Skip to main content
SpringerLink
Log in
Book cover

Quality of Protection pp 159–171Cite as

Intersection Attacks on Web-Mixes: Bringing the Theory into Praxis

  • Conference paper

  • 847 Accesses

Part of the book series: Advances in Information Security ((ADIS,volume 23))

Abstract

In the past, different intersection attacks on Chaum Mixes have been proposed and shown to work well in simulation environments. In this work we describe intersection attacks that have been performed on data from anonymized proxy log files. This approach creates all new problems that arise in real systems, where real-world users do not behave like those in the idealized model. E.g. the attack algorithm has to cope with a fixed number of observations. From the performed first experiments on the “dirty” real world data we get valuable insight into theory and practice of real anonymizers.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Oliver Berthold, Hannes Federrath, and Stefan Köpsell. Web MIXes: A system for anonymous and unobservable Internet access. In H. Federrath, editor, Proceedings of Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability, pages 115–129. Springer-Verlag, LNCS 2009, July 2000.

    Google Scholar 

  2. David L. Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM, 24(2):84–88, Feb 1981.

    Google Scholar 

  3. George Danezis. Statistical disclosure attacks: Traffic confirmation in open environments. In Gritzalis, Vimercati, Samarati, and Katsikas, editors, Proceedings of Security and Privacy in the Age of Uncertainty, (SEC2003), pages 421–426, Athens, May 2003. IFIP TC 11, Kluwer.

    Google Scholar 

  4. George Danezis. The traffic analysis of continuous-time mixes. In David Martin and Andrei Serjantov, editors, Privacy Enhancing Technologies (PET 2004), May 2004.

    Google Scholar 

  5. George Danezis, Roger Dingledine, and Nick Mathewson. Mixminion: Design of a Type III Anonymous Remailer Protocol. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, May 2003.

    Google Scholar 

  6. George Danezis and Andrei Serjantov. Statistical Disclosure or Intersection Attacks on Anonymity Systems. Proceedings of the 6th Information Hiding Workshop (IH2004), LNCS, Toronto, 2004.

    Google Scholar 

  7. Claudia Díaz, Len Sassaman, and Evelyne Dewitte. Comparison between two practical mix designs. In Proceedings of 9th European Symposium on Research in Computer Security (ESORICS), LNCS, France, September 2004.

    Google Scholar 

  8. Dogan Kesdogan, Dakshi Agrawal, and Stefan Penz. Limits of Anonymity in Open Environments. In Information Hiding, 5th International Workshop. Springer Verlag, 2002.

    Google Scholar 

  9. Dogan esdogan, Jan Egner, and Roland Büschkes. Stop-and-Go-Mixes Providing Anonymity in an Open System. In D. Aucsmith, editor, Information Hiding 98-Second International Workshop, pages 83–98. Springer Verlag, 1998.

    Google Scholar 

  10. Dogan Kesdogan and Lexi Pimenidis. The Hitting Set Attack on Anonymity Protocols. In Proceedings of Information Hiding, 7th International Workshop. Springer Verlag, 2004.

    Google Scholar 

  11. Brian N. Levine, Michael K. Reiter, Chenxi Wang, and Matthew K. Wright. Timing attacks in low-latency mix-based systems. In Ari Juels, editor, Proceedings of Financial Cryptography (FC’ 04). Springer-Verlag, LNCS 3110, February 2004.

    Google Scholar 

  12. Nick Mathewson and Roger Dingledine. Practical traffic analysis: Extending and resisting statistical disclosure. In Proceedings of Privacy Enhancing Technologies workshop (PET2004), LNCS, May 2004.

    Google Scholar 

  13. Steven J. Murdoch and George Danezis. Low-cost Traffic Analysis of Tor. Oakland, California, USA, May 2005. IEEE Symposium on Security and Privacy.

    Google Scholar 

  14. A. Pfitzmann. Dienstintegrierende Kommunikationsnetze mit teilnehmerüberprüfbarem Datenschutz. IFB 234, Springer-Verlag, Heidelberg 1990, 1990. (in German).

    Google Scholar 

  15. B. Pfitzmann and A. Pfitzmann. How to break the direct rsa-implementation of mixes, pages 373–381. Eurocrypt’ 89, LNCS 434. Springer-Verlag, Berlin, 1990.

    Google Scholar 

  16. Oliver Rattay. Sicherheitsbewertung von Anonymisierungsverfahren im World Wide Web (in german). Diploma thesis, Lehrstuhl fur Informatik IV, RWTH Aachen, Germany, September 2004.

    Google Scholar 

  17. Jean-Francois Raymond. Traffic analysis: Protocols, attacks, design issues and open problems. In H. Federrath, editor, Designing Privacy Enhancing Technologies: Proceedings of International Workshop on Design Issues in Anonymity and Unobservability, volume 2009 of LNCS, pages 10–29. Springer-Verlag, 2001.

    Google Scholar 

  18. [RP02] Marc Rennhard and Bernhard Plattner. Introducing MorphMix: Peer-to-Peer based Anonymous Internet Usage with Collusion Detection. In Proceedings of the Work-shop on Privacy in the Electronic Society (WPES 2002), Washington, DC, USA, November 2002.

    Google Scholar 

  19. [SS03] Andrei Serjantov and Peter Sewell. Passive attack analysis for connection-based anonymity systems. In Proceedings of ESORICS 2003: European Symposium on Research in Computer Security (Gjøvik), LNCS 2808, pages 116–131, October 2003.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department Informatik IV, Aachen University of Technology, Ahornstr. 55, D-52074, Aachen, Germany

    Dogan Kesdogan, Lexi Pimenidis & Tobias KÖlsch

Authors
  1. Dogan Kesdogan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lexi Pimenidis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tobias KÖlsch
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute Security in Distributed Applications, TU Hamburg-Harburg, Harburger Schloßstraße 20, 21079, Hamburg, Germany

    Dieter Gollmann

  2. Dipartimento Informatica e Telecomunicazioni (DIT), University of Trento, Via Sommarive, 14 38050, Trento, Italy

    Fabio Massacci  & Artsiom Yautsiukhin  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer Science+Business Media, LLC.

About this paper

Cite this paper

Kesdogan, D., Pimenidis, L., KÖlsch, T. (2006). Intersection Attacks on Web-Mixes: Bringing the Theory into Praxis. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds) Quality of Protection. Advances in Information Security, vol 23. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-36584-8_13

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-36584-8_13

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-29016-4

  • Online ISBN: 978-0-387-36584-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation