SPINE: Surveillance Protection in the Network Elements


Trisha Datta, Nick Feamster, Jennifer Rexford, and Liang Wang, Princeton University


Internet Protocol (IP) addresses can reveal information about communicating Internet users and devices, even when the rest of the traffic between them is encrypted. At the same time, IP addresses serve as endpoints for network-layer communication and, as a result, are typically visible to the intermediate routers to allow them to forward traffic to its ultimate destination. Previous approaches to obfuscate the IP addresses of the sender and receiver commonly depend on either custom user software (e.g., Tor browser) or significant modifications to network hardware along the end-to-end path (which has proved to be a major roadblock). SPINE, on the other hand, conceals IP addresses and relevant TCP fields from intermediate—and potentially adversarial—autonomous systems (ASes) but requires only two participating ASes and no cooperation from end hosts. To demonstrate SPINE’s practicality, we have implemented it on commodity programmable switches using the P4 programming language. Our evaluation shows that SPINE can run at hardware rates on commodity switches, paving the way to real-world deployment.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {239062,
author = {Trisha Datta and Nick Feamster and Jennifer Rexford and Liang Wang},
title = {{SPINE}: Surveillance Protection in the Network Elements},
booktitle = {9th USENIX Workshop on Free and Open Communications on the Internet (FOCI 19)},
year = {2019},
address = {Santa Clara, CA},
url = {https://www.usenix.org/conference/foci19/presentation/datta},
publisher = {USENIX Association},
month = aug