Article

Covert channels and anonymizing networks

Authors:

Ira S. Moskowitz,

Richard E. Newman,

Daniel P. Crepeau,

Allen R. MillerAuthors Info & Claims

WPES '03: Proceedings of the 2003 ACM workshop on Privacy in the electronic society

Pages 79 - 88

https://doi.org/10.1145/1005140.1005153

Published: 30 October 2003 Publication History

Abstract

There have long been threads of investigation into covert channels, and threads of investigation into anonymity, but these two closely related areas of information hiding have not been directly associated. This paper represents an initial inquiry into the relationship between covert channel capacity and anonymity, and poses more questions than it answers. Even this preliminary work has proven difficult, but in this investigation lies the hope of a deeper understanding of the nature of both areas. MIXes have been used for anonymity, where the concern is shielding the identity of the sender or the receiver of a message, or both. In contrast to traffic analysis prevention methods which conceal larger traffic patterns, we are concerned with how much information a sender to a MIX can leak to an eavesdropping outsider, despite the concealment efforts of MIXes acting as firewalls.

References

[1]

Dakshi Agrawal, Dogan Kesdogan, and Stefan Penz. Probabilistic treatment of MIXes to hamper traffic analysis. In IEEE Symposium on Security and Privacy, pages 16--27, Oakland, California, May 2003.]]

Digital Library

[2]

The anonymizer. http://www.anonymizer.com/.]]

[3]

Oliver Berthold, Hannes Federrath, and Stefan Köpsell. Web MIXes: A sytem for anonymous and unobservable internet access. In Hannes Federrath, editor, Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Observability, pages 115--129. Springer-Verlag, LNCS 2009, July 2000.]]

Digital Library

[4]

Oliver Berthold, Andreas Pfitzmann, and Ronny Standke. The disadvantages of free MIX routes and how to overcome them. In Hannes Federrath, editor, Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Observability, pages 27--45. Springer-Verlag, LNCS 2009, July 2000.]]

Digital Library

[5]

David Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84--88, 1981.]]

Digital Library

[6]

Richard Clayton, George Danezis, and Markus G. Kuhn. Real world patterns of failure in anonymity systems. In Ira S. Moskowitz, editor, Information Hiding, 4th International Workshop (IH 2001), pages 230--244. Springer-Verlag, LNCS 2137, 2001.]]

Digital Library

[7]

Thomas M. Cover and Joy A. Thomas. Elements of Information Theory. Wiley, 1991.]]

Digital Library

[8]

Claudia Díaz, Stefaan Seys, Joris Claessens, and Bart Preneel. Towards measuring anonymity. In Paul Syverson and Roger Dingledine, editors, Privacy Enhacing Technologies (PET 2002). Springer-Verlag, LNCS 2482, April 2002.]]

[9]

Robert G. Gallager. Information Theory and Reliable Communication. Wiley, 1968.]]

Digital Library

[10]

S. Kent and R. Atkinson. Security architecture for the Internet Protocol, 1998.]]

[11]

Dogan Kesdogan, Dakshi Agrawal, and Stefan Penz. Limits of anonymity in open environments. In F. A. P. Petitcolas, editor, Information Hiding, 5th International Workshop (IH 2002), pages 53--69. Springer-Verlag, LNCS 2578, 2002.]]

Digital Library

[12]

E. E. Majani and H. Rumsey. Two results on binary input discrete memoryless channels. In IEEE International Symposium on Information Theory, page 104, June 1991.]]

[13]

Ira S. Moskowitz and Myong H. Kang. Covert channels --- here to stay? In Proc. COMPASS'94, pages 235--243, Gaithersburg, MD, June 27-July 1 1994. IEEE Press.]]

[14]

Ira S. Moskowitz, Richard E. Newman, Daniel P. Crepeau, and Allen R. Miller. A detailed mathematical analysis of a class of covert channels arising in certain anonymizing networks. In NRL Memorandum Report, NRL/MR/5540-03-8691, 2003. http://chacs.nrl.navy.mil/publications/CHACS/2003/2003moskowitz-memo-5540-03-8691.pdf.]]

[15]

Richard E. Newman, Ira S. Moskowitz, Paul Syverson, and Andrei Serjantov. Metrics for traffic analysis prevention. In PET 2003, Dresden, March 2003.]]

[16]

R. E. Newman-Wolfe and B. R. Venkatraman. High level prevention of traffic analysis. In Proc. IEEE/ACM Seventh Annual Computer Security Applications Conference, pages 102--109, San Antonio, TX, Dec 2--6 1991. IEEE CS Press.]]

[17]

R. E. Newman-Wolfe and B. R. Venkatraman. Performance analysis of a method for high level prevention of traffic analysis. In Proc. IEEE/ACM Eighth Annual Computer Security Applications Conference, pages 123--130, San Antonio, TX, Nov 30-Dec 4 1992. IEEE CS Press.]]

[18]

Onion routing home page. http://www.onion-router.net.]]

[19]

Andreas Pfitzmann and Marit Köhntopp. Anonymity, unobservability and pseudonymity --- a proposal for terminology. In Hannes Federrath, editor, Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Observability, pages 1--9. Springer-Verlag, LNCS 2009, July 2000.]]

Digital Library

[20]

J. Postel. User Datagram Protocol, 1980.]]

[21]

A. P. Prudnikov, Yu. A. Brychkov, and O. I. Marichev. Integrals and Series, Volume 1. Gordon and Breach, 1986.]]

[22]

Michael K. Reiter and Aviel D. Rubin. Crowds: anonymity for web transactions. ACM Transactions on Information and System Security, 1(1):66--92, 1998.]]

Digital Library

[23]

Andrei Serjantov and George Danezis. Towards an information theoretic metric for anonymity. In Paul Syverson and Roger Dingledine, editors, Privacy Enhacing Technologies (PET 2002). Springer-Verlag, LNCS 2482, April 2002.]]

Digital Library

[24]

Claude E. Shannon. The mathematical theory of communication. Bell Systems Technical Journal, 30:50--64, 1948.]]

[25]

Claude E. Shannon. The zero error capacity of a noisy channel. IRE Trans. on Information Theory, Vol. IT-2:S8--S19, September 1956.]]

[26]

B. R. Venkatraman and R. E. Newman-Wolfe. Transmission schedules to prevent traffic analysis. In Proc. IEEE/ACM Ninth Annual Computer Security Applications Conference, pages 108--115, Orlando, FL, December 6-10 1993. IEEE CS Press.]]

[27]

B. R. Venkatraman and R. E. Newman-Wolfe. Performance analysis of a method for high level prevention of traffic analysis using measurements from a campus network. In Proc. IEEE/ACM Tenth Annual Computer Security Applications Conference, pages 288--297, Orlando, FL, December 5-9 1994. IEEE CS Press.]]

[28]

B. R. Venkatraman and R. E. Newman-Wolfe. Capacity estimation and auditability of network covert channels. In Proc. IEEE Symposium on Security and Privacy, pages 186--198, Oakland, CA, May 8-10 1995. IEEE CS Press.]]

Digital Library

Cited By

Kumar S KNene M(2023)Methods of Identifying and Reducing Covert Channel Attacks: An Analysis2023 2nd International Conference on Futuristic Technologies (INCOFT)10.1109/INCOFT60753.2023.10425607(1-7)Online publication date: 24-Nov-2023
https://doi.org/10.1109/INCOFT60753.2023.10425607
Kumar S KNene M(2023)Detection and Mitigation Mechanisms for Covert Channel Attack2023 IEEE International Carnahan Conference on Security Technology (ICCST)10.1109/ICCST59048.2023.10474231(1-7)Online publication date: 11-Oct-2023
https://doi.org/10.1109/ICCST59048.2023.10474231
Brachmann MPhillips GGülen UTudor V(2023)Toward Privacy-Preserving Localization and Mapping in eXtended Reality: A Privacy Threat Model2023 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit)10.1109/EuCNC/6GSummit58263.2023.10188227(635-640)Online publication date: 6-Jun-2023
https://doi.org/10.1109/EuCNC/6GSummit58263.2023.10188227
Show More Cited By

Index Terms

Covert channels and anonymizing networks
1. Mathematics of computing
  1. Information theory

Recommendations

Anonymizing transaction databases for publication
KDD '08: Proceedings of the 14th ACM SIGKDD international conference on Knowledge discovery and data mining

This paper considers the problem of publishing "transaction data" for research purposes. Each transaction is an arbitrary set of items chosen from a large universe. Detailed transaction data provides an electronic image of one's life. This has two ...
Anonymizing multimedia documents

Multimedia documents sharing and outsourcing have become part of the routine activity of many individuals and companies. Such data sharing puts at risk the privacy of individuals, whose identities need to be kept secret, when adversaries get the ability ...
Information Leakage as a Model for Quality of Anonymity Networks

Measures for anonymity in systems must be on one hand simple and concise, and on the other hand reflect the realities of real systems. Such systems are heterogeneous, as are the ways they are used, the deployed anonymity measures, and finally the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WPES '03: Proceedings of the 2003 ACM workshop on Privacy in the electronic society

October 2003

135 pages

ISBN:1581137761

DOI:10.1145/1005140

General Chair:
Sushil Jajodia
George Mason University
,
Program Chairs:
Pierangela Samarati
University of Milan, Italy
,
Paul Syverson
Naval Research Lab

Copyright © 2003 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2003

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS03

Sponsor:

SIGSAC

CCS03: Tenth ACM Conference on Computer and Communications Security 2003

30 10 2003

Washington, DC

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

48
Total Citations
View Citations
849
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Kumar S KNene M(2023)Methods of Identifying and Reducing Covert Channel Attacks: An Analysis2023 2nd International Conference on Futuristic Technologies (INCOFT)10.1109/INCOFT60753.2023.10425607(1-7)Online publication date: 24-Nov-2023
https://doi.org/10.1109/INCOFT60753.2023.10425607
Kumar S KNene M(2023)Detection and Mitigation Mechanisms for Covert Channel Attack2023 IEEE International Carnahan Conference on Security Technology (ICCST)10.1109/ICCST59048.2023.10474231(1-7)Online publication date: 11-Oct-2023
https://doi.org/10.1109/ICCST59048.2023.10474231
Brachmann MPhillips GGülen UTudor V(2023)Toward Privacy-Preserving Localization and Mapping in eXtended Reality: A Privacy Threat Model2023 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit)10.1109/EuCNC/6GSummit58263.2023.10188227(635-640)Online publication date: 6-Jun-2023
https://doi.org/10.1109/EuCNC/6GSummit58263.2023.10188227
Ngo THuisman M(2017)Complexity and information flow analysis for multi-threaded programsThe European Physical Journal Special Topics10.1140/epjst/e2016-60402-0226:10(2375-2392)Online publication date: 31-Jan-2017
https://doi.org/10.1140/epjst/e2016-60402-0
Alvim MChatzikokolakis KMcIver AMorgan CPalamidessi CSmith G(2016)Axioms for Information Leakage2016 IEEE 29th Computer Security Foundations Symposium (CSF)10.1109/CSF.2016.13(77-92)Online publication date: Jun-2016
https://doi.org/10.1109/CSF.2016.13
Mardziel PAlvim MHicks MClarkson M(2014)Quantifying Information Flow for Dynamic SecretsProceedings of the 2014 IEEE Symposium on Security and Privacy10.1109/SP.2014.41(540-555)Online publication date: 18-May-2014
https://dl.acm.org/doi/10.1109/SP.2014.41
Alvim MChatzikokolakis KMciver AMorgan CPalamidessi CSmith G(2014)Additive and Multiplicative Notions of Leakage, and Their CapacitiesProceedings of the 2014 IEEE 27th Computer Security Foundations Symposium10.1109/CSF.2014.29(308-322)Online publication date: 19-Jul-2014
https://dl.acm.org/doi/10.1109/CSF.2014.29
CHATZIKOKOLAKIS KPALAMIDESSI CBRAUN C(2014)Compositional methods for information-hidingMathematical Structures in Computer Science10.1017/S096012951400029226:6(908-932)Online publication date: 24-Nov-2014
https://doi.org/10.1017/S0960129514000292
Alvim MScedrov ASchneider F(2014)When Not All Bits Are Equal: Worth-Based Information FlowPrinciples of Security and Trust10.1007/978-3-642-54792-8_7(120-139)Online publication date: 2014
https://doi.org/10.1007/978-3-642-54792-8_7
Ngo THuisman M(2014)Quantitative Security Analysis for Programs with Low Input and Noisy OutputProceedings of the 6th International Symposium on Engineering Secure Software and Systems - Volume 836410.1007/978-3-319-04897-0_6(77-94)Online publication date: 26-Feb-2014
https://dl.acm.org/doi/10.1007/978-3-319-04897-0_6
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten