Abstract
A user is only anonymous within a set of other users. Hence, the core functionality of an anonymity providing technique is to establish an anonymity set. In open environments, such as the Internet, the established anonymity sets in the whole are observable and change with every anonymous communication. We use this fact of changing anonymity sets and present a model where we can determine the protection limit of an anonymity technique, i.e. the number of observations required for an attacker to “break” uniquely a given anonymity technique. In this paper, we use the popular MIX method to demonstrate our attack. The MIX method forms the basis of most of the today’s deployments of anonymity services (e.g. Freedom, Onion Routing, Webmix). We note that our approach is general and can be applied equally well to other anonymity providing techniques.
In more recent times, a new technique providing perfect protection was discovered independently by two different groups[6],[7]. This technique, known as Private Information Retrieval (PIR), has similarities to the DC-Networks.
MIX technique uses public key encryption, thus the technique provides perfect anonymity, i. encryption is not considered as a limiting factor [2],[8].
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
D. Chaum: The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of Cryptology, 1:65–75, 1988. 53
D. Chaum: Untraceable electronic mail, return addresses and digital pseudonyms. Communications of the A. C. M., 24(2):84–88, February 1981. 53, 55
D. J. Farber, K.C. Larson: Network Security Via Dynamic Process Renaming. Fourth Data Communication Symposium, 7-9 October 1975, Quebec City, Canada. 53
P.A. Karger: Non-Discretionary Access Control for Decentralized Computing Systems. Master Thesis, Massachusetts Institute of Technology. Laboratory for Computer Science, 545 Technology Square, Camebridge, Massachusetts 02139, Mai 1977, Report MIT/LCS/TR-179. 53
A. Pfitzmann, M. Waidner, Networks without user observability, design options. In: Advances in Cryptology. Eurocrypt’ 85, volume 219 of Lecture Notes in Computer Science. Spinger-Verlag, 1985. 53
B. Chor, O. Goldreich, E. Kushilevitz, M. Sudan: Private information retrieval. In: 36th IEEE Conference on the Foundations of Computer Science, pages 41–50. IEEE Computer Society Press, 1995. 53
D.A. Cooper, K.P. Birman: Preserving privacy in a network of mobile computers. In: 1995 IEEE Symposium on Research in Security and Privacy, pages 26–38. IEEE Computer Society Press, 1995. 53
A. Pfitzmann: Dienstintegrierende Kommunikationsnetze mit teilnehmerüberpr üfbarem Datenschutz. IFB 234, Springer-Verlag, Heidelberg 1990(in German). 53, 56
H. Federrath, A. Jerichow, A. Pfitzmann: MIXes in Mobile Communication Systems: Location Management with Privacy. Information Hiding, LNCS 1174. Springer-Verlag, Berlin 1996, 121–135. 54
C. Gülcü, G. Tsudik: Mixing E-mail with BABEL. In: Symposium on Network and Distributed Systems Security (NDSS’ 96), San Diego, California, February 1996. 54, 56
A. Jerichow, J. Müller, A. Pfitzmann, B. Pfitzmann, M. Waidner: Real-Time Mixes: A Bandwidth-Efficient Anonymity Protocol. IEEE Journal on Selected Areas in Communications, 1998. 54
A. Pfitzmann, B. Pfitzmann, M. Waidner: ISDN-mixes: Untraceable communication with very small bandwidth overhead. In: GI/ITG Conference: Communication in Distributed Systems, pages 451–463. Springer-Verlag, Heidelberg, February 1991. 54
M. G. Reed, P. F. Syverson, D. M. Goldschlag: Anonymous connections and onion routing. IEEE Journal on Special Areas in Communications, 16(4):482–494, May 1998. 54
M. G. Reed, P. F. Syverson, D. M. Goldschlag: Protocols using Anonymous Connections: Mobile Applications, Security Protocols. 5th International Workshop Proceedings. B. Christianson, B. Crispo, M. Lomas, and M. Roe (eds.). Springer-Verlag LNCS 1361, 1998, pp. 13–23. 54
D. Kesdogan, J. Egner, R. Büschkes: Stop-and-go mixes providing probabilistic security in an open system. In: David Aucsmith (ed.): Information Hiding: Second InternationalWorkshop, volume 1525 of Lecture Notes in Computer Science, pages 83–98. Springer-Verlag, Berlin, Germany, 1998. 54, 56
B. Pfitzmann, A. Pfitzmann: How to Break the Direct RSA-Implementation of MIXes. Eurocrypt’ 89, LNCS 434. Springer-Verlag, Berlin 1990, pp. 373–381. 55
J. F. Raymond: Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. International Workshop on Design Issues in Anonymity and Unobservability, Berkley, LNCS 2009. Springer-Verlag, 2001. 56, 57
O. Berthold, H. Langos: Dummy Traffic Against Long Term Intersection Attacks. Workshop on Privacy Enhancing Technologies, San Francisco, CA, USA, April 14-15, 2002. 56
M. Wright, M. Adler, B.N. Levine, C. Shields: An Analysis of the Degradation of Anonymous Protocols. Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS 2002), February 2002. 56
L. Cottrell: Mixmaster, http://www.obscura.com/loki/. 56
D. Kesdogan: Evaluation of Anonymity Providing Techniques using Queueing Theory. The 26th Annual IEE Conference on Local Computer Networks (LCN 2001), November 15-16, 2001, Tampa, Florida. 56
A. Serjantov, G. Danezis: Towards an Information Theoretic Metric for Anonymity. Workshop on Privacy Enhancing Technologies, San Francisco, CA, USA, April 14-15, 2002. 56
C. Diaz, S. Seys, J. Claessens, B. Preneel: Towards Measuring Anonymity,Workshop on Privacy Enhancing Technologies, San Francisco, CA, USA, April 14-15, 2002. 56
R. Dechter, D. Frost: Backtracking algorithms for constraint satisfaction problems. An ICS technical report, September 1999. 61, 63
P. v. Beek: A C-library of routines for solving binary constraint satisfaction problems. http://ai.uwaterloo.ca/vanbeek/software/software.html. 63
V. Kumar: Algorithms for Constraint Satisfaction Problems, A Survey. AI magazine, 13(1):32–44, 1992. 63
O. Berthold, H. Federrath, S. Köpsell: Web MIXes: A System for Anonymous and Unobservable Internet Access. International Workshop on Design Issues in Anonymity and Unobservability, Berkley, 2009 LNCS. Springer-Verlag, 2001.
I. Goldberg, A. Shostack: Freedom network whitepapers.
C. Racko., D.R. Simon: Cryptographic defence against traffic analysis. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on the Theory of Computing, pages 672–681, San Diego, California, 16-18 May 1993.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kedogan, D., Agrawal, D., Penz, S. (2003). Limits of Anonymity in Open Environments. In: Petitcolas, F.A.P. (eds) Information Hiding. IH 2002. Lecture Notes in Computer Science, vol 2578. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36415-3_4
Download citation
DOI: https://doi.org/10.1007/3-540-36415-3_4
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00421-9
Online ISBN: 978-3-540-36415-3
eBook Packages: Springer Book Archive