How to make personalized web browsing simple, secure, and anonymous

  • Eran Gabber
  • Phillip B. Gibbons
  • Yossi Matias
  • Alain Mayer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1318)


An increasing number of web-sites require users to establish an account before they can access the information stored on that site (“personalized web browsing”). Typically, the user is required to provide at least a unique username, a secret password and an e-mail address. Establishing accounts at multiple web-sites is a tedious task. A security-and privacy-aware user may have to invent a distinct username and a secure password, both unrelated to his/her identity, for each web-site. The user may also desire mechanisms for anonymous e-mail. Besides the information that the user supplies voluntarily to the web-site, additional information about the user may flow (involuntarily) from the user's site to the web-site, due to the nature of the HTTP protocol and the cookie mechanism.

This paper describes the Janus Personalized Web Anonymizer, which makes personalized web browsing simple, secure and anonymous by providing convenient solutions to each of the above problems. Janus serves as an intermediary entity between a user and a web-site. Given a user and a web-site, Janus automatically generates an alias - typically a username, a password and an e-mail address - that can be used to establish an anonymous account at the web-site. Different aliases are generated for each user, web-site pair; however the same alias is presented whenever a particular user visits a particular web-site. Janus frees the user from the burden of inventing and memorizing distinct usernames and secure passwords for each web-site, and guarantees that an alias (including an e-mail address) does not reveal the true identity of the user. Janus also provides mechanisms to complete an anonymous e-mail exchange from a web-site to a user, and filters the information-flow of the HTTP protocol to preserve user privacy. Thus Janus provides simultaneous user identification and user privacy, as required for anonymous personalized web browsing.


Secure Password Preserve User Privacy Secret Password Private User Information Intermediary Entity 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [ANON]
    The Anonymizer. http://www.anonymizer.comGoogle Scholar
  2. [B93]
    S. Brands, Untraceable off-line cash in wallet with observer. Crypto'93, Springer-Verlag LNCS 773, pp. 302–318.Google Scholar
  3. [BGGMM97]
    D. Bleichenbacher, E. Gabber, P. B. Gibbons, Y. Matias, A. Mayer, On personalized yet anonymous interaction. Technical report, Bell Laboratories, April 1997.Google Scholar
  4. [CC]
    Cybercash. http://ww.cybercash.comGoogle Scholar
  5. [C85]
    D. Chaum, Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10), October 1985, pp. 1030–1044.CrossRefGoogle Scholar
  6. [C96]
    L. Cottrell, Mixmaster and remailer attacks. loki/ remailer/remailer-essay.html.Google Scholar
  7. [CFN88]
    D. Chaum, A. Fiat, M. Naor, Untraceable electronic cash. Crypto'88, Springer-Verlag LNCS 403, pp. 319–327.Google Scholar
  8. [CTS95]
    B. Cox, J.D. Tygar, M. Sirbu, NetBill security and transaction protocol. 1st Usenix Workshop on Electronic Commerce, July 1995.Google Scholar
  9. [Ecash]
    An introduction to ecash. ecash-intro.html.Google Scholar
  10. [FY93]
    M. Franklin, M. Yung, Secure and efficient offline digital money.20th ICALP, Springer-Verlag LNCS 700, 1993, pp. 265–276.Google Scholar
  11. [GGM86]
    O. Goldreich, S. Goldwasser, S. Micam, How to construct random functions. J. of the ACM, 33(4), 1986, pp. 210–217.Google Scholar
  12. [GT96]
    C. Gulcu, G. Tsudik, Mixing email with babel. ISOC Symposium on Network and Distributed System Security, 1996.Google Scholar
  13. [GWB97]
    I. Goldberg, D. Wagner, E. Brewer, Privacy-enhancing technologies for the internet. Compcon'97.Google Scholar
  14. [HTTP]
    R. T. Fielding, J. Gettys, J. Mogul, H. Frystik Nielsen, T. Berners-Lee, HTTP/1.1., Internet RFC 2068, 1996.Google Scholar
  15. [JEPI]
    JEPI. AAA. w3. org/pub/WWW/Payments/Google Scholar
  16. [LMP94]
    S. Low, N. Maxemchuk, S. Paul, Anonymous credit cards. 2nd ACM Conf. on Computer and Communications Security, 1994, pp. 108–117.Google Scholar
  17. [MOV97]
    A. Menezes, P. van Oorschot, S. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997.Google Scholar
  18. [OO91]
    T. Okamoto, K. Ohta, Universal electronic cash. Crypto'91, Springer-Verlag LNCS 576, pp. 324–337.Google Scholar
  19. [PW85]
    A. Pfitzmann, M. Waidner, Networks without user observability-design options. Eurocrypt'85, Springer-Verlag LNCS 219, pp. 245–253.Google Scholar
  20. [S96]
    D. Simon, Anonymous communication and anonymous cash. Crypto'96, Springer Verlag LNCS 1109, pp. 61–73.Google Scholar
  21. [SGR97]
    P. Syverson, D. Goldschlag, M. Reed, Anonymous connections and onion routing. IEEE Symposium on Security and Privacy, 1997, to appear.Google Scholar
  22. [SSL96]
    P. Karlton, A. Freier, P. Kocher, The SSL Protocol, 3.0. Internet Draft, March 1996.Google Scholar
  23. [T96]
    D. Taylor, “The Webmaster: Web Site Memory with Cookies” ;login. (Usenix newsletter), October 1996, pp. 32–35.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1997

Authors and Affiliations

  • Eran Gabber
    • 1
  • Phillip B. Gibbons
    • 1
  • Yossi Matias
    • 1
  • Alain Mayer
    • 1
  1. 1.Bell LaboratoriesLucent TechnologiesMurray HillUSA

Personalised recommendations