Abstract
The literature contains a variety of different mixes, some of which have been used in deployed anonymity systems. We explore their anonymity and message delay properties, and show how to mount active attacks against them by altering the traffic between the mixes. We show that if certain mixes are used, such attacks cannot destroy the anonymity of a particular message completely. We work out the cost of these attacks in terms of the number of messages the attacker must insert into the network and the time he must spend. We discuss advantages and disadvantages of these mixes and the settings in which their use is appropriate. Finally, we look at dummy traffic and SG mixes as other promising ways of protecting against the attacks, point out potential weaknesses in existing designs, and suggest improvements.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Oliver Berthold, Andreas Pfitzmann, and Ronny Standtke. The disadvantages of free MIX routes and how to overcome them. In Designing Privacy Enhancing Technologies: Proceedings of the International Workshop on the Design Issues in Anonymity and Observability, pages 10–29, July 2000. 37
David Chaum. Untraceable electronic mail, return addresses and digital pseudonyms. Communications of the ACM, 24(2):84–88, 1981. 36, 47
L. Cottrell. Mixmaster and remailer attacks, 1994. http://www.obscura.com/~loki/remailer/remailer-essay.html. 36, 49
George Danezis, Roger Dingledine, David Hopwood, and Nick Mathewson. Mixminion: Design of a Type III Anonymous Remailer Protocol. Manuscript, 2002. http://mixminion.net/. 39
Roger Dingledine, Michael J. Freedman, David Hopwood, and David Molnar. A Reputation System to Increase MIX-net Reliability. In Ira Moskowitz, editor, Information Hiding, 4th International Workshop (IH 2001), pages 126–141. Springer-Verlag, LNCS 2137, 2001. http://www.freehaven.net/papers.html. 47, 50
Roger Dingledine and Paul Syverson. Reliable MIX Cascade Networks through Reputation. In Matt Blaze, editor, Financial Cryptography (FC’ 02). SpringerVerlag, LNCS (forthcoming), 2002. http://www.freehaven.net/papers.html. 48, 50
Elke Franz, Andreas Graubner, Anja Jerichow, and Andreas Pfitzmann. Comparisonof Commitment Schemes Used in Mix-Mediated Anonymous Communicationfor Preventing Pool-Mode Attacks. In C. Boyd and E. Dawson, editors, 3rd AustralasianConference on Information Security and Privacy (ACISP’98, number1438 in LNCS. Springer-Verlag, 1998. 47
C. Gülcü and G. Tsudik. Mixing Email with Babel. In Internet Society Symposiumon Network and Distributed Sytem Security (NDSS’96), pages 2–16, San Diego,CA, Feb 1996. 36, 49
Markus Jakobsson. Flash Mixing. In Principles of Distributed Computing-PODC’99. ACM, 1999. http://citeseer.nj.nec.com/jakobsson99flash.html. 36, 47
Anja Jerichow. Generalisation and Security Improvement of Mix-mediated AnonymousCommunication. PhD thesis, Technischen Universitat Dresden, 2000. 47,49
D. Kesdogan, J. Egner, and R. Buschkes. Stop-and-go-MIXes providing probabilistic anonymity in an open system. In Proceedings of the International Information Hiding Workshop, April 1998. 36, 49
Ulf Möller and Lance Cottrell. Mixmaster Protocol-Version 2. Unfinished draft, January 2000. http://www.eskimo.com/~rowdenw/crypt/Mix/draft-moeller-mixmaster2-protocol-00.txt. 36, 39
Andrei Serjantov and George Danezis. Towards an information theoretic metric for anonymity. In Paul Syverson and Roger Dingledine, editors, Privacy Enhancing Technologies, LNCS, San Francisco, CA, April 2002. http://petworkshop.org/2002/program.html. 38, 42, 44
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Serjantov, A., Dingledine, R., Syverson, P. (2003). From a Trickle to a Flood: Active Attacks on Several Mix Types. In: Petitcolas, F.A.P. (eds) Information Hiding. IH 2002. Lecture Notes in Computer Science, vol 2578. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36415-3_3
Download citation
DOI: https://doi.org/10.1007/3-540-36415-3_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00421-9
Online ISBN: 978-3-540-36415-3
eBook Packages: Springer Book Archive