Anonymity and Censorship Resistance in Unstructured Overlay Networks

In the Clouds P2P protocol, a blocking attack against a specific topic requires adversaries to occupy at least 50% of the 200-peer region closest to the resource provider to be effective; below that threshold, query messages routed through multiple paths bypass the censorship. This 50% threshold holds regardless of the number of clouds κ created per peer.

§5.4 evaluation ip-blocking generic

The number of clouds per peer κ has no measurable effect on censorship resistance (Figure 5 curves are identical across κ = 1–4), while cloud size is the dominant driver of message overhead. This decoupling means designers can increase κ to improve anonymity without degrading censorship resistance or incurring bandwidth cost.

§5.4–§5.5 defense generic

Cloud locality — building clouds from semantically close peers via short-distance links — ensures that 2-wise and 3-wise cloud intersections have median cardinality between 40 and 50 peers, and the probability that a peer participates in clouds whose pairwise intersection falls below 40 is below 10⁻⁴, rendering intersection attacks infeasible in practice.

§5.3 defense flow-correlation generic

The surrounding attack on peer anonymity is also effective only when adversaries control at least 50% of the ~100 semantically closest peers to the target; at 25% malicious peers, at least 10 honest peers still join the target's cloud at every step of the joining algorithm, preserving k-anonymity.

§5.2 evaluation flow-correlation generic

The Clouds protocol retrieves approximately 70% of available answers even in the absence of attackers, representing a ~30% retrieval performance decrease relative to an insecure SON. This baseline loss stems from the cloud-based routing mechanism's probabilistic message delivery, not from adversarial interference.

§5.6 evaluation generic