Communication based on per-packet One-Time Addresses

摘要

The act of communication on the Internet inevitably leaks information. In particular, network headers reveal information (e.g., source address, flow information); yet, protecting the header has proven challenging. Past research successfully protected certain fields of the headers (e.g., source address), but no proposal has attempted to eliminate flow information from the header so that packets cannot be linked to flows; flow information is systematically used to subvert privacy. Hence, we investigate the following questions: Can we design an architecture that eliminates flow-packet linkability? Can we do so without imposing impractical requirements on the network infrastructure? Our proposed architecture is based on per-packet One Time Address (OTA)-an address that a host uses to send or receive exactly one packet. Furthermore, the architecture eliminates any implicit (e.g., the standard five-tuple in TCP/UDP packets) or explicit (e.g., flow identifier) flow information from packet headers. Yet, the architecture allows the communicating hosts to demultiplex seemingly unrelated packets to flows. We have implemented the proposed architecture, and our evaluation shows that it can satisfy today's packet forwarding requirements.