Mixminion: Design of a type III anonymous remailer protocol

Proceedings - IEEE Symposium on Security and Privacy

Volumn 2003-January, Issue , 2003, Pages 2-15

  Danezis, G ^a   Dingledine, R ^b   Mathewson, N ^b  

^a UNIVERSITY OF CAMBRIDGE   (United Kingdom)

^b Free Haven Project   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ANONYMITY SETS; DIRECTORY SERVER; INTERNET ENVIRONMENT; PERFORMANCE STATISTICS; PUBLIC KEYS; REAL-WORLD; SIMILAR DESIGN; SINGLE USE;

SECURITY OF DATA;

EID: 84954409133     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECPRI.2003.1199323     Document Type: Conference Paper

References (39)

1. M. Abe. Universally verifiable MIX with verification work independent of the number of MIX servers. In EUROCRYPT 1998. Springer-Verlag, LNCS 1403, 1998.
2. R. Anderson and E. Biham. Two practical and provably secure block ciphers: BEAR and LION. In International Workshop on Fast Software Encryption. Springer-Verlag, 1996. 'http://citeseer.nj.nec.com/anderson96two.html'.
3. A. Back, U. Möller, and A. Stiglic. Traffic analysis attacks and trade-offs in anonymity providing systems. In I. S. Moskowitz, editor, Information Hiding (IH 2001), pages 245-257. Springer-Verlag, LNCS 2137, 2001. 'http://www.cypherspace.org/adam/pubs/traffic.pdf'.
4. O. Berthold, H. Federrath, and S. Köpsell. Web MIXes: A system for anonymous and unobservable Internet access. In H. Federrath, editor, Designing Privacy Enhancing Technologies: Workshop on Design Issue in Anonymity and Unobservability, pages 115-129. Springer-Verlag, LNCS 2009, 2000.
5. O. Berthold and H. Langos. Dummy traffic against long term intersection attacks. In R. Dingledine and P. Syverson, editors, Privacy Enhancing Technologies (PET 2002). Springer-Verlag, LNCS 2482, 2002.
6. O. Berthold, A. Pfitzmann, and R. Standtke. The disadvantages of free MIX routes and how to overcome them. In H. Federrath, editor, Designing Privacy Enhancing Technologies: Workshop on Design Issue in Anonymity and Unobservability, pages 30-45. Springer-Verlag, LNCS 2009, 2000. 'http://www.tik.ee.ethz.ch/~weiler/lehre/netsec/Unterlagen/anon/disadvantages-berthold.pdf'.
7. D. Chaum. Untraceable electronic mail, return addresses, and digital pseudo-nyms. Communications of the ACM, 4(2), February 1982. 'http://www.eskimo.com/~weidai/mix-net.txt'.
8. L. Cottrell. Mixmaster and remailer attacks. 'http://www.obscura.com/~loki/remailer/remailer-essay.html'.
9. Y. Desmedt and K. Kurosawa. How to break a practical MIX and design a new one. In EUROCRYPT 2000. Springer-Verlag, LNCS 1803, 2000. 'http://citeseer.nj.nec.com/447709.html'.
10. T. Dierks and C. Allen. The TLS Protocol - Version 1.0. IETF RFC 2246, January 1999. 'http://www.rfc-editor.org/rfc/rfc2246.txt'.
11. R. Dingledine, M. J. Freedman, D. Hopwood, and D. Molnar. A Reputation System to Increase MIX-net Reliability. In I. S. Moskowitz, editor, Information Hiding (IH 2001), pages 126-141. Springer-Verlag, LNCS 2137, 2001. 'http://www.freehaven.net/papers.html'.
12. R. Dingledine and P. Syverson. Reliable MIX Cascade Networks through Reputation. In M. Blaze, editor, Financial Cryptography (FC '02). Springer-Verlag, LNCS (forthcoming), 2002. 'http://www.freehaven.net/papers.html'.
13. J. Furukawa and K. Sako. An efficient scheme for proving a shuffle. In J. Kilian, editor, CRYPTO 2001. Springer-Verlag, LNCS 2139, 2001.
14. C. Gulcu and G. Tsudik. Mixing E-mail with Babel. In Network and Distributed Security Symposium - NDSS '96. IEEE, 1996. 'http://citeseer.nj.nec.com/2254.html'.
15. J. Helsingius. anon.penet.fi press release. 'http://www.penet.fi/press-english.html'.
16. M. Jakobsson. Flash Mixing. In Principles of Distributed Computing - PODC '99. ACM Press, 1999. 'http://citeseer.nj.nec.com/jakobsson99flash.html'.
17. M. Jakobsson and A. Juels. An optimally robust hybrid mix network (extended abstract). In Principles of Distributed Computing - PODC '01. ACM Press, 2001. 'http://citeseer.nj.nec.com/492015.html'.
18. A. Jerichow, J. Müller, A. Pfitzmann, B. Pfitzmann, and M. Waidner. Real-Time MIXes: A Bandwidth-Efficient Anonymity Protocol. IEEE Journal on Selected Areas in Communications, 1998. 'http://www.zurich.ibm.com/security/publications/1998.html'.
19. D. Kesdogan, M. Egner, and T. Büschkes. Stop-and-go MIXes providing probabilistic anonymity in an open system. In Information Hiding (IH 1998). Springer-Verlag, LNCS 1525, 1998. 'http://www.cl.cam.ac.uk/~fapp2/ihw98/ihw98-sgmix.pdf'.
20. M. Luby and C. Rackoff. How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing, 17(2):373-386, 1988.
21. T. Malkin. Private Information Retrieval. PhD thesis, MIT, 2000. 'http://toc.lcs.mit.edu/~tal/pubs.html'.
22. thACM Conference on Computer and Communications Security (CCS'98). ACM Press, 1998. 'http://www.scs.cs.nyu.edu/~dm/'.
23. M. Mitomo and K. Kurosawa. Attack for Flash MIX. In ASIACRYPT 2000. Springer-Verlag, LNCS 1976, 2000. 'http://citeseer.nj.nec.com/450148.html'.
24. Mixminion. Type III (Mixminion) mix protocol specifications. 'http://mixminion.net/minion-spec.txt'.
25. B. Möller. Provably secure public-key encryption for length-preserving chaumian mixes. In CT-RSA 2003. Springer-Verlag, LNCS 2612, 2003.
26. U. Möller and L. Cottrell. Mixmaster Protocol - Version 2. Unfinished draft, January 2000. 'http://www.eskimo.com/~rowdenw/crypt/Mix/draft-moeller-mixmaster2-protocol-00.txt'.
27. J. Myers and M. Rose. Post Office Protocol - Version 3. IETF RFC 1939 (also STD0053), May 1996. 'http://www.rfc-editor.org/rfc/rfc1939.txt'.
28. C. A. Neff. A verifiable secret shuffle and its application to e-voting. In P. Samarati, editor, 8th ACM Conference on Computer and Communications Security (CCS-8), pages 116-125. ACM Press, November 2001. 'http://www.votehere.net/ ada-compliant/ourtechnology/technicaldocs/shuffle.pdf'.
29. M. Ohkubo and M. Abe. A Length-Invariant Hybrid MIX. In Advances in Cryptology - ASIACRYPT 2000. Springer-Verlag, LNCS 1976, 2000.
30. P. Palfrader. Echolot: a pinger for anonymous remailers. 'http://www.palfrader.org/echolot/'.
31. S. Parekh. Prospects for remailers. First Monday, 1(2), August 1996. 'http://www.firstmonday.dk/issues/issue2/remailers/'.
32. B. Pfitzmann and A. Pfitzmann. How to break the direct RSA-implementation of MIXes. In Eurocrypt 89. Springer-Verlag, LNCS 434, 1990. 'http://citeseer.nj.nec.com/pfitzmann90how.html'.
33. J. Postel. Simple Mail Transfer Protocol. IETF RFC 2821 (also STD0010), April 2001. 'http://www.rfc-editor.org/rfc/rfc2821.txt'.
34. J. R. Rao and P. Rohatgi. Can pseudonymity really guarantee privacy? In Proceedings of the Ninth USENIX Security Symposium, pages 85-96. USENIX, Aug. 2000. 'http://www.usenix.org/publications/library/proceedings/sec2000/full-papers/rao/rao.pdf'.
35. J. F. Raymond. Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. In H. Federrath, editor, Designing Privacy Enhancing Technologies: Workshop on Design Issue in Anonymity and Unobservability, pages 10-29. Springer-Verlag, LNCS 2009, July 2000.
36. A. Serjantov, R. Dingledine, and P. Syverson. From a trickle to a flood: Active attacks on several mix types. In F. Petitcolas, editor, Information Hiding (IH 2002). Springer-Verlag, LNCS (forthcoming), 2002.
37. Z. K. Systems. Freedom version 2 white papers. 'http://www.freedom.net/info/whitepapers/'.
38. P. Syverson, M. Reed, and D. Goldschlag. Onion Routing access configurations. In DARPA Information Survivability Conference and Exposition (DISCEX 2000), volume 1, pages 34-40. IEEE CS Press, 2000. 'http://www.onion-router.net/Publications.html'.
39. P. F. Syverson, G. Tsudik, M. G. Reed, and C. E. Landwehr. Towards an analysis of onion routing security. In H. Federrath, editor, Designing Privacy Enhancing Technologies: Workshop on Design Issue in Anonymity and Unobservability, pages 96-114. Springer-Verlag, LNCS 2009, July 2000. 'http://citeseer.nj.nec.com/syverson00towards.html'.