skip to main content
10.1145/1005140.1005155acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Reusable anonymous return channels

Published: 30 October 2003 Publication History

Abstract

Mix networks are used to deliver messages anonymously to recipients, but do not straightforwardly allow the recipient of an anonymous message to reply to its sender. Yet the ability to reply one or more times, and to further reply to replies, is essential to a complete anonymous conversation. We propose a protocol that allows a sender of anonymous messages to establish a reusable anonymous return channel. This channel enables any recipient of one of these anonymous messages to send back one or more anonymous replies. Recipients who reply to different messages can not test whether two return channels are the same, and there-fore can not learn whether they are replying to the same person. Yet the fact that multiple recipients may send multiple replies through the same return channel helps defend against the counting attacks that defeated earlier proposals for return channels. In these attacks, an adversary traces the origin of a message by sending a specific number of replies and observing who collects the same number of messages. Our scheme resists these attacks because the replies sent by an attacker are mixed with other replies submitted by other recipients through the same return channel. Moreover, our protocol straightforwardly allows for replies to replies, etc. Our protocol is based upon a re-encryption mix network, and requires four times the amount of computation and communication of a basic mixnet.

References

[1]
D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. In Communications of the ACM, 24(2):84--88, 1981.]]
[2]
L. Cottrell. Mixmaster & remailer attacks. http://www.obscura.com/~loki/remailer/remailer-essay.html, 1995.]]
[3]
G. Danezis, R. Dingledine and N. Mathewson. Mixminion: design of type III anonymous remailer protocol. In Proc. of the 2003 IEEE Symposium on Security and Privacy, pp. 2--15.]]
[4]
J. Furukawa and K. Sako. An efficient scheme for proving a shuffle. In Proc. of Crypto '01, pp. 368--387. Springer-Verlag, 2001. LNCS 2139.]]
[5]
R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin. Secure Distributed Key Generation for Discrete-Log Based Cryptosystems. In Proc. of Eurocrypt '99, pp. 295--310. Springer-Verlag, 1999. LNCS 1592.]]
[6]
D. Goldschlag, M. Reed and P. Syverson. Onion routing for anonymous and private internet connections. In Communications of the ACM, 42(2):39--41, 1999.]]
[7]
C. Gulcu and G. Tsudik. Mixing E-mail with Babel. In Proc. of Network and Distributed Security Symposium - NDSS '96. IEEE, 1996.]]
[8]
M. Jakobsson. A practical mix. In Proc. of Eurocrypt '98, pp. 448--461. Springer-Verlag, 1998. LNCS 1403.]]
[9]
M. Jakobsson. On quorum controlled asymmetric proxy re-encryption. In Proc. of Public Key Cryptography '99.]]
[10]
M. Jakobsson and A. Juels. Mix and match: secure function evaluation via ciphertexts. In Proc. of Asiacrypt '00, pp. 162--177. Springer-Verlag, 2000. LNCS 1967.]]
[11]
M. Jakobsson, A. Juels and R. Rivest. Making mix nets robust for electronic voting by randomized partial checking. In Proc. of USENIX '02, pp. 339--353, 2002.]]
[12]
A. Neff. A verifiable secret shuffle and its application to E-Voting. In Proc. of ACM CCS'01, pp. 116--125. ACM Press, 2001.]]
[13]
W. Ogata, K. Kurosawa, K. Sako and K. Takatani. Fault tolerant anonymous channel. In Proc. of ICICS '97, pp. 440--444, 1997. LNCS 1334.]]
[14]
T. Pedersen. A Threshold cryptosystem without a trusted party. In Proc. of Eurocrypt'91, pp. 522--526, 1991.]]
[15]
S. Parekh. Prospects for remailers. First Monday, 1(2), August 1996. On the web at http://www.firstmonday.dk/issues/issue2/remailers/]]
[16]
B. Waters, E. Felten and A. Sahai. Receiver anonymity via incomparable public keys. To be presented at the 2003 ACM Conference on Computer and Communications Security.]]

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
WPES '03: Proceedings of the 2003 ACM workshop on Privacy in the electronic society
October 2003
135 pages
ISBN:1581137761
DOI:10.1145/1005140
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2003

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. anonymity
  2. mix networks
  3. privacy
  4. return address

Qualifiers

  • Article

Conference

CCS03
Sponsor:

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)1
Reflects downloads up to 17 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Auditable Anonymous Electronic ExaminationCryptography10.3390/cryptography80200198:2(19)Online publication date: 1-May-2024
  • (2022)Review on Modelling and Verification of Secure ExamsFormal Aspects of Computing10.1145/354518234:2(1-3)Online publication date: 19-Sep-2022
  • (2018)Disguised Public Key for Anonymity and Enforced Confidentiality in Summative E-ExaminationsAdvances in Computing and Data Sciences10.1007/978-981-13-1810-8_9(84-94)Online publication date: 31-Oct-2018
  • (2017)Enhancing Topic Modeling for Short Texts with Auxiliary Word EmbeddingsACM Transactions on Information Systems10.1145/309110836:2(1-30)Online publication date: 21-Aug-2017
  • (2017)Social Influence Spectrum at ScaleACM Transactions on Information Systems10.1145/308670036:2(1-26)Online publication date: 21-Aug-2017
  • (2016)Efficient Privacy-Preserving Charging Station Reservation System for Electric VehiclesThe Computer Journal10.1093/comjnl/bxv11759:7(1040-1053)Online publication date: 6-Jan-2016
  • (2015)Formal Security Analysis of Traditional and Electronic ExamsE-Business and Telecommunications10.1007/978-3-319-25915-4_16(294-318)Online publication date: 30-Dec-2015
  • (2013)Privacy-preserving smart metering with regional statistics and personal enquiry servicesProceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security10.1145/2484313.2484362(369-380)Online publication date: 8-May-2013
  • (2013)A scheme for collecting anonymous data2013 IEEE International Conference on Industrial Technology (ICIT)10.1109/ICIT.2013.6505846(1210-1215)Online publication date: Feb-2013
  • (2012)Anonymous CommunicationAnonymous Security Systems and Applications10.4018/978-1-4666-1649-3.ch007(101-123)Online publication date: 2012
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media