Skip to main content
SpringerLink
Log in

Comparison of commitment schemes used in mix-mediated anonymous communication for preventing pool-mode attacks

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 1998)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1438))

Included in the following conference series:

Abstract

Mixes allow anonymous communication. They hide the communication relation between sender and recipient and, thereby, guarantee that messages are untraceable in an electronic communication network. Nonetheless, depending on the strength of the attacker, several known attacks on mixes still allow the tracing of messages through the network.

We discuss a tricky (n–1)-attack by mixes in pool-mode, which is commonly used as mix configuration: Such an attacking mix is able to ‘randomly’ delay messages in order to provide a stream of messages of its choosing to the next mix(es). If the attacking mix delays all but one message, it can trace the message it is interested in. The special problem is that this attack is not detectable by the users as the behavior of the mix is completely legitimate. The chances of preventing such pool-mode attacks depend on how well the users can check the mixes in performing their tasks.

We present two possible solutions of checking the mix' functionality. They enable the detection of such attacks and, therefore, improve this situation. We suggest the usage of commitment schemes, which are applied to determine the random choices of mixes beforehand, and describe their protocols in detail. We compare the commitment scheme for decisions on single messages and the commitment scheme for decisions on hash values of messages.

Parts of this work were supported by the German Science Foundation (DFG), the Gottlieb Daimler- and Karl Benz-Foundation and the German Ministry of Education, Science, Research and Technology (BMBF).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literature

  1. D. Chaum: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms; Communications of the ACM 24/2 (1981) 84–88.

    Article  Google Scholar 

  2. A. Fasbender, D. Kesdogan, O. Kubitz: Analysis of Security and Privacy in Mobile IP. 4th International Conference on Telecommunication Systems, Modeling and Analysis, Nashville, March 21–24, 1996.

    Google Scholar 

  3. E. Franz, A. Graubner, A. Jerichow, A. Pfitzmann: Modelling mix-mediated anonymous communication and preventing pool-mode attacks, to appear at IFIP/SEC'98, 14th International Information Security Conference, in August 1998.

    Google Scholar 

  4. C. Gülcü, G. Tsudik: Mixing Email with BABEL; Proc. Symposium on Networking and Distributed System Security, San Diego, IEEE Comput. Soc. Press, 1996, pp 2–16.

    Google Scholar 

  5. Anja Jerichow, Jan Müller, Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Real-Time Mixes: A Bandwidth-Efficient Anonymity Protocol; accepted for IEEE Journal on Selected Areas in Communications, special issue „Copyright and privacy protection“, to appear probably April 1998.

    Google Scholar 

  6. T. Lopatic, C. Eckert, U. Baumgarten: MMIP — Mixed Mobile Internet Protocol; CMS'97 — Communications and Multimedia Security, IFIP TC-6 and TC-11, 22–23 Sept. 1997 in Athens (Greece).

    Google Scholar 

  7. A. Pfitzmann, B. Pfitzmann, M. Waidner: ISDN-MIXes — Untraceable Communication with Very Small Bandwidth Overhead. 7th IFIP International Conference on Information Security (IFIP/Sec '91), Elsevier, Amsterdam 1991, 245–258.

    Google Scholar 

  8. A. Pfitzmann, M. Waidner: Networks without user observability — design options; Eurocrypt '85, LNCS 219, Springer-Verlag, Berlin 1986, 245–253; Extended version in:Computers & Security 6/2 (1987) 158–166.

    Google Scholar 

  9. Paul F. Syverson, David M. Goldschlag, Michael G. Reed: Anonymous Connections and Onion Routing; 1997 IEEE Symposium on Security and Privacy.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dresden University of Technology, 01062, Dresden, Germany

    E. Franz, A. Graubner, A. Jerichow & A. Pfitzmann

Authors
  1. E. Franz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. A. Graubner
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. Jerichow
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. A. Pfitzmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Colin Boyd Ed Dawson

Rights and permissions

Reprints and permissions

Copyright information

© 1998 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Franz, E., Graubner, A., Jerichow, A., Pfitzmann, A. (1998). Comparison of commitment schemes used in mix-mediated anonymous communication for preventing pool-mode attacks. In: Boyd, C., Dawson, E. (eds) Information Security and Privacy. ACISP 1998. Lecture Notes in Computer Science, vol 1438. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0053726

Download citation

  • DOI: https://doi.org/10.1007/BFb0053726

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-64732-4

  • Online ISBN: 978-3-540-69101-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation