A Routing Table Insertion (RTI) Attack on Freenet

Very little work has been conducted on quantitatively evaluating the basic design and implementation choices in common p2p anonymous systems. In this paper, we focus on this issue and use Freenet as an example to investigate quantitative measures for anonymous systems. We have conducted extensive analysis of Freenet, and identified several practical attacks that seriously damage the anonymity strength of Freenet. These attacks exploit several fundamental performance improvement schemes in p2p systems, and can be easily extended to other popular DHT-like p2p anonymous systems using similar mechanisms. In particular, we are able to find the network topology, perform a routing table insertion (RTI) attack, and trace back queries. In this paper, we focus on the RTI attack to make a malicious node a direct peer of a victim node. As a result, many other attacks can be launched to break the anonymity promise. To facilitate the RTI attack, we have also developed a route prediction model based on Freenet routing mechanisms. Our experimental results show the effectiveness of the proposed attack. Our goal is not to attack Freenet. Instead, we hope that the lessons learned here help us improve Freenet, develop new design guidelines for p2p anonymous systems, and generalize quantitative measures to evaluate their strength.