MORE: Dynamic Multipath Onion Router
OverviewWelcome to the website of the dynamic multipath Onion Router (MORE)
- What is a dynamic multipath Onion Router (MORE)?
- Why is MORE interesting?
- Who build MORE?
- Where can I find papers on MORE?
- Can I use/install MORE?
- How can I startup my MORE client?
- What directory servers are available?
- What hidden services are available?
- How can I offer a hidden service myself?
- How can I startup a MORE server?
What is a dynamic multipath Onion Router (MORE)?
The dynamic multipath Onion Router is a new approach to anonymous networking. The dynamic multipath Onion Router allows each packet exchanged between two anonymous nodes to travel along a different path (and this is new in Onion Routers). To provide anonymity the first half of this path is selected by the sender and the second half by the receiver of the packet.
Why is MORE interesting?
Although recent years provided many protocols for anonymous routing in overlay networks, they commonly rely on the same communication paradigm: Onion Routing. In Onion Routing a static tunnel through an overlay network is build via layered encryption. All traffic exchanged by its end points is relayed through this tunnel.
In contrast, this work introduces dynamic multipath Onion Routing to extend the static Onion Routing paradigm. This approach allows each packet exchanged between two end points to travel along a different path. To provide anonymity the first half of this path is selected by the sender and the second half by the receiver of the packet. The results are manifold: First, dynamic multipath Onion Routing increases the resilience against threats, especially pattern and timing based analysis attacks. Second, the dynamic paths reduce the impact of misbehaving and overloaded relays. Finally, inspired by Internet routing, the forwarding nodes do not need to maintain any state about ongoing flows and so reduce the complexity of the router.
In this work, we describe the design of our dynamic Mutlipath Onion RoutEr (MORE) for peer-to-peer overlay networks, and evaluate its performance. Furthermore, we integrate address virtualization to abstract from Internet addresses and provide transparent support for IP applications. Thus, no application-level gateways, proxies or modifications of applications are required to sanitize protocols from network level information. Acting as an IP-datagram service, our scheme provides a substrate for anonymous communication to a wide range of applications using TCP and UDP.
Who build MORE?
Where can I find papers on MORE?TBD
Can I use/install MORE?
Yes, of course. Feel free to download our implementation. However, please keep a couple of things in mind: (1) MORE is a research project, it does not (yet) provide any GUI or other luxury. (2) The prototype is only available for Linux. (3) It is prototype :-)
The MORE sources are available for download here, a debian package is in preparation. Furthermore, you need an OpenSSL implementation with support for elliptic curve cryptogrpahy (ECC). If your installation does not support ECC, we recommend to download, compile OpenSSL from sources and to install it to your home directory. More detailed installation instructions are available in the ReadMe.txt file of the source tarball.
How can I startup my MORE client?
After installation you can easily start the MORE client. The client is the basic MORE engine, start it to become a member of the MORE network and communicate anonymously inside the MORE network.
More [Options] Options: -p <port> port, default 3000 -b <bandwidth> bandwidth in kbytes/s, default 1000 -s <s_ip> server name or ip address, default dir.more.pimenidis.org -c <s_port> server control port,default 2000 -k <prob> key reuse probability, default 90% -f forwarding only, no tun device -h display this help -v display version infoExamples:
- Start a full MORE client with virtual network interface and connect to the default directory server (This probably what you are looking for): More
- Full MORE client with virtual network interface and connect to server dir.more.pimenidis.org: More -s dir.more.pimenidis.org
- More client without virtual network interface (forwarding only, does not need root access to tun devices), connecting to default server: More -f
- Same, but bind to another port, for example when another More client is already running: More -f -p 3001
What directory servers are available?TBD
What hidden services are available?TBD
How can I offer a hidden service myself?Of course, just bind your service to the virtual IP addresses that the MORE server automatically assigns to your MORE client.
How can I startup a MORE server?The server takes care of storing anonymous path sections etc. Communication with the server is anonymous, too. Per anonymous network you only need one server.
MoreServer [Options] Options: -i <ip_addr> server ip address, default HOST_NAME -c <port> control port, default 2000 -a <port> anon port, default 2001 -p <ip_prefix> virtual ip address prefix, max 255, default 10 -h display this help -v display version infoIn most cases you can start MoreServer without options.