TY - GEN
T1 - Handling Exit Node Vulnerability in Onion Routing with a Zero-Knowledge Proof
AU - Voloch, Nadav
AU - Hajaj, Maor Meir
N1 - Publisher Copyright:
© 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2022/1/1
Y1 - 2022/1/1
N2 - Onion routing is a method for anonymous data transfer in a communication network. It is mostly used for the deep web via TOR's (The Onion Router) different services such as TOR browser, Atlas, Orbot, and more. In this network, messages are encrypted with several layers, each layer connects only with its predecessor. An anonymity problem arises at the destination point, the exit node, which is the final node in the onion chain of routing. In the exit node the final layer is decrypted, and the message is delivered to the recipient. The possible vulnerability is that if the exit node is compromised in some way, the attacker can receive the raw data that is being delivered, potentially including sensitive or personal information. There are some ways of handling this issue, such as SSL encryption or secure HTTP, but these are not anonymous by nature as certificates include personal verification. This paper suggests a new method for solving the Exit Node Vulnerability issue that keeps the privacy and anonymity of the network. The method uses Zero-Knowledge Proof (ZKP), an encryption scheme in which one party (the prover) can validate specific information to another side (the verifier) without disclosing any additional private information. The paper presents the full scheme that solves the Exit Node Vulnerability in Onion routing.
AB - Onion routing is a method for anonymous data transfer in a communication network. It is mostly used for the deep web via TOR's (The Onion Router) different services such as TOR browser, Atlas, Orbot, and more. In this network, messages are encrypted with several layers, each layer connects only with its predecessor. An anonymity problem arises at the destination point, the exit node, which is the final node in the onion chain of routing. In the exit node the final layer is decrypted, and the message is delivered to the recipient. The possible vulnerability is that if the exit node is compromised in some way, the attacker can receive the raw data that is being delivered, potentially including sensitive or personal information. There are some ways of handling this issue, such as SSL encryption or secure HTTP, but these are not anonymous by nature as certificates include personal verification. This paper suggests a new method for solving the Exit Node Vulnerability issue that keeps the privacy and anonymity of the network. The method uses Zero-Knowledge Proof (ZKP), an encryption scheme in which one party (the prover) can validate specific information to another side (the verifier) without disclosing any additional private information. The paper presents the full scheme that solves the Exit Node Vulnerability in Onion routing.
KW - Deep/Hidden Web
KW - Exit node vulnerability
KW - Onion routing
KW - Zero-Knowledge Proof (ZKP)
UR - https://www.scopus.com/pages/publications/85145008562
U2 - 10.1007/978-3-031-21047-1_34
DO - 10.1007/978-3-031-21047-1_34
M3 - Conference contribution
AN - SCOPUS:85145008562
SN - 9783031210464
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 399
EP - 405
BT - Information Integration and Web Intelligence - 24th International Conference, iiWAS 2022, Proceedings
A2 - Pardede, Eric
A2 - Delir Haghighi, Pari
A2 - Khalil, Ismail
A2 - Kotsis, Gabriele
PB - Springer Science and Business Media Deutschland GmbH
T2 - 24th International Conference on Information Integration and Web Intelligence, iiWAS 2022, held in conjunction with the 20th International Conference on Advances in Mobile Computing and Multimedia Intelligence, MoMM 2022
Y2 - 28 November 2022 through 30 November 2022
ER -