Cryptographic defense against traffic analysis
STOC '93 Proceedings of the twenty-fifth annual ACM symposium on Theory of computing
Delayed path coupling and generating random permutations via distributed stochastic processes
Proceedings of the tenth annual ACM-SIAM symposium on Discrete algorithms
Journal of Computer Security - Special issue on security in the World Wide Web
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Anonymity, unobservability, and pseudeonymity — a proposal for terminology
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Mix and Match: Secure Function Evaluation via Ciphertexts
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
From a Trickle to a Flood: Active Attacks on Several Mix Types
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Probabilistic Treatment of MIXes to Hamper Traffic Analysis
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Secret-Ballot Receipts: True Voter-Verifiable Elections
IEEE Security and Privacy
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Statistical disclosure or intersection attacks on anonymity systems
IH'04 Proceedings of the 6th international conference on Information Hiding
Anonymous communication with on-line and off-line onion encoding
SOFSEM'05 Proceedings of the 31st international conference on Theory and Practice of Computer Science
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Anonymous connections and onion routing
IEEE Journal on Selected Areas in Communications
A Kademlia-Based Node Lookup System for Anonymization Networks
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Low-latency Mix Using Split and Merge Operations
Journal of Network and Systems Management
| Hi-index | 0.00 |
We consider anonymous communication protocols based on onions: each message is sent in an encrypted form through a path chosen at random by its sender, and the message is re-coded by each server on the path. Recently, it has been shown that if the anonymous paths are long enough, then the protocols provide provable security for some adversary models. However, it was assumed that all users choose intermediate servers uniformly at random from the same set of servers. We show that if a single user chooses only from a constrained subset of possible intermediate servers, anonymity level may dramatically decrease. A thumb rule is that if Alice is aware of much less than 50% of possible intermediate servers, then the anonymity set for her message becomes surprisingly small with high probability. Moreover, for each location in the anonymity set an adversary may compute probability that it gets a message of Alice. Since there are big differences in these probabilities, in most cases the true destination of the message from Alice is in a small group of locations with the highest probabilities. Our results contradict some beliefs that the protocols mentioned guarantee anonymity provided that the set of possible intermediate servers for each user is large.