Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
The dining cryptographers problem: unconditional sender and recipient untraceability
Journal of Cryptology
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Group Principals and the Formalization of Anonymity
FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume I - Volume I
Reasoning About Knowledge
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Anonymity and information hiding in multiagent systems
Journal of Computer Security
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Information hiding, anonymity and privacy: a modular approach
Journal of Computer Security - Special issue on WITS'02
Computational soundness of observational equivalence
Proceedings of the 15th ACM conference on Computer and communications security
Secrecy for bounded security protocols with freshness check is NEXPTIME-complete
Journal of Computer Security
A Method for Proving Observational Equivalence
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Anonymity, Privacy, Onymity, and Identity: A Modal Logic Approach
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Complexity of anonymity for security protocols
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
On the security of public key protocols
IEEE Transactions on Information Theory
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
| Hi-index | 0.00 |
Anonymity, as an instance of information hiding, is one of the security properties intensively studied nowadays due to its applications to various fields such as electronic voting, electronic commerce, electronic mail, and so on. This paper presents a comprehensive study on minimal anonymity properties in security protocols. In order to reach this objective, an epistemic language and logic to reason about anonymity properties in security protocols, are provided. Agent states are endowed with facts derived from actions performed by agents in protocol executions, and an inference system is proposed. To define minimal anonymity, an observational equivalence is used, which is shown to be decidable in deterministic polynomial time. We distinguish between various forms of sender and receiver anonymity with respect to two types of observers: honest agents and the intruder. A large spectrum of relationships between these anonymity concepts is then derived. It is also shown that an anonymous action in a security protocol under a passive intruder might not be anonymous in the same security protocol if the intruder is active, and vice-versa. The decidability and complexity status of the anonymity concepts introduced in the paper is finally investigated. Thus, it is shown that minimal anonymity is undecidable in unrestricted security protocols, is NEXPTIME-complete in bounded security protocols, and is NP-complete in 1-session bounded security protocols.