Octopus: A Secure and Anonymous DHT Lookup

Distributed Hash Table (DHT) lookup is a core technique in structured peer-to-peer (P2P) networks. Its decentralized nature introduces security and privacy vulnerabilities for applications built on top of them, we thus set out to design a lookup mechanism achieving both security and anonymity, heretofore an open problem. We present the design of Octopus, which uses attacker identification mechanisms to discover and remove malicious nodes, severely limiting an adversary´s ability to carry out active attacks, and splits lookup queries over separate anonymous paths and introduces dummy queries to achieve high levels of anonymity. We analyze the security of Octopus by developing an event-based simulator to show that the attacker discovery mechanisms can rapidly identify malicious nodes with low error rate. We calculate the anonymity of Octopus using probabilistic modeling and show that Octopus can achieve near-optimal anonymity. We evaluate Octopus´s efficiency on Planet lab and show that Octopus has reasonable lookup latency and low bandwidth overhead.