Go to INFOCOM 2022 homepageOn Designing Secure Cross-user Redundancy Elimination for WAN Optimization
Abstract: Redundancy elimination (RE) systems allow network users to remove duplicate parts in their messages by introducing caches at both message senders’ and receivers’ sides. While RE systems have been successfully deployed for handling unencrypted traffic, making them work over encrypted links is still open. A few solutions have been proposed recently, however they either completely violate end-to-end security or focus on single-user setting. In this paper, we present a highly secure RE solution which supports cross-user redundancy eliminations on encrypted traffics. Our solution not only preserves the end-to-end security against outside adversaries, but also protects users’ privacy against semi-honest RE agents. Furthermore, our solution can defend malicious users’ poisoning attack, which is crucial for cross-user RE systems but has never been studied before. In cross-user RE systems, since all users inside a LAN write into a shared, global cache and use it to recover their original messages from deduplicated ones, the poisoning attack is prone to happen, and cause systematic damage to all users even when only one user is malicious and injects poisoned data into the cache. We rigorously prove our solution’s security properties, and demonstrate its promising performance via testing the proof-of-concept implementation with real-world internet traffic data.
0 Replies
Loading