Yoshifumi Manabe
Tatsuaki Okamoto
ABSTRACT
This paper proposes a return route information encryption scheme for onion-based e-mail systems and mix-nets. Our scheme has the following two properties. (1) It allows any node on the message route to send reply messages to the sender of the message. This property is necessary for sending error replies. (2) It allows the replying node to send multiple reply messages from one piece of return route information. This property is necessary when responding with large amounts of data using multiple messages. In order to construct a return route information scheme, we must consider a new type of attack, namely the replace attack. A malicious node obtains information about the route by replacing secret information that only the node can read. This paper describes the new type of attack and shows that previous schemes are vulnerable to it. Our scheme prevents replace attacks. In addition, we show that by slightly modifying our scheme malicious nodes cannot distinguish whether a message is a forward message or a reply message, thus improving the security of the routing scheme.
- J. Camenisch and A. Lysyanskaya: "A Formal Treatment of Onion Routing," Proc. of Crypto 2005, LNCS Vol. 3621, pp. 169--187 (Aug. 2005). Google Scholar
Digital Library
- D. L. Chaum: "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms," Communications of the ACM, Vol. 24, No. 2, pp. 84--88 (1981). Google ScholarDigital Library
- R. Clayton: "Improving Onion Notation," 3rd Workshop on Privacy Enhancing Technologies LNCS Vol. 2760 pp. 81--87 (Mar. 2003).Google ScholarCross Ref
- G. Danezis, R. Dingledine, and N. Mathewson: "Mixminion: Design of a Type III Anonymous Remailer Protocol," Proc. of IEEE Symposium on Security and Privacy, pp. 2--15 (May 2003). Google ScholarDigital Library
- G. Danezis: "Breaking Four Mix-related Schemes Based on Universal Re-encryption," Proc. of 9th Information Security Conference LNCS Vol. 4176, pp. 46--59 (Aug. 2006). Google ScholarDigital Library
- G. Danezis and C. Diaz: "A Survey of Anonymous Communication Channels," Microsoft Research Technical Report MSR-TR-2008-35 (Feb. 2008).Google Scholar
- R. Dingledine, N. Mathewson, and P. Syverson: "Tor: The Second-Generation Onion Router," Proc. of 13th USENIX Security Symp. p. 21 (Aug. 2004). Google ScholarDigital Library
- P. Golle, M. Jakobson, A. Juels, and P. Syverson: "Universal Re-encryption for Mixnets," CT-RSA 2004, LNCS Vol. 2964, pp. 163--178 (2004).Google Scholar
- D. M. Goldschlag, M. G. Reed, and P. F. Syverson: "Onion Routing for Anonymous and Private Internet Connections," Communications of the ACM, Vol. 42, No. 2, pp. 39--41 (Feb. 1999). Google ScholarDigital Library
- M. Gomułkiewicz, M. Klonowski, and M. Kutyłowski; "Onions Based on Universal Re-encryption - Anonymous Communication Immune Against Repetitive Attack," WISA 2004, LNCS Vol. 3325, pp. 400--410 (2004). Google ScholarDigital Library
- C. Gülcü and G. Tsudik: "Mixing E-mail with BABEL," Proc. of IEEE Symp. on Network and Distributed System Security, pp. 2--16 (Feb. 1996). Google ScholarDigital Library
- M. Klonowski, M. Kutylowski, and F. Zagorski: "Anonymous Communication with On-line and Off-line Onion Encoding," Proc. of Current Trends in Theory and Practice of Informatics (SOFSEM 2005), LNCS Vol. 3381, pp. 229--238 (Jan. 2005). Google ScholarDigital Library
- T. Lu, B. Fang, Y. Sun, and L. Guo: "Some Remarks on Universal Re-encryption and A Novel Practical Anonymous Tunnel," Proc. of ICCNMC, LNCS Vol. 3619, pp. 853--862 (2005). Google ScholarDigital Library
- C. A. Melchor and Y. Deswarte: "From DC-Nets to pMIXes: Multiple Variants for Anonymous Communications," Proc. of 5th Symp. on Network Computing and Applications(NCA), pp. 163--172 (July 2006). Google ScholarDigital Library
- K. Peng, J. M. Nieto, Y. Desmedt, and E. Dawson: "Klein Bottle Routing: An Alternative to Onion Routing and Mix Network," ICISC 2006, LNCS Vol. 4296, pp. 296--309 (2006). Google ScholarDigital Library
- V. Shmatikov and M.-H. Wang: "Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses," ESORICS 2006, LNCS Vol. 4189, pp. 18--33 (Sep. 2006). Google ScholarDigital Library
- B. Timmerman: "A Security Model for Dynamic Adaptive Traffic Masking," Proc. of 1997 workshop on New security paradigms, pp. 10--116 (1997). Google ScholarDigital Library
- B. Timmerman: "Secure Dynamic Adaptive Traffic Masking," Proc. of 1999 workshop on New security paradigms, pp. 13--24 (1999). Google ScholarDigital Library
- H. Toriyama, N. Kunihiro, and K. Ohta: "Return Message-Receivable Anonymous Routing Scheme without Reveal of Sender ID," SCIS2007, 3B4-6 (Jan. 2007).Google Scholar
Index Terms
- Anonymous return route information for onion based mix-nets
Recommendations
Reusable anonymous return channels
WPES '03: Proceedings of the 2003 ACM workshop on Privacy in the electronic societyMix networks are used to deliver messages anonymously to recipients, but do not straightforwardly allow the recipient of an anonymous message to reply to its sender. Yet the ability to reply one or more times, and to further reply to replies, is ...
Return address randomization scheme for annuling data-injection buffer overflow attacks
Inscrypt'06: Proceedings of the Second SKLOIS conference on Information Security and CryptologyBuffer overflow(BOF) has been the most common form of vulnerability in software systems today, and many methods exist to defend software systems against BOF attacks. Among them, the instruction set randomization scheme, which makes attacker not to know ...
Comments