Abstract
Anonymity systems designed to handle anonymous email have been implemented with a variety of different mixes. Although many of their properties have been analysed in previous work, some are still not well understood and many results are still missing.
In this paper we reexamine the generalised mix framework and the binomial mix of [7]. We show that under some parameterizations the binomial mix has undesirable properties. More specifically, for any constant parameterization of the binomial mix, there is a minimum number of messages beyond which it acts as a timed mix. In this case the number of messages inside it is no longer hidden from the adversary and the mix is vulnerable to easy active attack. We suggest ways to avoid this in the generalised mix framework. Secondly, we show that the binomial distribution used in the framework produces distribution of pool sizes with low variance and show how to improve on this.
Finally, we present a technique from queueing theory which allows us to analyse this property for a class of mixes assuming Poisson message arrivals.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barndorff-Nielsen, O.E., Shepard, N.: Non-gaussian OU based models and some of their uses in financial economics and modelling by Levy processes for financial econometrics. Economics Papers 1999-w9/2000-w3, Economics Group, Nuffield College, University of Oxford (2000)
Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2) (February 1981)
Cooper, R.: Introduction to Queueing Theory. North-Holland, New York (1981)
Díaz, C.: Anonymity and Privacy in Electronic Services. PhD thesis, Katholieke Universiteit Leuven, Leuven, Belgium (December 2005)
Díaz, C., Preneel, B.: Reasoning about the anonymity provided by pool mixes that generate dummy traffic. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, Springer, Heidelberg (2004)
Díaz, C., Sassaman, L., Dewitte, E.: Comparison between two practical mix designs. In: Samarati, P., Ryan, P.Y A, Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, Springer, Heidelberg (2004)
Díaz, C., Serjantov, A.: Generalising mixes. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, Springer, Heidelberg (2003)
James, L.F.: Laws and likelihoods for Ornstein Uhlenbeck-Gamma and other BNS OU stochastic volatilty models with extensions (2006), http://www.citebase.org/abstract?id=oai:arXiv.org:math/0604086
Kesdogan, D., Egner, J., Büschkes, R.: Stop-and-go MIXes: Providing probabilistic anonymity in an open system. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, Springer, Heidelberg (1998)
O’Connor, L.: On blending attacks for mixes with memory. In: Barni, M., Herrera-Joancomartí, J., Katzenbeisser, S., Pérez-González, F. (eds.) IH 2005. LNCS, vol. 3727, Springer, Heidelberg (2005)
Serjantov, A.: On the Anonymity of Anonymity Systems. PhD thesis, University of Cambridge (June 2004)
Serjantov, A., Dingledine, R., Syverson, P.: From a trickle to a flood: Active attacks on several mix types. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Serjantov, A. (2007). A Fresh Look at the Generalised Mix Framework. In: Borisov, N., Golle, P. (eds) Privacy Enhancing Technologies. PET 2007. Lecture Notes in Computer Science, vol 4776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75551-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-540-75551-7_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75550-0
Online ISBN: 978-3-540-75551-7
eBook Packages: Computer ScienceComputer Science (R0)