Skip to main content
Springer Nature Link
Log in

Practical Traffic Analysis: Extending and Resisting Statistical Disclosure

  • Conference paper
Privacy Enhancing Technologies (PET 2004)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3424))

Included in the following conference series:

  • 1717 Accesses

Abstract

We extend earlier research on mounting and resisting passive long-term end-to-end traffic analysis attacks against anonymous message systems, by describing how an eavesdropper can learn sender-receiver connections even when the substrate is a network of pool mixes, the attacker is non-global, and senders have complex behavior or generate padding messages. Additionally, we describe how an attacker can use information about message distinguishability to speed the attack. We simulate our attacks for a variety of scenarios, focusing on the amount of information needed to link senders to their recipients. In each scenario, we show that the intersection attack is slowed but still succeeds against a steady-state mix network. We find that the attack takes an impractical amount of time when message delivery times are highly variable; when the attacker can observe very little of the network; and when users pad consistently and the adversary does not know how the network behaves in their absence.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Acquisti, A., Dingledine, R., Syverson, P.: On the economics of anonymity. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 84–102. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. Back, A., Möller, U., Stiglic, A.: Traffic analysis attacks and trade-offs in anonymity providing systems. In: Moskowitz, I.S. (ed.) IH 2001. LNCS, vol. 2137, pp. 245–257. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  3. Barabási, A.-L., Albert, R.: Emergence of scaling in random networkds. Science 286, 509–512 (1999)

    Article  MathSciNet  Google Scholar 

  4. Barabási, A.-L., Albert, R., Jeong, H.: Mean-field theory for scale-free random networks. Physica A 272, 173–187 (2000)

    Article  Google Scholar 

  5. Bennett, K., Grothoff, C.: GAP – practical anonymous networking. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 141–160. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  6. Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A system for anonymous and unobservable Internet access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  7. Berthold, O., Langos, H.: Dummy traffic against long term intersection attacks. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 110–128. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free MIX routes and how to overcome them. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 30–45. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  9. Boucher, P., Shostack, A., Goldberg, I.: Freedom systems 2.0 architecture. White paper, Zero Knowledge Systems, Inc. (December 2000)

    Google Scholar 

  10. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudo-nyms. Communications of the ACM 4(2) (February 1982)

    Google Scholar 

  11. Dai, W.: Pipenet 1.1. Usenet post (August 1996), http://www.eskimo.com/~weidai/pipenet.txt , First mentioned to the cypherpunks list (February 1995)

  12. Danezis, G.: Better Anonymous Communications. PhD thesis, University of Cambridge (December 2003)

    Google Scholar 

  13. Danezis, G.: Statistical disclosure attacks: Traffic confirmation in open environments. In: Gritzalis, Vimercati, Samarati, Katsikas (eds.) Proceedings of Security and Privacy in the Age of Uncertainty, SEC 2003, Athens, pp. 421–426. IFIP TC11, Kluwer (2003)

    Google Scholar 

  14. Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a type III anonymous remailer protocol. In: 2003 IEEE Symposium on Security and Privacy, pp. 2–15. IEEE CS, Los Alamitos (2003)

    Google Scholar 

  15. Danezis, G., Serjantov, A.: Statistical disclosure or intersection attacks on anonymity systems. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, pp. 293–308. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  16. Díaz, C., Sassaman, L., Deweiite, E.: Comparison between two practical mix designs. Forthcoming (2004)

    Google Scholar 

  17. Díaz, C., Serjantov, A.: Generalising mixes. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 18–31. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: Proceedings of the 13th USENIX Security Symposium (August 2004)

    Google Scholar 

  19. Dingledine, R., Syverson, P.: Reliable MIX Cascade Networks through Reputation. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  20. Freedman, M.J., Morris, R.: Tarzan: A peer-to-peer anonymizing network layer. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), Washington, DC (November 2002)

    Google Scholar 

  21. Gülcü, C., Tsudik, G.: Mixing E-mail with Babel. In: Network and Distributed Security Symposium (NDSS 1996), pp. 2–16. IEEE, Los Alamitos (February 1996)

    Chapter  Google Scholar 

  22. Kesdogan, D., Agrawal, D., Penz, S.: Limits of anonymity in open environments. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 53–69. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  23. Kesdogan, D., Egner, J., Büschkes, R.: Stop-and-go MIXes: Providing probabilistic anonymity in an open system. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, p. 83. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  24. Levine, B.N., Reiter, M.K., Wang, C., Wright, M.: Timing attacks in low-latency mix-based systems. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  25. Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster Protocol — Version 2. Draft (July 2003)

    Google Scholar 

  26. Rao, J.R., Rohatgi, P.: Can pseudonymity really guarantee privacy? In: Proceedings of the 9th USENIX Security Symposium. USENIX, pp. 85–96 (August 2000)

    Google Scholar 

  27. Raymond, J.F.: Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 10–29. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  28. Reed, M.G., Syverson, P.F., Goldschlag, D.M.: Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communications 16(4), 482–494 (1998)

    Article  Google Scholar 

  29. Reiter, M., Rubin, A.: Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1(1) (June 1998)

    Google Scholar 

  30. Serjantov, A., Dingledine, R., Syverson, P.: From a trickle to a flood: Active attacks on several mix types. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 36–52. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  31. Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  32. Watts, D.J., Strogatz, S.H.: Collective dynamics of ‘small-world’ networks. Nature 393, 440–442 (1998)

    Article  Google Scholar 

  33. Wright, M., Adler, M., Levine, B.N., Shields, C.: An analysis of the degradation of anonymous protocols. In: Network and Distributed Security Symposium (NDSS 2002). IEEE, Los Alamitos (February 2002)

    Google Scholar 

  34. Wright, M., Adler, M., Levine, B.N., Shields, C.: Defending anonymous communication against passive logging attacks. In: IEEE Symposium on Security and Privacy, pp. 28–41. IEEE CS, Los Alamitos (May 2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The Free Haven Project,  

    Nick Mathewson & Roger Dingledine

Authors
  1. Nick Mathewson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Roger Dingledine
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Artificial Intelligence Center, SRI International,  

    David Martin

  2. The Free Haven Project,  

    Andrei Serjantov

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mathewson, N., Dingledine, R. (2005). Practical Traffic Analysis: Extending and Resisting Statistical Disclosure. In: Martin, D., Serjantov, A. (eds) Privacy Enhancing Technologies. PET 2004. Lecture Notes in Computer Science, vol 3424. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11423409_2

Download citation

  • DOI: https://doi.org/10.1007/11423409_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26203-9

  • Online ISBN: 978-3-540-31960-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics