Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security Protocols

Security Protocols 2009: Security Protocols XVII pp 213–230Cite as

Why I’m Not an Entropist

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7028))

Abstract

What does it mean to be anonymous in network communications? Our central thesis is that both the theoretical literature and the deployed systems have gotten the answer essentially wrong. The answers have been wrong because they apply the wrong metric to the wrong adversary model. I indicate problems in the established adversary models and metrics for anonymity as well as implications for the design and analysis of anonymous communication systems.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Acquisti, A., Dingledine, R., Syverson, P.: On the Economics of Anonymity. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 84–102. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. The Anonymizer (2009), http://www.anonymizer.com/ ; Homepage of the company that offers the Anonymizer Proxy Service. Original Anonymizer first described in [5]

  3. Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A System for Anonymous and Unobservable Internet Access. In: Federrath, H. (ed.) Anonymity 2000. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  4. Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of service or denial of security? How attacks on reliability can compromise anonymity. In: De Capitani di Vimercati, S., Syverson, P., Evans, D. (eds.) CCS 2007: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 92–102. ACM Press (2007)

    Google Scholar 

  5. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2), 84–88 (1981)

    Article  Google Scholar 

  6. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2), 84–88 (1981)

    Article  Google Scholar 

  7. Clauß, S., Schiffner, S.: Structuring anonymity networks. In: Goto, A. (ed.) DIM 2006: Proceedings of the 2006 ACM Workshop on Digital Identity Management, Alexandria, VA, USA, pp. 55–62. ACM Press (2006)

    Google Scholar 

  8. Danezis, G., Clayton, R.: Route fingerprinting in anonymous communications. In: Sixth IEEE International Conference on Peer-to-Peer Computing, P2P 2006, pp. 69–72. IEEE Computer Society Press (2006)

    Google Scholar 

  9. Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a type III anonymous remailer protocol. In: Proceedings of the 2003 IEEE Symposium on Security and Privacy, Berkeley, CA, pp. 2–15. IEEE Computer Society (May 2003)

    Google Scholar 

  10. Danezis, G., Serjantov, A.: Statistical Disclosure or Intersection Attacks on Anonymity Systems. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, pp. 293–308. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  11. Danezis, G., Syverson, P.: Bridging and Fingerprinting: Epistemic Attacks on Route Selection. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 151–166. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  12. Danezis, G., Wittneben, B.: The economics of mass surveillance and the questionable value of anonymous communications. In: Anderson, R. (ed.) Fifth Workshop on the Economics of Information Security, WEIS 2006 (June 2006)

    Google Scholar 

  13. Dingledine, R., Mathewson, N.: Anonymity loves company: Usability and the network effect. In: Anderson, R. (ed.) Fifth Workshop on the Economics of Information Security, WEIS 2006 (June 2006)

    Google Scholar 

  14. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium, pp. 303–319. USENIX Association (August 2004)

    Google Scholar 

  15. Dingledine, R., Mathewson, N., Syverson, P.: Deploying low-latency anonymity: Design challenges and social factors. IEEE Security & Privacy 5(5), 83–87 (2007)

    Article  Google Scholar 

  16. Dingledine, R., Syverson, P.: Synchronous Batching: From Cascades to Free Routes. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 186–206. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  17. Dolev, D., Yao, A.C.: On the security of public-key protocols. IEEE Transactions on Information Theory 2(29), 198–208 (1983)

    Article  MathSciNet  Google Scholar 

  18. Evans, N.S., Dingledine, R., Grothoff, C.: A practical congestion attack on Tor using long paths. In: Proceedings of the 18th USENIX Security Symposium, Montreal, Canada, pp. 33–50. USENIX Association (August 2009)

    Google Scholar 

  19. Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding Routing Information. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 137–150. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  20. Goldschlag, D.M., Stubblebine, S.G., Syverson, P.F.: Temporarily hidden bit commitment and lottery applications. International Journal of Information Security 9(1), 33–50 (2010)

    Article  Google Scholar 

  21. Helmers, S.: A brief history of anon.penet.fi - the legendary anonymous remailer. CMC Magazine (September 1997)

    Google Scholar 

  22. Hintz, A.: Fingerprinting Websites Using Traffic Analysis. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 171–178. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  23. Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? In: De Capitani di Vimercati, S., Syverson, P., Evans, D. (eds.) CCS 2007: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 82–91. ACM Press (2007); Expanded and revised version in [24]

    Google Scholar 

  24. Johnson, A., Syverson, P., Dingledine, R., Mathewson, N.: Trustbased anonymous communication: Adversary models and routing algorithms. In: CCS 2011: Proceedings of the 18th ACM Conference on Computer and Communications Security, ACM Press (October 2011)

    Google Scholar 

  25. Johnson, A., Syverson, P.: More anonymous onion routing through trust. In: 22nd IEEE Computer Security Foundations Symposium, CSF 2009, Port Jefferson, New York, USA, pp. 3–12. IEEE Computer Society (July 2009)

    Google Scholar 

  26. Johnson, A., Syverson, P., Dingledine, R., Mathewson, N.: Trust-based anonymous communication: Adversary models and routing algorithms. In: CCS 2011: Proceedings of the 18th ACM Conference on Computer and Communications Security. ACM Press (October 2011)

    Google Scholar 

  27. JonDonym – the internet anonymisation service (2008), https://www.jondos.de/en/ ; Commercial version of the Java Anon Proxy (JAP). Initially published description in [3]

  28. Liberatore, M., Levine, B.N.: Inferring the source of encrypted HTTP connections. In: Wright, R.N., De Capitani di Vimercati, S., Shmatikov, V. (eds.) CCS 2006: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 255–263. ACM Press (2006)

    Google Scholar 

  29. Mathewson, N., Dingledine, R.: Practical Traffic Analysis: Extending and Resisting Statistical Disclosure. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 17–34. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  30. Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster protocol - version 3. IETF Internet Draft (2003)

    Google Scholar 

  31. Murdoch, S.J.: Hot or not: Revealing hidden services by their clock skew. In: Wright, R.N., De Capitani di Vimercati, S., Shmatikov, V. (eds.) CCS 2006: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 27–36. ACM Press (2006)

    Google Scholar 

  32. Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy, IEEE S&P 2005, pp. 183–195. IEEE CS (May 2005)

    Google Scholar 

  33. Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks. In: Proceedings of the Tenth ACM Symposium on Principles of Distributed Computing, PODC 1991, pp. 51–59. ACM Press (1991)

    Google Scholar 

  34. Øverlier, L., Syverson, P.: Locating hidden servers. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy, S&P 2006, pp. 100–114. IEEE CS (May 2006)

    Google Scholar 

  35. Parekh, S.: Prospects for remailers: where is anonymity heading on the internet? First Monday 1(2) (August 5, 1996), http://www.firstmonday.dk/issues/issue2/remailers/

  36. Serjantov, A., Dingledine, R., Syverson, P.: From a Trickle to a Flood: Active Attacks on Several Mix Types. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 36–52. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  37. Pfitzmann, A., Köhntopp, M.: A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management, version v0.32 (December 2009), http://dud.inf.tu-dresden.de/Anon_Terminology.shtml , Regularly revised and updated version of [36]

  38. Reed, M.G., Syverson, P.F., Goldschlag, D.M.: Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communications 16(4), 482–494 (1998)

    Article  Google Scholar 

  39. Serjantov, A., Dingledine, R., Syverson, P.: From a Trickle to a Flood: Active Attacks on Several Mix Types. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 36–52. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  40. Simmons, G.J.: The history of subliminal channels. IEEE Journal on Selected Areas in Communications 16(4), 452–462 (1998)

    Article  MathSciNet  Google Scholar 

  41. Syverson, P., Reed, M., Goldschlag, D.: Onion Routing access configurations. In: Proceedings DARPA Information Survivability Conference & Exposition, DISCEX 2000, vol. 1, pp. 34–40. IEEE CS Press (1999)

    Google Scholar 

  42. Syverson, P., Tsudik, G., Reed, M., Landwehr, C.: Towards an Analysis of Onion Routing Security. In: Federrath, H. (ed.) Anonymity 2000. LNCS, vol. 2009, pp. 96–114. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  43. Tang, C., Goldberg, I.: An improved algorithm for Tor circuit scheduling. Technical Report CACR 2010-06, University of Waterloo, Center for Applied Cryptography Research (2010), http://www.cacr.math.uwaterloo.ca/techreports/2010/cacr2010-06.pdf

  44. The Tor Project (2009), https://www.torproject.org/ ; Homepage of the non-profit organization that maintains and develops the Tor network. Original Tor design first published in [14]

Download references

Author information

Authors and Affiliations

  1. Naval Research Laboratory, USA

    Paul Syverson

Authors
  1. Paul Syverson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, University of Hertfordshire, Hatfield AL10 9AB, UK

    Bruce Christianson , James A. Malcolm  & Michael Roe ,  & 

  2. Faculty of Informatics, Masaryk University, Botanicka 68a, 602 00, Brno, Czech Republic

    Vashek Matyáš

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Syverson, P. (2013). Why I’m Not an Entropist. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds) Security Protocols XVII. Security Protocols 2009. Lecture Notes in Computer Science, vol 7028. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36213-2_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-36213-2_25

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-36212-5

  • Online ISBN: 978-3-642-36213-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation