转换的实用的轻量匿名解决方案。我们在使用P4网络编程语言的高性硬件开关(即Barefof Tofino)上实施了PANEL原型(即赤脚Tofino),并审查了原型的有效性和性能。根据我们的经验,PANEL实现了开关实际用量的96 %, 并增加了低密度的间接费用(如Skype电话中3%的间接费用),同时提供部分部署性和透明度(即PANEL不需要客户方或服务器方的修改)。
相关内容
微信扫码咨询专知VIP会员