STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
The dining cryptographers problem: unconditional sender and recipient untraceability
Journal of Cryptology
Completeness theorems for non-cryptographic fault-tolerant distributed computation
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Anonymity, unobservability, and pseudeonymity — a proposal for terminology
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
From a Trickle to a Flood: Active Attacks on Several Mix Types
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
The predecessor attack: An analysis of a threat to anonymous communications systems
ACM Transactions on Information and System Security (TISSEC)
Anonymity and information hiding in multiagent systems
Journal of Computer Security
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Information hiding, anonymity and privacy: a modular approach
Journal of Computer Security - Special issue on WITS'02
Cryptography from Sunspots: How to Use an Imperfect Reference String
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
An Indistinguishability-Based Characterization of Anonymous Channels
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
Measuring the Effectiveness and the Fairness of Relation Hiding Systems
APSCC '08 Proceedings of the 2008 IEEE Asia-Pacific Services Computing Conference
Anonymity, Privacy, Onymity, and Identity: A Modal Logic Approach
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Survey on anonymous communications in computer networks
Computer Communications
A model of onion routing with provable anonymity
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Relations among privacy notions
ACM Transactions on Information and System Security (TISSEC)
Modeling identity-related properties and their privacy strength
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
An Epistemic Logic Based Framework for Reasoning about Information Hiding
ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
A formal treatment of onion routing
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Anonymous connections and onion routing
IEEE Journal on Selected Areas in Communications
Provably Secure and Practical Onion Routing
CSF '12 Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium
Probabilistic analysis of onion routing in a black-box model
ACM Transactions on Information and System Security (TISSEC)
Hi-index | 0.00 |
We study provably secure anonymity. We begin with rigorous definition of anonymity against wide range of computationally bounded attackers, including eavesdroppers, malicious peers, malicious destinations, and their combinations. Following [hevia2008indistinguishability], our definition is generic, and captures different notions of anonymity (e.g., unobservability and sender anonymity). We then study the feasibility of ultimate anonymity: the strongest-possible anonymity requirements and adversaries. We show there is a protocol satisfying this requirement, but with absurd (although polynomial) inefficiency and overhead. We show that such inefficiency and overhead are unavoidable for 'ultimate anonymity'. We then present a slightly-relaxed requirement and present feasible protocols for it.