Reputation Systems for Anonymous Networks
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
PAR: Payment for Anonymous Routing
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
A Combinatorial Approach for an Anonymity Metric
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Monitoring and counter-profiling for voice over IP networks and services
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Low-latency Mix Using Split and Merge Operations
Journal of Network and Systems Management
Drac: an architecture for anonymous low-volume communications
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
How to share your favourite search results while preserving privacy and quality
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Anonymity analysis of P2P anonymous communication systems
Computer Communications
A practical complexity-theoretic analysis of mix systems
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Cryptographic protocol analysis of AN.ON
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
You cannot hide for long: de-anonymization of real-world dynamic behaviour
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Hi-index | 0.00 |
The MIX technique forms the basis of many popular services that offer anonymity of communication in open and shared networks such as the Internet. In this paper, fundamental limits on the anonymity provided by the MIX technique are found by considering two different settings. First, we consider an information theoretic setting to determine the extent of information inherent in observations of the traffic passing through the MIX.We show that if the size of sender anonymity sets is less than the total user population, the information contained in traffic observations is sufficient to deduce all communication relationships between senders and receivers using the MIX. More importantly, we show that even if every user sends a message in each communication round, it is possible to compromise the anonymity significantly. We precisely characterize the extent of compromised anonymity in each case. In the second setting, we assume that the attacker has unlimited computational resources and is free to choose any attack algorithm. We derive tight upper and lower bounds on the minimum number of observations required to deduce all recipient peer-partners of a targeted user. The analysis done in these two settings reveals many discrete mathematical structures inherent in anonymity sets, and the intuition gained from these structures can be used when designing or using a MIX based anonymity technique.