Abstract
Information theory turned out to be very useful in analyzing anonymity attacks in general. The concept of channel information leak is a good indicator of how successful an attack can be. While different information leak measures exist in the literature, the problem of representing anonymity systems using noisy channels has not been well studied. The main goal of this paper is to show how anonymity attacks on mix systems can be formally represented as noisy channels in the information-theoretic sense. This formal representation provides a deeper understanding of mix systems and prepares the field for a more rigorous and accurate analysis of possible attacks. We performed empirical analysis using three information leak measures (mutual information, KLSD, and Min-entropy) which revealed interesting findings about some mix variants. This paper tries to bridge the gap between theory and practice in the field of anonymous communication systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–90 (1981)
Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster Protocol — Version 2. IETF Internet Draft (July 2003)
Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a Type III Anonymous Remailer Protocol. In: Proceedings of the 2003 IEEE Symposium on Security and Privacy, pp. 2–15 (May 2003)
Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A System for Anonymous and Unobservable Internet Access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proceedings of the 13th Usenix Security Symposium (August 2004)
Diaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)
Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: Anonymity protocols as noisy channels. Information and Computation 206(2-4), 378–401 (2008)
Zhu, Y., Bettati, R.: Anonymity vs. information leakage in anonymity systems. In: Proceedings of ICDCS 2005, Columbus, Ohio, pp. 514–524 (2005)
Chatzikokolakis, K., Chothia, T., Guha, A.: Statistical measurement of information leakage. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 390–404. Springer, Heidelberg (2010)
Smith, G.: On the foundations of quantitative information flow. In: de Alfaro, L. (ed.) FOSSACS 2009. LNCS, vol. 5504, pp. 288–302. Springer, Heidelberg (2009)
Zhioua, S.: A new information leakage measure for anonymity protocols. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 50, pp. 398–414. Springer, Heidelberg (2010)
Chatzikokolakis, K.: Probabilistic and Information-Theoretic Approaches to Anonymity. PhD thesis, Laboratoire d’Informatique (LIX), École Polytechnique, Paris (October 2007)
Newman, R.E., Nalla, V.R., Moskowitz, I.S.: Anonymity and covert channels in simple timed mix-firewalls. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 1–16. Springer, Heidelberg (2005)
Chen, H., Malacaria, P.: Quantifying maximal loss of anonymity in protocols. In: Proceedings of ASIACCS 2009, pp. 206–217. ACM, New York (2009)
Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: On the bayes risk in information-hiding protocols. Journal of Computer Security 16(5), 531–571 (2008)
Reiter, M., Rubin, A.: Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1(1), 66–92 (1998)
DeGroot, M.: Optimal Statistical Decisions. McGraw-Hill, New York (1970)
DÃaz, C., Preneel, B.: Reasoning about the anonymity provided by pool mixes that generate dummy traffic. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, pp. 535–543. Springer, Heidelberg (2004)
Serjantov, A., Dingledine, R., Syverson, P.: From a trickle to a flood: Active attacks on several mix types. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 36–52. Springer, Heidelberg (2003)
DÃaz, C., Serjantov, A.: Generalising mixes. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 18–31. Springer, Heidelberg (2003)
Kesdogan, D., Egner, J., Büschkes, R.: Stop-and-go-mIXes providing probabilistic anonymity in an open system. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 83–98. Springer, Heidelberg (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhioua, S. (2011). Anonymity Attacks on Mix Systems: A Formal Analysis. In: Filler, T., Pevný, T., Craver, S., Ker, A. (eds) Information Hiding. IH 2011. Lecture Notes in Computer Science, vol 6958. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24178-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-24178-9_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24177-2
Online ISBN: 978-3-642-24178-9
eBook Packages: Computer ScienceComputer Science (R0)