Cryptography-based Prefix-preserving Anonymization
|IP::Anonymous - Perl module port of Crypto-PAn to provide anonymous IP addresses. By John Kristoff of Northwestern University.|
Crypto-PAn is a cyrptography-based sanitization tool for network trace owners to anonymize the IP addresses in their traces in a prefix-preserving manner. Crypto-PAn has the following properties:
- One-to-one The mapping from original IP addresses to anonymized IP addresses is one-to-one.
- Prefix-preserving In Cyrpto-PAn, the IP address anonymization is prefix-preserving. That is, if two original IP addresses share a k-bit prefix, their anonymized mappings will also share a k-bit prefix.
- Consistent across traces Crypto-PAn allows multiple traces to be sanitized in a consistent way, over time and across locations. That is, the same IP address in different traces is anonymized to the same address, even though the traces might be sanitized separately at different time and/or at different locations.
- Cryptography-based To sanitize traces, trace owners provide Crypto-PAn a secret key. Anonymization consistency across multiple traces is achieved by the use of the same key. The construction of Crypto-PAn preserves the secrecy of the key and the (pseudo)randomness of the mapping from an original IP address to its anonymized counterpart.
Authors and PublicationsCrypto-PAn is authored by Jinliang Fan, Jun Xu, Mostafa H. Ammar (College of Computing, Georgia Tech) and Sue Moon ( Sprint ATL) .
Crypto-PAn is based on the techniques developed in their papers:
- "Prefix-Preserving IP Address Anonymization", Computer Networks, Volume 46, Issue 2 , 7 October 2004, Pages 253-272, Elsevier. [link to paper]
- "On the Design and Performance of Prefix-Preserving IP Traffic Trace Anonymization", ACM SIGCOMM Internet Measurement Workshop 2001, San Francisco, CA, November , 2001. [download]
- "Prefix-Preserving IP Address Anonymization: Measurement-based Security Evaluation and a New Cryptography-based Scheme", to appear in Proceedings of the IEEE International Conference on Network Protocols, Paris, 2002. [download]
Software DownloadThe Crypto-PAn package(version 1.0) can be downloaded from here [Crypto-PAn.1.0.tar.gz] and please read the README on how to use it.
- TCPdpriv developed by Greg Minshall is a powerful trace sanitization tool and it supports prefix-preserving anonymization. TCPdpriv's implementation of prefix-preserving anonymization is based on the use of a lookup table. A detailed analysis on the properties of prefix-preserving anonymization can be find in the papers above.
- Network measurement tools that incorporate or extend the functionality of Crypto-PAn
- NetSniff NetSniff is a multi-network-layered real-time traffic capture and analysis tool developed as part of the ICE3 project being run out of the Centre for Advanced Internet Architectures (CAIA). ...
- flow-tools Flow-tools is library and a collection of programs used to collect, send, process, and generate reports from NetFlow data. ...
- CoralReef CoralReef is a comprehensive software suite developed by CAIDA to collect and analyze data from passive Internet traffic monitors, in real time or from trace files. ...
- Extension made by David Stott
for one of his projects in Lucent, including treatment of endian,
de-anonymizer, interesting use of reversed-prefix-preserving
anonymization, better ways of using the random bits from AES to reduce
consequtive 0 or 1's ....
- IP::Anonymous - Perl module port of Crypto-PAn to provide anonymous IP addresses. By John Kristoff of Northwestern University.