Communications - May 2011

ing, Clue’s implementation of the default “Sign+Verify” attribution process restricts bulk TCP throughput to approximately 0.33Mbps independent of the RTT.

The poor performance of “Sign+Verify” motivates the optimizations described earlier. While precomputation dramatically decreases the overhead at the sender, it has only modest effect in isolation on TCP throughput, as performance is still receiver-limited. Similarly, asynchronous verification allows the receiver to issue ACKs immediately, but the potential for improvement is bounded by the effective decrease in flow RTT. Indeed, precomputation and asynchronous verification are most effective when combined with windowed verification and has the potential to move the performance bottleneck back to the sender.

The line in Figure 2 labeled “Precomp+Async+Win- 8” is the performance of the Clue prototype when combining the three optimizations while using a fixed window size of eight packets. In theory, the larger the window size, the less overhead verification imposes. Indeed, progressively increasing the window size continues to increase throughput performance—to a point; most benefits are achieved with a window of 64 packets, as indicated by the line “Precomp+Async+Win- 64” in Figure 2, exceeding 17.5Mbps at 20ms. Recall that windowed verification proceeds only in the absence of loss; if a packet is lost in a window, the remaining packets must be verified individually, negating any potential for improvement. Hence, our Clue implementation dynamically adjusts the window size to match the sender’s TCP congestion window. The “Precomp+Async+AdaptiveWin” line in Figure 2 shows its performance approaches the baseline for all but the smallest RTTs; at an RTT of 80ms— typical of TCP connections on the Internet18—this combination achieves a throughput of 9.6Mbps, within a factor of 1. 2 of “Proxy” itself, and exceeds the capacity of most consumer broadband links.

Conclusion

Much of the Internet’s success can
be attributed to its minimalist archi-
tecture. However, the related archi-
tectural freedoms also represent ripe
vulnerabilities for adversaries trying to
exploit the network to their own ends.
Chief among them is the lack of ac-
countability for user actions. Without
a plausible threat of accountability, the
normal social processes that disincen-
tivize criminal behavior cannot func-
tion. We suggest modifying the Inter-
net architecture to proactively enable
network forensics while preserving the
privacy of network participants under
normal circumstances.

acknowledgments

We thank Hovav Shacham of the University of California, San Diego, for advice and comments. This work is funded in part by National Science Foundation grants CNS-0627157 and CNS-0722031.

References

1. andersen, D., Balakrishnan, H., Feamster, n., Koponen, T., Moon, D., and Shenker, S. accountable Internet Protocol. In Proceedings of the ACM SIGCOMM Conference (Seattle, aug. 19–21). aCM Press, new york, 339–350.

2. ateniese, G., Tsudik, G., and Song, D. Quasi-efficient revocation of group signatures. In Financial Cryptography, M. Blaze, ed. (Southampton, Bermuda, Mar. 11–14). Springer-Verlag, Berlin, 2002, 183–197.

3. aucsmith, D. The digital crime scene: a software prospective. In Proceedings of the CyberCrime and Digital Law Enforcement Conference (new Haven, C T, Mar. 26–28, 2004).

4. Baric, n. and Pfitzmann, B. Collision-free accumulators and fail-stop signature schemes without trees. In Advances in Cryptology EUROCRYPT ‘ 97, W. Fumy, ed. (Konstanz, Germany, May 11–15). Springer-Verlag, Berlin, 1997, 480–494.

5. Bellare, M., Micciancio, D., and Warinschi, B. Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In Advances in Cryptology EUROCRYPT ‘03, e. Biham, ed. (Warsaw, May 4–8). Springer-Verlag, Berlin, 2003, 614–629.

6. Bellare, M. and rogaway, P. random oracles are
practical: a paradigm for designing efficient protocols.
In Proceedings of the ACM Conference on Computer
and Communications Security (Fairfax, Va, nov. 3–5).
aCM Press, new york, 1993, 62–73.

Mikhail Afanasyev ( mafanasyev@gmail.com) is a postdoctoral fellow in the autonomous Systems laboratory of the australian Commonwealth Scientific and research organization (CSIro), Brisbane, australia. Tadayoshi Kohno ( yoshi@cs.washington.edu) is an assistant professor in the Computer Science and engineering Department of the university of Washington, Seattle, Wa. Justin Ma ( jtma@eecs.berkeley.edu) is a postdoctoral scholar in the aMP lab of the university of California, Berkeley. nicholas Murphy ( nmurphy@eecs.harvard.edu) is a doctoral candidate in the School of engineering and applied Sciences of Harvard university, Cambridge, Ma. Stefan Savage ( savage@cs.ucsd.edu) is a professor in the Computer Science and engineering Department of the university of California, San Diego.

Alex C. Snoeren ( snoeren@cs.ucsd.edu) is an associate professor in the Computer Science and engineering Department of the university of California, San Diego. Geoffrey M. Voelker ( voelker@cs.ucsd.edu) is a professor in the Computer Science and engineering Department of the university of California, San Diego.