From a Trickle to a Flood: Active Attacks on Several Mix Types
The literature contains a variety of different mixes, some of which have been used in deployed anonymity systems. We explore their anonymity and message delay properties, and show how to mount active attacks against them by altering the traffic between the mixes. We show that if certain mixes are used, such attacks cannot destroy the anonymity of a particular message completely. We work out the cost of these attacks in terms of the number of messages the attacker must insert into the network and the time he must spend. We discuss advantages and disadvantages of these mixes and the settings in which their use is appropriate. Finally, we look at dummy traffic and SG mixes as other promising ways of protecting against the attacks, point out potential weaknesses in existing designs, and suggest improvements.
KeywordsActive Attack Commitment Scheme Message Delay Attack Message Target Message
Unable to display preview. Download preview PDF.
- Oliver Berthold, Andreas Pfitzmann, and Ronny Standtke. The disadvantages of free MIX routes and how to overcome them. In Designing Privacy Enhancing Technologies: Proceedings of the International Workshop on the Design Issues in Anonymity and Observability, pages 10–29, July 2000. 37Google Scholar
- L. Cottrell. Mixmaster and remailer attacks, 1994. http://www.obscura.com/~loki/remailer/remailer-essay.html. 36, 49
- George Danezis, Roger Dingledine, David Hopwood, and Nick Mathewson. Mixminion: Design of a Type III Anonymous Remailer Protocol. Manuscript, 2002. http://mixminion.net/. 39
- Roger Dingledine, Michael J. Freedman, David Hopwood, and David Molnar. A Reputation System to Increase MIX-net Reliability. In Ira Moskowitz, editor, Information Hiding, 4th International Workshop (IH 2001), pages 126–141. Springer-Verlag, LNCS 2137, 2001. http://www.freehaven.net/papers.html. 47, 50Google Scholar
- Elke Franz, Andreas Graubner, Anja Jerichow, and Andreas Pfitzmann. Comparisonof Commitment Schemes Used in Mix-Mediated Anonymous Communicationfor Preventing Pool-Mode Attacks. In C. Boyd and E. Dawson, editors, 3rd AustralasianConference on Information Security and Privacy (ACISP’98, number1438 in LNCS. Springer-Verlag, 1998. 47CrossRefGoogle Scholar
- C. Gülcü and G. Tsudik. Mixing Email with Babel. In Internet Society Symposiumon Network and Distributed Sytem Security (NDSS’96), pages 2–16, San Diego,CA, Feb 1996. 36, 49Google Scholar
- Markus Jakobsson. Flash Mixing. In Principles of Distributed Computing-PODC’99. ACM, 1999. http://citeseer.nj.nec.com/jakobsson99flash.html. 36, 47
- Anja Jerichow. Generalisation and Security Improvement of Mix-mediated AnonymousCommunication. PhD thesis, Technischen Universitat Dresden, 2000. 47,49Google Scholar
- D. Kesdogan, J. Egner, and R. Buschkes. Stop-and-go-MIXes providing probabilistic anonymity in an open system. In Proceedings of the International Information Hiding Workshop, April 1998. 36, 49Google Scholar
- Ulf Möller and Lance Cottrell. Mixmaster Protocol-Version 2. Unfinished draft, January 2000. http://www.eskimo.com/~rowdenw/crypt/Mix/draft-moeller-mixmaster2-protocol-00.txt. 36, 39