Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
A verifiable secret shuffle and its application to e-voting
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Almost entirely correct mixing with applications to voting
Proceedings of the 9th ACM conference on Computer and communications security
An Efficient Scheme for Proving a Shuffle
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking
Proceedings of the 11th USENIX Security Symposium
Proceedings of the 11th ACM conference on Computer and communications security
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Synchronous batching: from cascades to free routes
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Survey on anonymous communications in computer networks
Computer Communications
Anonymous card shuffling and its applications to parallel mixnets
ICALP'12 Proceedings of the 39th international colloquium conference on Automata, Languages, and Programming - Volume Part II
Hi-index | 0.00 |
Parallel mixing [7] is a technique for optimizing the latency of a synchronous re-encryption mix network. We analyze the anonymity of this technique when an adversary can learn the output positions of some of the inputs to the mix network. Using probabilistic modeling, we show that parallel mixing falls short of achieving optimal anonymity in this case. In particular, when the number of unknown inputs is small, there are significant anonymity losses in the expected case. This remains true even if all the mixes in the network are honest, and becomes worse as the number of mixes increases. We also consider repeatedly applying parallel mixing to the same set of inputs. We show that an attacker who knows some input–output relationships will learn new information with each mixing and can eventually link previously unknown inputs and outputs.