Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems

  • Jean-François Raymond
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2009)


We present the trafic analysis problem and expose the most important protocols, attacks and design issues. Afterwards, we propose directions for further research. As we are mostly interested in efficient and practical Internet based protocols, most of the emphasis is placed on mix based constructions. The presentation is informal in that no complex definitions and proofs are presented, the aim being more to give a thorough introduction than to present deep new insights.


Oblivious Transfer Traffic Analysis Exit Node Secure Multi Party Computation Private Information Retrieval 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M Abe. Universally verifiable mix-net with verification work independent of the number of mix-servers. In Advances in Cryptology-Eurocrypt’ 98, volume 1403 of Lecture Notes in Computer Science, pages 437–447, Helsinki, Finland, 31 May-4 June 1998. Springer-Verlag.CrossRefGoogle Scholar
  2. 2.
    M Abe. Mix-network on permutation networks. In Advances in cryptology-ASIACRYPT’99, volume 1716, pages 258–273. Springer-Verlag, 1999.Google Scholar
  3. 3.
    Adam Back. Hashcash., march 1997.
  4. 4.
    Oliver Berthold, Hannes Federrath, and Marit Kohntopp. Project anonymity and unobservability in the internet. Presented at CFP 2000.Google Scholar
  5. 5.
    Stefan A. Brands. Restrictive blinding of secret-key certificates. Technical Report CS-R9509, CWI-Centrum voor Wiskunde en Informatica, February 28, 1995.Google Scholar
  6. 6.
    CERT. Advisory ca-96.21: Tcp syn flooding and ip spoofing attacks, 24 September 1996.Google Scholar
  7. 7.
    D Chaum. The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of Cryptology, 1:65–75, 1988.zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    David Chaum. Untraceable electronic mail, return addresses and digital pseudonyms. Communications of the A.C.M., 24(2):84–88, February 1981.Google Scholar
  9. 9.
    David Chaum. Blind signatures for untraceable payments. In R. L. Rivest, A. Sherman, and D. Chaum, editors, Proc. CRYPTO 82, pages 199–203, New York, 1983. Plenum Press.Google Scholar
  10. 10.
    Benny Chor, Oded Goldreich, Eyal Kushilevitz, and Madhu Sudan. Private information retrieval. In 36th IEEE Conference on the Foundations of Computer Science, pages 41–50. IEEE Computer Society Press, 1995.Google Scholar
  11. 11.
    Benny Chor, Oded Goldreich, Eyal Kushilevitz, and Madhu Sudan. Private information retrieval. Journal of the ACM, 45(6):965–981, 1998.zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    David A. Cooper and Kenneth P. Birman. Preserving privacy in a network of mobile computers. In 1995 IEEE Symposium on Research in Security and Privacy, pages 26–38. IEEE Computer Society Press, 1995.
  13. 13.
    Lance Cottrell. Mixmaster.
  14. 14.
    Ronald Cramer. Introduction to secure computation. In Lectures on data security: modern cryptology in theory and practice, volume 1561 of Lecture Notes in Computer Science, pages 16–62. Springer, 1999.Google Scholar
  15. 16.
    Wei Dai. private communication, 1999.Google Scholar
  16. 17.
    Yvo Desmedt and Kaoru Kurosawa. How to break a practical mix and design a new one. To be presented at Eurocrypt 2000.Google Scholar
  17. 18.
    W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22:644–654, 1976.zbMATHCrossRefMathSciNetGoogle Scholar
  18. 19.
    Shlomi Dolev and Rafail Ostrovsky. Efficient anonymous multicast and reception. In Walter Fumy, editor, Advances in Cryptology-EUROCRYPT’ 97, Lecture Notes in Computer Science, pages 395–409. Springer-Verlag, Berlin Germany, 1997.CrossRefGoogle Scholar
  19. 20.
    Cynthia Dwork and Moni Naor. Pricing via processing or combatting junk mail. In Ernest F. Brickell, editor, Advances in Cryptology|CRYPTO’ 92, volume 740 of Lecture Notes in Computer Science, pages 139–147. Springer-Verlag, 1993, 16–20 August 1992.CrossRefGoogle Scholar
  20. 21.
    Ian Goldberg and Adam Shostack. Freedom network whitepapers.Google Scholar
  21. 22.
    Oded Goldreich and Rafail Ostrovsky. Software protection and simulation on oblivious RAMs. Journal of the ACM, 43(3):431–473, 1996.zbMATHCrossRefMathSciNetGoogle Scholar
  22. 23.
    C. Gulcu and G. Tsudik. Mixing E-mail with BABEL. In Symposium on Network and Distributed Systems Security (NDSS’ 96), San Diego, California, February 1996. Internet Society.
  23. 24.
    Ceki Gulcu. The anonymous E-mail conversation. Master’s thesis, Eurecom Institute, 229 route des Cretes, F-06904 Sophia-Antipolis, France, June 1995.Google Scholar
  24. 25.
    Jakobsson. A practical mix. In Kaisa Nyberg, editor, Advances in Cryptology-EUROCRYPT’ 98, volume 1403 of Lecture Notes in Computer Science, pages 448-. Springer-Verlag, 1998.CrossRefGoogle Scholar
  25. 26.
    A. Juels and J. Brainard. Client puzzles: A cryptographic defense against connection depletion attacks. In S. Kent, editor, NDSS’ 99 (Networks and Distributed Security Systems), pages 151–165, 2000.Google Scholar
  26. 27.
    D. Kahn. The Codebreakers. Macmillan Publishing Company, 1967.Google Scholar
  27. 28.
    John Kelsey. private communication, 1999.Google Scholar
  28. 29.
    Dogan Kesdogan, Jan Egner, and Roland Büschkes. Stop-and-go mixes providing probabilistic security in an open system. In David Aucsmith, editor, Information Hiding: Second International Workshop, volume 1525 of Lecture Notes in Computer Science, pages 83–98. Springer-Verlag, Berlin, Germany, 1998.Google Scholar
  29. 30.
    W Ogata, K Kurosawa, K Sako, and K Takatani. Fault tolerant anonymous channel. In Information and Communications Security-First International Conference, volume 1334 of Lecture Notes in Computer Science, pages 440–444, Beijing, China, 11–14 November 1997. Springer-Verlag.Google Scholar
  30. 31.
    A Pfitzmann and M Waidner. Networks without user observability-design options. In Advances in Cryptology-Eurocrypt’ 85, volume 219 of Lecture Notes in Computer Science. Spinger-Verlag, 1985.Google Scholar
  31. 32.
    Andreas Pfitzmann. A switched/broadcast ISDN to decrease user observability. 1984 International Zurich Seminar on Digital Communications, Applications of Source Coding, Channel Coding and Secrecy Coding, March 6–8, 1984, Zurich, Switzerland, Swiss Federal Institute of Technology, Proceedings IEEE Catalog no. 84CH1998-4, 183–190, 6–8 March 1984.Google Scholar
  32. 33.
    Andreas Pfitzmann. How to implement ISDNs without user observability-some remarks. Technical report, Institut für Informatik, University of Karlsruhe, Institut für Informatik, University of Karlsruhe, 1985.Google Scholar
  33. 34.
    Andreas Pfitzmann, Birgit Pfitzmann, and Michael Waidner. ISDN-mixes: Untraceable communication with very small bandwidth overhead. In GI/ITG Conference: Communication in Distributed Systems, pages 451–463. Springer-Verlag, Heidelberg 1991, February 1991.Google Scholar
  34. 35.
    B Pfitzmann and A Pfitzmann. How to break the direct rsa-implementation of mixes. In Advances in Cryptology-Eurocrypt’ 89, volume 434 of Lecture Notes in Computer Science. Springer-Verlag, 1989.Google Scholar
  35. 36.
    M. Rabin. How to exchange secrets by oblivious transfer. Technical Report Technical Memo TR-81, Aiken Computation Laboratory, Harvard University, 1981.Google Scholar
  36. 37.
    Michael K. Reiter and Aviel D. Rubin. Crowds: Anonymity for Web Transactions. ACM Transactions on Information and System Security, volume 1, pages 66–92, 1998.CrossRefGoogle Scholar
  37. 38.
    Michael K. Reiter and Aviel D. Rubin. Anonymous Web transactions with crowds. Communications of the ACM, volume 42, number 2, pages 32–48, 1999.CrossRefGoogle Scholar
  38. 39.
    Charles Rackoff and Daniel R. Simon. Cryptographic defense against traffic analysis. In Proceedings of the Twenty-Fifth Annual ACM Symposium on the Theory of Computing, pages 672–681, San Diego, California, 16–18 May 1993.Google Scholar
  39. 40.
    M G Reed, P F Syverson, and D M Goldschlag. Anonymous connections and onion routing. IEEE Journal on Special Areas in Communications, 16(4):482–494, May 1998.CrossRefGoogle Scholar
  40. 41.
    G. J. Simmons. The history of subliminal channels. IEEE Journal on Selected Areas in Communications, 16(4):452–462, May 1998.CrossRefGoogle Scholar
  41. 42.
    L. F. Turner. Digital data security system, 1989. Patent IPN WO 89/08915.Google Scholar
  42. 43.
    M Waidner. Unconditional sender and recipient untraceability in spite of active attacks. In Advances in Cryptology-Eurocrypt’ 89, volume 434 of Lecture Notes in Computer Science. Springer-Verlag, 1989.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Jean-François Raymond
    • 1
  1. 1.Zero-Knowledge Systems, Inc.USA

Personalised recommendations