Personal tools
You are here: Home Research Projects MORE
Navigation
new text book
Springer Book on Modelling and Tools for Network Simulation
network-simulation.info
 
Document Actions

MORE: Dynamic Multipath Onion Router

by Olaf Landsiedel last modified 2007-09-06 22:49

Overview

Welcome to the website of the dynamic multipath Onion Router (MORE)

What is a dynamic multipath Onion Router (MORE)?

The dynamic multipath Onion Router is a new approach to anonymous networking. The dynamic multipath Onion Router allows each packet exchanged between two anonymous nodes to travel along a different path (and this is new in Onion Routers). To provide anonymity the first half of this path is selected by the sender and the second half by the receiver of the packet.

Why is MORE interesting?

Although recent years provided many protocols for anonymous routing in overlay networks, they commonly rely on the same communication paradigm: Onion Routing. In Onion Routing a static tunnel through an overlay network is build via layered encryption. All traffic exchanged by its end points is relayed through this tunnel.

In contrast, this work introduces dynamic multipath Onion Routing to extend the static Onion Routing paradigm. This approach allows each packet exchanged between two end points to travel along a different path. To provide anonymity the first half of this path is selected by the sender and the second half by the receiver of the packet. The results are manifold: First, dynamic multipath Onion Routing increases the resilience against threats, especially pattern and timing based analysis attacks. Second, the dynamic paths reduce the impact of misbehaving and overloaded relays. Finally, inspired by Internet routing, the forwarding nodes do not need to maintain any state about ongoing flows and so reduce the complexity of the router.

In this work, we describe the design of our dynamic Mutlipath Onion RoutEr (MORE) for peer-to-peer overlay networks, and evaluate its performance. Furthermore, we integrate address virtualization to abstract from Internet addresses and provide transparent support for IP applications. Thus, no application-level gateways, proxies or modifications of applications are required to sanitize protocols from network level information. Acting as an IP-datagram service, our scheme provides a substrate for anonymous communication to a wide range of applications using TCP and UDP.

Who build MORE?

 Feel to contact us in case you have any questions

Where can I find papers on MORE?

 TBD

Can I use/install MORE?

Yes, of course. Feel free to download our implementation. However, please keep a couple of things in mind: (1) MORE is a research project, it does not (yet) provide any GUI or other luxury. (2) The prototype is only available for Linux. (3) It is prototype :-)

The MORE sources are available for download here, a debian package is in preparation. Furthermore, you need an OpenSSL implementation with support for elliptic curve cryptogrpahy (ECC). If your installation does not support ECC, we recommend to download, compile OpenSSL from sources and to install it to your home directory. More detailed installation instructions are available in the ReadMe.txt file of the source tarball.

How can I startup my MORE client?

After installation you can easily start the MORE client. The client is the basic MORE engine, start it to become a member of the MORE network and communicate anonymously inside the MORE network.

More [Options]
	
Options:
  -p <port>       port, default 3000
  -b <bandwidth>  bandwidth in kbytes/s, default 1000
  -s <s_ip>       server name or ip address,
                  default dir.more.pimenidis.org
  -c <s_port>     server control port,default 2000
  -k <prob>       key reuse probability, default 90%
  -f              forwarding only, no tun device
  -h              display this help
  -v              display version info
Examples:
  • Start a full MORE client with virtual network interface and connect to the default directory server (This probably what you are looking for): More
  • Full MORE client with virtual network interface and connect to server dir.more.pimenidis.org: More -s dir.more.pimenidis.org
  • More client without virtual network interface (forwarding only, does not need root access to tun devices), connecting to default server: More -f
  • Same, but bind to another port, for example when another More client is already running: More -f -p 3001

What directory servers are available?

 TBD

What hidden services are available?

 TBD

How can I offer a hidden service myself?

 Of course, just bind your service to the virtual IP addresses that the MORE server automatically assigns to your MORE client.

How can I startup a MORE server?

 The server takes care of storing anonymous path sections etc. Communication with the server is anonymous, too. Per anonymous network you only need one server. 
MoreServer [Options]
	
Options:
  -i <ip_addr>     server ip address, default HOST_NAME
  -c <port>        control port, default 2000
  -a <port>        anon port, default 2001
  -p <ip_prefix>   virtual ip address prefix, max 255, default 10
  -h               display this help
  -v               display version info
In most cases you can start MoreServer without options.
« May 2013 »
Su Mo Tu We Th Fr Sa
1234
567891011
12131415161718
19202122232425
262728293031
How does the Internet work?
Wie funktioniert das Internet?
Wie funktioniert das Internet? - Explaining the Internet to Kids
conferences and workshops
MCS @ COOP 2010:
MOBILE COLLABORATION SYSTEMS: Challenges for design, work practice, infrastructure, and business, Workshop at COOP 2010, Aix-en-Provence, France, 19-21 May
www.tinyurl.com/
mobileCollaboration

P2P'08 at RWTH:
The 8th International Conference on Peer-to-Peer Computing (P2P'08)
www.p2p08.org
 
Powered by Plone