The official PGP user's guide
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Freenet: a distributed anonymous information storage and retrieval system
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Limits of Anonymity in Open Environments
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
P5: A Protocol for Scalable Anonymous Communication
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Mixminion: Design of a Type III Anonymous Remailer Protocol
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Communications of the ACM - Program compaction
Responder Anonymity and Anonymous Peer-to-Peer File Sharing
ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Dummy traffic against long term intersection attacks
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Practical traffic analysis: extending and resisting statistical disclosure
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Timing analysis in low-latency mix networks: attacks and defenses
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
The reverse statistical disclosure attack
IH'10 Proceedings of the 12th international conference on Information hiding
Hi-index | 0.00 |
Anonymous communications provides an important privacy service by keeping passive eavesdroppers from linking communicating parties. However, using long-term statistical analysis of traffic sent to and from such a system, it is possible to link senders with their receivers. Cover traffic is an effective, but somewhat limited, counter strategy against this attack. Earlier work in this area proposes that privacy-sensitive users generate and send cover traffic to the system. However, users are not online all the time and cannot be expected to send consistent levels of cover traffic, drastically reducing the impact of cover traffic. We propose that the mix generate cover traffic that mimics the sending patterns of users in the system. This receiver-bound cover helps to make up for users that aren't there, confusing the attacker. We show through simulation how this makes it difficult for an attacker to discern cover from real traffic and perform attacks based on statistical analysis. Our results show that receiver-bound cover substantially increases the time required for these attacks to succeed. When our approach is used in combination with user-generated cover traffic, the attack takes a very long time to succeed.