Master thesis : LISP Privacy: An addressless approach to client-server communication

Abstract

With the increasing amount of data being exchanged over the Internet, privacy has become a critical concern for many actors relying on its services. This includes both individuals and organizations, who may be concerned about the confidentiality of their data as well as their own identity confidentiality. This work builds upon a model designed for server anonymization in IP networks, and presents a series of models built on top of the LISP protocol that aim at mitigating threats to privacy, such as network scanning and other forms of surveillance, which can have serious consequences for both clients and servers. It does so by reducing devices' identifiability as much as possible.

The Locator/Identifier Separation Protocol (LISP) has been developed to address the issue of the increasing size of routing tables in routers of the default-free zone (DFZ). The IAB highlighted the overloading of IP address semantics as the main cause. LISP separates the identifier and locator properties of an IP address into two separate address spaces in order to address this issue.

This work explores the potential for using LISP to provide anonymization to end devices in a communication. By implementing and comparing various models in the ns-3 simulation environment, we demonstrated the feasibility of using LISP for this purpose. The models provided in this work proved to be much better in terms of delay compared to the original solution and they can be combined to provide complete privacy to both clients and servers while also being easier to deploy and maintain.

This works explores solution built on top of the LISP protocol which have the advantage to be easy to deploy on top of an existing architecture. As LISP is still in development, it would be interesting to study the advantages of built-in solutions.