From a Trickle to a Flood: Active Attacks on Several Mix Types

Serjantov, Andrei; Dingledine, Roger; Syverson, Paul

doi:10.1007/3-540-36415-3_3

From a Trickle to a Flood: Active Attacks on Several Mix Types

Andrei Serjantov⁵,
Roger Dingledine⁶ &
Paul Syverson⁷

Conference paper
First Online: 18 December 2002

1169 Accesses
61 Citations
6 Altmetric

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2578))

Abstract

The literature contains a variety of different mixes, some of which have been used in deployed anonymity systems. We explore their anonymity and message delay properties, and show how to mount active attacks against them by altering the traffic between the mixes. We show that if certain mixes are used, such attacks cannot destroy the anonymity of a particular message completely. We work out the cost of these attacks in terms of the number of messages the attacker must insert into the network and the time he must spend. We discuss advantages and disadvantages of these mixes and the settings in which their use is appropriate. Finally, we look at dummy traffic and SG mixes as other promising ways of protecting against the attacks, point out potential weaknesses in existing designs, and suggest improvements.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Oliver Berthold, Andreas Pfitzmann, and Ronny Standtke. The disadvantages of free MIX routes and how to overcome them. In Designing Privacy Enhancing Technologies: Proceedings of the International Workshop on the Design Issues in Anonymity and Observability, pages 10–29, July 2000. 37
Google Scholar
David Chaum. Untraceable electronic mail, return addresses and digital pseudonyms. Communications of the ACM, 24(2):84–88, 1981. 36, 47
Article Google Scholar
L. Cottrell. Mixmaster and remailer attacks, 1994. http://www.obscura.com/~loki/remailer/remailer-essay.html. 36, 49
George Danezis, Roger Dingledine, David Hopwood, and Nick Mathewson. Mixminion: Design of a Type III Anonymous Remailer Protocol. Manuscript, 2002. http://mixminion.net/. 39
Roger Dingledine, Michael J. Freedman, David Hopwood, and David Molnar. A Reputation System to Increase MIX-net Reliability. In Ira Moskowitz, editor, Information Hiding, 4th International Workshop (IH 2001), pages 126–141. Springer-Verlag, LNCS 2137, 2001. http://www.freehaven.net/papers.html. 47, 50
Google Scholar
Roger Dingledine and Paul Syverson. Reliable MIX Cascade Networks through Reputation. In Matt Blaze, editor, Financial Cryptography (FC’ 02). SpringerVerlag, LNCS (forthcoming), 2002. http://www.freehaven.net/papers.html. 48, 50
Google Scholar
Elke Franz, Andreas Graubner, Anja Jerichow, and Andreas Pfitzmann. Comparisonof Commitment Schemes Used in Mix-Mediated Anonymous Communicationfor Preventing Pool-Mode Attacks. In C. Boyd and E. Dawson, editors, 3rd AustralasianConference on Information Security and Privacy (ACISP’98, number1438 in LNCS. Springer-Verlag, 1998. 47
Chapter Google Scholar
C. Gülcü and G. Tsudik. Mixing Email with Babel. In Internet Society Symposiumon Network and Distributed Sytem Security (NDSS’96), pages 2–16, San Diego,CA, Feb 1996. 36, 49
Google Scholar
Markus Jakobsson. Flash Mixing. In Principles of Distributed Computing-PODC’99. ACM, 1999. http://citeseer.nj.nec.com/jakobsson99flash.html. 36, 47
Anja Jerichow. Generalisation and Security Improvement of Mix-mediated AnonymousCommunication. PhD thesis, Technischen Universitat Dresden, 2000. 47,49
Google Scholar
D. Kesdogan, J. Egner, and R. Buschkes. Stop-and-go-MIXes providing probabilistic anonymity in an open system. In Proceedings of the International Information Hiding Workshop, April 1998. 36, 49
Google Scholar
Ulf Möller and Lance Cottrell. Mixmaster Protocol-Version 2. Unfinished draft, January 2000. http://www.eskimo.com/~rowdenw/crypt/Mix/draft-moeller-mixmaster2-protocol-00.txt. 36, 39
Andrei Serjantov and George Danezis. Towards an information theoretic metric for anonymity. In Paul Syverson and Roger Dingledine, editors, Privacy Enhancing Technologies, LNCS, San Francisco, CA, April 2002. http://petworkshop.org/2002/program.html. 38, 42, 44
Google Scholar

Download references

Author information

Authors and Affiliations

University of Cambridge Computer Laboratory, UK
Andrei Serjantov
The Free Haven Project, USA
Roger Dingledine
Naval Research Laboratory, USA
Paul Syverson

Authors

Andrei Serjantov
View author publications
You can also search for this author in PubMed Google Scholar
Roger Dingledine
View author publications
You can also search for this author in PubMed Google Scholar
Paul Syverson
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Microsoft Research Ltd., 7 J. J. Thomson Avenue, CB3 0FB, Cambridge, UK
Fabien A. P. Petitcolas

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Serjantov, A., Dingledine, R., Syverson, P. (2003). From a Trickle to a Flood: Active Attacks on Several Mix Types. In: Petitcolas, F.A.P. (eds) Information Hiding. IH 2002. Lecture Notes in Computer Science, vol 2578. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36415-3_3

Download citation

DOI: https://doi.org/10.1007/3-540-36415-3_3
Published: 18 December 2002
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00421-9
Online ISBN: 978-3-540-36415-3
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics