Skip to main content
SpringerLink
Log in

Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems

  • Conference paper
  • First Online:
Information Hiding (IH 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2137))

Included in the following conference series:

Abstract

We discuss problems and trade-offs with systems providing anonymity for web browsing (or more generally any communication system that requires low latency interaction). We focus on two main systems: the Freedom network [12] and PipeNet [8]. Although Freedom is efficient and reasonably secure against denial of service attacks, it is vulnerable to some generic traffic analysis attacks, which we describe. On the other hand, we look at PipeNet, a simple theoretical model which protects against the traffic analysis attacks we point out, but is vulnerable to denial of services attacks and has efficiency problems. In light of these observations, we discuss the trade-offs that one faces when trying to construct an efficient low latency communication system that protects users anonymity.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anonymizer.com. The anonymizer.

    Google Scholar 

  2. Berthold, O., Pfitzmann, A., AND Standtke, R. The disadvantages of free mix routes and how to overcome them. In Proc. Workshop on Design Issues in Anonymity and Unobservability (25–26 July 2000), ICSI TR-00-011, pp. 27–42.

    Google Scholar 

  3. Bos, J., AND Boer, B. D. Detection of disrupters in the DC protocol. In Advances in Cryptology-EURO CRYPT’ 89 (1989), pp. 320–327.

    Google Scholar 

  4. Canetti, R.Studies in Secure Multiparty Computation and Applications. PhD thesis, Department of Computer Science and Applied Mathematics, The Weizmann Institute of Science, June 1995. revised version.

    Google Scholar 

  5. Cuphaum, D. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the Association for Computing Machinery 24,2 (Feb. 1981), 84–88.

    Google Scholar 

  6. Chaum, D. The Dining Cryptographers Problem: Unconditional sender and recipient untraceability. Journal of Cryptology 7,1 (1988), 65–75.

    MathSciNet  Google Scholar 

  7. Cramer, R., Damgård, I., Dziembowski, S., Hirt, M., AND Rabin, T. Efficient multiparty computations with dishonest minority. In Advances in Cryptology— EUROCRYPT99 (March 1999), vol. 1561 of Lecture Notes in Computer Science, Springer-Verlag, pp. 311–326.

    Google Scholar 

  8. Dai, W. Pipenet 1.1. http://www.eskimo.com/weidai/pipenet.txt, 1998.

  9. Dai, W. Two attacks against freedom. http://www.eskimo.coni/~weidai/freedom-attacks.txt, 2000.

  10. Desmedt, Y., AND Kurosawa, K. How to break a practical mix and design a new one. In Advances in Cryptology-EUROCRYPT’ 2000 (2000), Lecture Notes in Computer Science, International Association for Cryptologic Research, Springer-Verlag, Berlin Heidelberg, pp. 557–572.

    Chapter  Google Scholar 

  11. Gennaro, R., Rabin, M. O., AND Rabin, T. Simplified VSS and fast-track multiparty computations with applications to threshold cryptography. In PODC: 17th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (1998).

    Google Scholar 

  12. Goldberg, I., AND Shostack, A. Freedom network 1.0 architecture and protocols. http://www.freedom.net/info/freedompapers/index.html, 1999.

  13. Goldreich, O., Micali, S., AND Wigderson, A. How to play any mental game — A completeness theorem for protocols with honest majority. In Proceedings of the nineteenth annual ACM Symposium on Theory of Computing, New York City, May 25–27, 1987 (New York, NY 10036, USA, 1987), ACM, Ed., ACM Press, pp. 218–229.

    Google Scholar 

  14. Goldschlag, D., Reed, M., AND Syverson, P. Onion routing for anonymous and private internet connections. Communications of the ACM (USA) 42,2 (Feb. 1999), 39–41.

    Google Scholar 

  15. Green, L. Traffic shaping argument. Article on cypherpunks list, 1993.

    Google Scholar 

  16. Jakobsson. Flash mixing. In PODC: 18th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (1999).

    Google Scholar 

  17. Jakobsson, M. A practical mix. Lecture Notes in Computer Science 1403 (1998), 448

    Google Scholar 

  18. Jakobsson, M., AND Juels, A. Millimix: Mixing in small batches. Tech. Rep. 99-33, DIMACS, June 10 1999. Thu, 22 Jul 1999 23:50:00 GMT.

    Google Scholar 

  19. Kocher, P. C. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Advances in Cryptology-CRYPTO’ 96 (1996), N. Koblitz, Ed., Lecture Notes in Computer Science, International Association for Cryptologic Research, Springer-Verlag, Berlin Germany, pp. 104–113.

    Google Scholar 

  20. Menezes, A. J., Van Oorschot, P. C., AND Vanstone, S. A.Handbook of applied cryptography. The CRC Press series on discrete mathematics and its applications. CRC Press, 2000 N.W. Corporate Blvd., Boca Raton, FL 33431-9868, USA, 1997.

    MATH  Google Scholar 

  21. Ohkubo, M., AND Abe, M. A length-invariant hybrid mix. In Advances in Cryptology-ASIACRYPT’ 2000 (2000), Lecture Notes in Computer Science, International Association for Cryptologic Research, Springer-Verlag, Berlin Heidelberg, pp. 178–191.

    Chapter  Google Scholar 

  22. Park, C., Itoh, K., AND Kurosawa, K. Efficient anonymous channel and all/nothing election scheme. Lecture Notes in Computer Science 765 (1994)

    Google Scholar 

  23. Pfitzmann, A., Pfitzmann, B., AND Waidner, M. ISDN-MIXes: untraceable communication with very small bandwidth overhead. In Information Security, Proc. IFIP/Sec’ 91 (1991), pp. 245–258.

    Google Scholar 

  24. Rackoff, C., AND Simon, D. R. Cryptographic defense against traffic analysis. In Proceedings of the Twenty-Fifth Annual ACM Symposium on the Theory of Computing (San Diego, California, 16–18 May 1993), pp. 672–681.

    Google Scholar 

  25. Raymond, J.-F. Traffic analysis: Protocols, attacks, design issues and open problems. In Proc. Workshop on Design Issues in Anonymity and Unobservability (25–26 July 2000), ICSITR-00-011,pp. 7–26.

    Google Scholar 

  26. Reiter, M. K., AND Rubin, A. D. Anonymous Web transactions with crowds. Communications of the ACM 42,2 (Feb. 1999), 32–48.

    Google Scholar 

  27. Smith, A., AND Stiglic, A. Multiparty computation unconditionally secure against II2 adversary structures. Cryptology SOCS-98.2, School of Computer Science, McGill University, Montreal, Canada, 1998.

    Google Scholar 

  28. Syverson, P. F., Tsudik, G., Reed, M. G., AND Landwehr, C. E. Towards an analysis of onion routing security. In Proc. Workshop on Design Issues in Anonymity and Unobservability (25–26 July 2000), ICSI RR-00-011, pp. 83–100.

    Google Scholar 

  29. Waidner, M. Unconditional sender and recipient untraceability in spite of active attacks. In Advances in Cryptology-EUROCRYPT’ 89 (1990), J.-J. Quisquater and J. Vandewalle, Eds., Lecture Notes in Computer Science, International Association for Cryptologic Research, Springer-Verlag, Berlin Germany, pp. 302–319.

    Google Scholar 

  30. Waidner, M., AND Pfitzmann, B. The dining cryptographers in the disco: Unconditional sender and recipient untraceability with computationally secure serviceability. In Advances in Cryptology—EUROCRYPT89 (10–13 Apr. 1989), J.-J. Quisquater and J. Vandewalle, Eds., vol. 434 of Lecture Notes in Computer Science, Springer-Verlag, 1990, p. 690.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Zero-Knowledge Systems Inc., USA

    Adam Back, Ulf Möller & Anton Stiglic

Authors
  1. Adam Back
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ulf Möller
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Anton Stiglic
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Naval Research Laboratory, Washington, DC, 20375, USA

    Ira S. Moskowitz

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Back, A., Möller, U., Stiglic, A. (2001). Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems. In: Moskowitz, I.S. (eds) Information Hiding. IH 2001. Lecture Notes in Computer Science, vol 2137. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45496-9_18

Download citation

  • DOI: https://doi.org/10.1007/3-540-45496-9_18

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42733-9

  • Online ISBN: 978-3-540-45496-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation