On-Demand Blind Packet Forwarding

Abstract

Network Address Confidentiality (NAC) classifies all third parties and network nodes as adversaries and limits access to the network packet addresses in cleartext exclusively to the communicating endpoints. NAC implies certain anonymity properties, namely sender/recipient and relationship unlinkabilities. Blind Packet Forwarding (BPF) realizes NAC and its unlinkability properties by redesigning the packet forwarding and its associated network functions to blind ones transferring and processing packet addresses in end-to-end encrypted form. BPF defines two modes. In the semi-blind mode, NAC and its unlinkability properties apply only to communicating endpoints, while the fully blind mode provides these security properties for communicating endpoints as well as domains and local networks. However, the full blindness in a domain requires to set up and maintain masked routing tables within the entire domain, which is a costly process. This paper proposes multiple approaches for different cases to selectively set up masked routing table entries and to perform the full blindness on demand. Moreover, we present our prototype implementation and its evaluation by means of an adjusted OpenFlow version and multiple scenarios respectively.