The dining cryptographers problem: unconditional sender and recipient untraceability
Journal of Cryptology
Unconditional sender and recipient untraceability in spite of active attacks
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Project “anonymity and unobservability in the Internet”
Proceedings of the tenth conference on Computers, freedom and privacy: challenging the assumptions
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Traffic analysis: protocols, attacks, design issues, and open problems
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
The disadvantages of free MIX routes and how to overcome them
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
A verifiable secret shuffle and its application to e-voting
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Tarzan: a peer-to-peer anonymizing network layer
Proceedings of the 9th ACM conference on Computer and communications security
ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead
Kommunikation in Verteilten Systemen, Grundlagen, Anwendungen, Betrieb, GI/ITG-Fachtagung
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
SAC '99 Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography
An Efficient Scheme for Proving a Shuffle
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Limits of Anonymity in Open Environments
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Mixminion: Design of a Type III Anonymous Remailer Protocol
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Low-Cost Traffic Analysis of Tor
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Eluding carnivores: file sharing with strong anonymity
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Efficient anonymity-preserving data collection
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
On the effectiveness of k;-anonymity against traffic analysis and surveillance
Proceedings of the 5th ACM workshop on Privacy in electronic society
Measuring relationship anonymity in mix networks
Proceedings of the 5th ACM workshop on Privacy in electronic society
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
PeerReview: practical accountability for distributed systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Passive-Logging Attacks Against Anonymous Communications Systems
ACM Transactions on Information and System Security (TISSEC)
SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
An offline foundation for online accountable pseudonyms
Proceedings of the 1st Workshop on Social Network Systems
BitBlender: light-weight anonymity for BitTorrent
Proceedings of the workshop on Applications of private and anonymous communications
Sybil-resilient online content voting
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
A taxonomy for and analysis of anonymous communications networks
A taxonomy for and analysis of anonymous communications networks
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Dummy traffic against long term intersection attacks
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
A practical congestion attack on tor using long paths
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Dissent: accountable anonymous group messaging
Proceedings of the 17th ACM conference on Computer and communications security
Statistical disclosure or intersection attacks on anonymity systems
IH'04 Proceedings of the 6th international conference on Information Hiding
Practical traffic analysis: extending and resisting statistical disclosure
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Timing analysis in low-latency mix networks: attacks and defenses
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Dissent in numbers: making strong anonymity scale
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Towards efficient traffic-analysis resistant anonymity networks
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Expressive privacy control with pseudonyms
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Proactively accountable anonymous messaging in verdict
SEC'13 Proceedings of the 22nd USENIX conference on Security
Hi-index | 0.00 |
Some anonymity schemes might in principle protect users from pervasive network surveillance--but only if all messages are independent and unlinkable. Users in practice often need pseudonymity--sending messages intentionally linkable to each other but not to the sender--but pseudonymity in dynamic networks exposes users to intersection attacks. We present Buddies, the first systematic design for intersection attack resistance in practical anonymity systems. Buddies groups users dynamically into buddy sets, controlling message transmission to make buddies within a set behaviorally indistinguishable under traffic analysis. To manage the inevitable tradeoffs between anonymity guarantees and communication responsiveness, Buddies enables users to select independent attack mitigation policies for each pseudonym. Using trace-based simulations and a working prototype, we find that Buddies can guarantee non-trivial anonymity set sizes in realistic chat/microblogging scenarios, for both short-lived and long-lived pseudonyms.