Abstract
We discuss problems and trade-offs with systems providing anonymity for web browsing (or more generally any communication system that requires low latency interaction). We focus on two main systems: the Freedom network [12] and PipeNet [8]. Although Freedom is efficient and reasonably secure against denial of service attacks, it is vulnerable to some generic traffic analysis attacks, which we describe. On the other hand, we look at PipeNet, a simple theoretical model which protects against the traffic analysis attacks we point out, but is vulnerable to denial of services attacks and has efficiency problems. In light of these observations, we discuss the trade-offs that one faces when trying to construct an efficient low latency communication system that protects users anonymity.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anonymizer.com. The anonymizer.
Berthold, O., Pfitzmann, A., AND Standtke, R. The disadvantages of free mix routes and how to overcome them. In Proc. Workshop on Design Issues in Anonymity and Unobservability (25–26 July 2000), ICSI TR-00-011, pp. 27–42.
Bos, J., AND Boer, B. D. Detection of disrupters in the DC protocol. In Advances in Cryptology-EURO CRYPT’ 89 (1989), pp. 320–327.
Canetti, R.Studies in Secure Multiparty Computation and Applications. PhD thesis, Department of Computer Science and Applied Mathematics, The Weizmann Institute of Science, June 1995. revised version.
Cuphaum, D. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the Association for Computing Machinery 24,2 (Feb. 1981), 84–88.
Chaum, D. The Dining Cryptographers Problem: Unconditional sender and recipient untraceability. Journal of Cryptology 7,1 (1988), 65–75.
Cramer, R., Damgård, I., Dziembowski, S., Hirt, M., AND Rabin, T. Efficient multiparty computations with dishonest minority. In Advances in Cryptology— EUROCRYPT99 (March 1999), vol. 1561 of Lecture Notes in Computer Science, Springer-Verlag, pp. 311–326.
Dai, W. Pipenet 1.1. http://www.eskimo.com/weidai/pipenet.txt, 1998.
Dai, W. Two attacks against freedom. http://www.eskimo.coni/~weidai/freedom-attacks.txt, 2000.
Desmedt, Y., AND Kurosawa, K. How to break a practical mix and design a new one. In Advances in Cryptology-EUROCRYPT’ 2000 (2000), Lecture Notes in Computer Science, International Association for Cryptologic Research, Springer-Verlag, Berlin Heidelberg, pp. 557–572.
Gennaro, R., Rabin, M. O., AND Rabin, T. Simplified VSS and fast-track multiparty computations with applications to threshold cryptography. In PODC: 17th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (1998).
Goldberg, I., AND Shostack, A. Freedom network 1.0 architecture and protocols. http://www.freedom.net/info/freedompapers/index.html, 1999.
Goldreich, O., Micali, S., AND Wigderson, A. How to play any mental game — A completeness theorem for protocols with honest majority. In Proceedings of the nineteenth annual ACM Symposium on Theory of Computing, New York City, May 25–27, 1987 (New York, NY 10036, USA, 1987), ACM, Ed., ACM Press, pp. 218–229.
Goldschlag, D., Reed, M., AND Syverson, P. Onion routing for anonymous and private internet connections. Communications of the ACM (USA) 42,2 (Feb. 1999), 39–41.
Green, L. Traffic shaping argument. Article on cypherpunks list, 1993.
Jakobsson. Flash mixing. In PODC: 18th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (1999).
Jakobsson, M. A practical mix. Lecture Notes in Computer Science 1403 (1998), 448
Jakobsson, M., AND Juels, A. Millimix: Mixing in small batches. Tech. Rep. 99-33, DIMACS, June 10 1999. Thu, 22 Jul 1999 23:50:00 GMT.
Kocher, P. C. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Advances in Cryptology-CRYPTO’ 96 (1996), N. Koblitz, Ed., Lecture Notes in Computer Science, International Association for Cryptologic Research, Springer-Verlag, Berlin Germany, pp. 104–113.
Menezes, A. J., Van Oorschot, P. C., AND Vanstone, S. A.Handbook of applied cryptography. The CRC Press series on discrete mathematics and its applications. CRC Press, 2000 N.W. Corporate Blvd., Boca Raton, FL 33431-9868, USA, 1997.
Ohkubo, M., AND Abe, M. A length-invariant hybrid mix. In Advances in Cryptology-ASIACRYPT’ 2000 (2000), Lecture Notes in Computer Science, International Association for Cryptologic Research, Springer-Verlag, Berlin Heidelberg, pp. 178–191.
Park, C., Itoh, K., AND Kurosawa, K. Efficient anonymous channel and all/nothing election scheme. Lecture Notes in Computer Science 765 (1994)
Pfitzmann, A., Pfitzmann, B., AND Waidner, M. ISDN-MIXes: untraceable communication with very small bandwidth overhead. In Information Security, Proc. IFIP/Sec’ 91 (1991), pp. 245–258.
Rackoff, C., AND Simon, D. R. Cryptographic defense against traffic analysis. In Proceedings of the Twenty-Fifth Annual ACM Symposium on the Theory of Computing (San Diego, California, 16–18 May 1993), pp. 672–681.
Raymond, J.-F. Traffic analysis: Protocols, attacks, design issues and open problems. In Proc. Workshop on Design Issues in Anonymity and Unobservability (25–26 July 2000), ICSITR-00-011,pp. 7–26.
Reiter, M. K., AND Rubin, A. D. Anonymous Web transactions with crowds. Communications of the ACM 42,2 (Feb. 1999), 32–48.
Smith, A., AND Stiglic, A. Multiparty computation unconditionally secure against II2 adversary structures. Cryptology SOCS-98.2, School of Computer Science, McGill University, Montreal, Canada, 1998.
Syverson, P. F., Tsudik, G., Reed, M. G., AND Landwehr, C. E. Towards an analysis of onion routing security. In Proc. Workshop on Design Issues in Anonymity and Unobservability (25–26 July 2000), ICSI RR-00-011, pp. 83–100.
Waidner, M. Unconditional sender and recipient untraceability in spite of active attacks. In Advances in Cryptology-EUROCRYPT’ 89 (1990), J.-J. Quisquater and J. Vandewalle, Eds., Lecture Notes in Computer Science, International Association for Cryptologic Research, Springer-Verlag, Berlin Germany, pp. 302–319.
Waidner, M., AND Pfitzmann, B. The dining cryptographers in the disco: Unconditional sender and recipient untraceability with computationally secure serviceability. In Advances in Cryptology—EUROCRYPT89 (10–13 Apr. 1989), J.-J. Quisquater and J. Vandewalle, Eds., vol. 434 of Lecture Notes in Computer Science, Springer-Verlag, 1990, p. 690.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Back, A., Möller, U., Stiglic, A. (2001). Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems. In: Moskowitz, I.S. (eds) Information Hiding. IH 2001. Lecture Notes in Computer Science, vol 2137. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45496-9_18
Download citation
DOI: https://doi.org/10.1007/3-540-45496-9_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42733-9
Online ISBN: 978-3-540-45496-0
eBook Packages: Springer Book Archive