skip to main content
10.1145/3463676.3485605acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

Plausible Deniability for Anonymous Communication

Published: 15 November 2021 Publication History

Abstract

The rigorous analysis of anonymous communication protocols and formal privacy goals have proven to be difficult to get right. Formal privacy notions as in the current state of the art based on indistinguishability games simplify analysis. Achieving them, however can incur prohibitively high overhead in terms of latency. Definitions based on function views, albeit less investigated, might imply less overhead but aren't directly comparable to state of the art notions, due to differences in the model.
In this paper, we bridge the worlds of indistinguishability game and function view based notions by introducing a new game: the "Exists INDistinguishability" (E-IND), a weak notion that corresponds to what is informally sometimes termed Plausible Deniability. By intuition, for every action in a system achieving plausible deniability there exists an equally plausible, alternative that results in observations that an adversary cannot tell apart. We show how this definition connects the early formalizations of privacy based on function views[13] to recent game-based definitions. This enables us to link, analyze, and compare existing efforts in the field.

References

[1]
Michael Backes, Aniket Kate, Praveen Manoharan, Sebastian Meiser, and Esfandiar Mohammadi. 2013. AnoA : A Framework for Analyzing Anonymous Communication Protocols. In 2013 IEEE 26th Computer Security Foundations Symposium. IEEE, New Orleans, LA, 163--178. https://doi.org/10.1109/CSF.2013.18
[2]
Mohit Bhargava and Catuscia Palamidessi. 2005. Probabilistic Anonymity. In CONCUR 2005 - Concurrency Theory, 16th International Conference, CONCUR 2005, San Francisco, CA, USA, August 23-26, 2005, Proceedings (Lecture Notes in Computer Science, Vol. 3653), Martín Abadi and Luca de Alfaro (Eds.). Springer, 171--185. https://doi.org/10.1007/11539452_16
[3]
Jens-Matthias Bohli and Andreas Pashalidis. 2011. Relations among Privacy Notions. ACM Transactions on Information and System Security, Vol. 14, 1 (May 2011), 1--24. https://doi.org/10.1145/1952982.1952986
[4]
David Chaum. 1988. The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability. Journal of cryptology (1988).
[5]
David L Chaum. 1981. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms., Vol. 24, 2 (1981), 5.
[6]
Ian Clarke, Oskar Sandberg, Brandon Wiley, and Theodore W. Hong. 2000. Freenet: A Distributed Anonymous Information Storage and Retrieval System. In Designing Privacy Enhancing Technologies, International Workshop on Design Issues in Anonymity and Unobservability, Berkeley, CA, USA, July 25--26, 2000, Proceedings (Lecture Notes in Computer Science, Vol. 2009), Hannes Federrath (Ed.). Springer, 46--66. https://doi.org/10.1007/3-540-44702-4_4
[7]
Roger Dingledine, Nick Mathewson, and Paul Syverson. 2004. Tor: The Second -Generation Onion Router:. Technical Report. Defense Technical Information Center, Fort Belvoir, VA. https://doi.org/10.21236/ADA465464
[8]
Prastudy Fauzi, Sarah Meiklejohn, Rebekah Mercer, and Claudio Orlandi. 2019. Quisquis: A New Design for Anonymous Cryptocurrencies. In Advances in Cryptology textendash ASIACRYPT 2019, Steven D. Galbraith and Shiho Moriai (Eds.). Vol. 11921. Springer International Publishing, Cham, 649--678. https://doi.org/10.1007/978-3-030-34578--5_23
[9]
Joan Feigenbaum, Aaron Johnson, and Paul F. Syverson. 2007. A Model of Onion Routing with Provable Anonymity. In Financial Cryptography and Data Security, 11th International Conference, FC 2007, and 1st International Workshop on Usable Security, USEC 2007, Scarborough, Trinidad and Tobago, February 12--16, 2007. Revised Selected Papers (Lecture Notes in Computer Science, Vol. 4886), Sven Dietrich and Rachna Dhamija (Eds.). Springer, 57--71. https://doi.org/10.1007/978-3-540-77366-5_9
[10]
Nethanel Gelernter and Amir Herzberg. 2013. On the Limits of Provable Anonymity. In Proceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society - WPES '13. ACM Press, Berlin, Germany, 225--236. https://doi.org/10.1145/2517840.2517850
[11]
Joseph Y Halpern and Kevin R O'Neill. [n.d.]. Anonymity and Information Hiding in Multiagent Systems. ([n.,d.]), 14.
[12]
Alejandro Hevia and Daniele Micciancio. 2008. An Indistinguishability -Based Characterization of Anonymous Channels In Privacy Enhancing Technologies, Nikita Borisov and Ian Goldberg (Eds.). Vol. 5134. Springer Berlin Heidelberg, Berlin, Heidelberg, 24--43. https://doi.org/10.1007/978-3-540-70630-4_3
[13]
Dominic J. D. Hughes and Vitaly Shmatikov. 2004. Information Hiding, Anonymity and Privacy: A Modular Approach. J. Comput. Secur., Vol. 12, 1 (2004), 3--36.
[14]
Jon Kleinberg. 2000. The small-world phenomenon: An algorithmic perspective. In STOC.
[15]
Christiane Kuhn, Martin Beck, Stefan Schiffner, Eduard A. Jorswieck, and Thorsten Strufe. 2019. On Privacy Notions in Anonymous Communication. Proc. Priv. Enhancing Technol., Vol. 2019, 2 (2019), 105--125. https://doi.org/10.2478/popets-2019-0022
[16]
Brian Neil Levine, Marc Liberatore, Brian Lynn, and Matthew Wright. 2020. A Forensically Sound Method of Identifying Downloaders and Uploaders in Freenet. In CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 1497--1512. https://doi.org/10.1145/3372297.3417876
[17]
Shen Noether and Adam Mackenzie. 2016. Ring Confidential Transactions. Ledger, Vol. 1 (2016), 1--18.
[18]
Andreas Pfitzmann and Marit Köhntopp. 2000. Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology. In Designing Privacy Enhancing Technologies, International Workshop on Design Issues in Anonymity and Unobservability, Berkeley, CA, USA, July 25-26, 2000, Proceedings (Lecture Notes in Computer Science, Vol. 2009), Hannes Federrath (Ed.). Springer, 1--9. https://doi.org/10.1007/3-540-44702-4_1
[19]
Michael K. Reiter and Aviel D. Rubin. 1998. Crowds: Anonymity for Web Transactions. ACM Transactions on Information and System Security, Vol. 1, 1 (Nov. 1998), 66--92. https://doi.org/10.1145/290163.290168
[20]
Steve A. Schneider and Abraham Sidiropoulos. 1996. CSP and Anonymity. In Computer Security - ESORICS 96, 4th European Symposium on Research in Computer Security, Rome, Italy, September 25-27, 1996, Proceedings (Lecture Notes in Computer Science, Vol. 1146), Elisa Bertino, Helmut Kurth, Giancarlo Martella, and Emilio Montolivo (Eds.). Springer, 198--218. https://doi.org/10.1007/3-540-61770-1_38
[21]
Sandra Steinbrecher and Stefan Köpsell. 2003. Modelling Unlinkability. In Privacy Enhancing Technologies, Third International Workshop, PET 2003, Dresden, Germany, March 26--28, 2003, Revised Papers (Lecture Notes in Computer Science, Vol. 2760), Roger Dingledine (Ed.). Springer, 32--47. https://doi.org/10.1007/978-3-540-40956-4_3
[22]
Paul F. Syverson and Stuart G. Stubblebine. 1999. Group Principals and the Formalization of Anonymity. In FM '99 - Formal Methods, World Congress on Formal Methods in the Development of Computing Systems, Toulouse, France, September 20--24, 1999, Proceedings, Volume I (Lecture Notes in Computer Science, Vol. 1708), Jeannette M. Wing, Jim Woodcock, and Jim Davies (Eds.). Springer, 814--833. https://doi.org/10.1007/3-540-48119-2_45
[23]
Matthew K Wright, Micah Adler, Brian Neil Levine, and Clay Shields. 2004. The predecessor attack: An analysis of a threat to anonymous communications systems. ACM Transactions on Information and System Security (TISSEC), Vol. 7, 4 (2004), 489--522.

Cited By

View all
  • (2024)Deniable Encrypted Messaging: User Understanding after Hands-on Social ExperienceProceedings of the 2024 European Symposium on Usable Security10.1145/3688459.3688479(155-171)Online publication date: 30-Sep-2024

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
WPES '21: Proceedings of the 20th Workshop on Workshop on Privacy in the Electronic Society
November 2021
257 pages
ISBN:9781450385275
DOI:10.1145/3463676
  • General Chairs:
  • Yongdae Kim,
  • Jong Kim,
  • Program Chairs:
  • Giovanni Livraga,
  • Noseong Park
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 November 2021

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. anonymity
  2. peer-to-peer
  3. plausible deniability
  4. privacy notion

Qualifiers

  • Research-article

Funding Sources

Conference

CCS '21
Sponsor:

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)38
  • Downloads (Last 6 weeks)4
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Deniable Encrypted Messaging: User Understanding after Hands-on Social ExperienceProceedings of the 2024 European Symposium on Usable Security10.1145/3688459.3688479(155-171)Online publication date: 30-Sep-2024

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media