Organizational networks are vulnerable to traffic-analysis attacks that
enable adversaries to infer sensitive information from the network traffic –
even if encryption is used. Typical anonymous communication networks are
tailored to the Internet and are poorly suited for organizational networks. We
present PriFi, an anonymous communication protocol for LANs, which protects
users against eavesdroppers and provides high-performance traffic-analysis
resistance. PriFi builds on Dining Cryptographers networks but reduces the high
communication latency of prior work via a new client/relay/server architecture,
in which a client’s packets remain on their usual network path without
additional hops, and in which a set of remote servers assist the anonymization
process without adding latency. PriFi also solves the challenge of equivocation
attacks, which are not addressed by related works, by encrypting the traffic
based on the communication history. Our evaluation shows that PriFi introduces
a small latency overhead (~100ms for 100 clients) and is compatible with
delay-sensitive applications such as VoIP.

By admin