C. Shields and B. N. Levine. A Protocol for Anonymous Communication Over the Internet. Proceedings of the 7th ACM Conference on Computer and Communications Security, Athens, Greece, 2000.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....peer to peer approach to construct such a series of mixes, called tunnels. Neither system is immune to statistical analysis, and their latency is proportional to the degree of anonymity they provide. In other source rewriting protocols, including Onion Routing [19] Crowds [14] and Hordes [17], messages are sent through the network via random paths that deter packet traces. Each node that forwards the message rewrites the source field of the packet with its own id. Consequently, attackers with limited wiretapping abilities cannot easily track packets back to their originators. In order ....

C. Shields and B. N. Levine. A Protocol for Anonymous Communication over the Internet. In Proceedings of the ACM Conference on Computer and Communications Security, pages 33--42, 2000.

.... Work General anonymization of network traffic goes back to Chaum s mix idea [6] a practical descendant is onion routing [14] Other theoretical treatments include [7] and [23] more practical work, geared specifically towards Web traffic, includes the LWPA [15] CROWDS [25] and HORDES [26]. The mix based and theoretical approaches all use combinations of some form of encryption and interposition of intermediaries, and impose a rigid structure on the shape of traffic (synchronized transfer of standard length blocks of data, and even dummy covering traffic ) to prevent leakage of ....

C. Shields and B. N. Levine. A Protocol for Anony- mous Communications Over Internet. In Proc. of 7 tn ACM Conference on Computer and Communication Security, November 2000.

....to trace each on demand ad hoc route. The design of route pseudonymity is based on a network security concept called broadcast with trapdoor information , which is newly proposed in this work. Multicast broadcast is a network based mechanism that has been explored in previous research [50] [51] to provide recipient anonymity support. Trapdoor information is a security concept that has been widely used in encryption and authentication schemes. ANODR is realized upon a hybrid form of these two concepts. The contribution of this work is to present a untraceable and intrusion tolerant ....

....expensive on demand flooding process, routing performance is expected to deteriorate significantly (as demonstrated in Section 6) It is imperative for our design to avoid such ominous combinations. 3.2. Design rationales Broadcasting with trapdoor assignment As shown in previous research [50] [51], multicasts and broadcasts without specifically identifying the receiver(s) are effective means to achieve recipient anonymity. In this work we extensively explore the mechanism of broadcasting with trapdoor assignment, that is, by embedding a trapdoor information known only to the receiver(s) ....

[Article contains additional citation context not shown here]

C. Shields and B. N. Levine. A protocol for anonymous communication over the Internet. In ACM Conference on Computer and Communications Security (CCS 2000.

....process to trace each on demand ad hoc route. The design of route pseudonymity is based on a network security concept called broadcast with trapdoor information , which is newly proposed in this work. Multicast broadcast is a networkbased mechanism that has been explored in previous research [31, 32] to provide recipient anonymity support. Trapdoor information is a security concept that has been widely used in encryption and authentication schemes. ANODR is realized upon a hybrid form of these two concepts. The contribution of this work is to present a untraceable and intrusion tolerant ....

....discovery phase. The cryptographic functions are needed to establish route pseudonyms, which in turn efficiently realize local trapdoors without cryptographic operation overhead. 3. ANODR SYSTEM DESIGN 3. 1 Design rationales Broadcasting with trapdoor assignment As shown in previous research [31, 32], multicasts and broadcasts without specifically identifying the receiver(s) are effective means to achieve recipient anonymity. In this work we extensively explore the mechanism of broadcasting with trapdoor assignment, that is, by embedding a trapdoor information known only to the receiver(s) ....

C. Shields and B. N. Levine. A protocol for anonymous communication over the Internet. In ACM Conference on Computer and Communications Security (CCS 2000.

....our conclu sions. II. OVERVIEW OF ANONYMOUS COMMUNICATION SYSTEMS In this section, we survey the past work related to anonymity, including DC Net [5] 39] Mixes [4] 18] 20] Anonymizer [1] Anonymous Remailer [2] LPWA [10] Onion Routing [13] 31] 33] 34] Crowds [26] Hordes [28], Freedom [12] and Pipenet [8] Many anonymous communication systems have been designed and implemented that provide various types of anonymity, such as sender anonymity, receiver anonymity, and mutual anonymity, unlinkability of sender and receiver, or combinations thereof. As mentioned in ....

....be 3 [35] The Freedom client user interface does not allow the user to specify a path containing cycle. The Freedom client is either to have all the intermediate nodes in the path chosen, or to choose a preferred first node and last node, and the intermediary nodes are picked at random. Hordes [28] employs multiple jondos similar to those used in the Crowds protocol to anonymously route a packet towards the receiver. For the forwarding path, Hordes uses the same strategy as Crowds. However, the major difference is that it uses multicast services to anonymously route the reply to the sender ....

[Article contains additional citation context not shown here]

C. Shields and B. N. Levine, A Protocol for Anonymous Communication Over the Internet, Proceedings of the 7th ACM Conference on Computer and Communication Security, Athens, Greece, Nov. 1-4, 2000.

....Section 7, we present our conclusions. 2 Overview of Anonymous Communication Systems In this section, we survey the past work related to anonymity, including DC Net [4, 22] Mixes [3, 10, 11] Anonymizer [1] Anonymous Remailer [2] LPWA [6] Onion Routing [8, 17, 19, 20] Crowds [14] Hordes [15], Freedom [7] and PipeNet [5] Many existing anonymous communication systems provide various forms of anonymity, such as sender anonymity, receiver anonymity, and mutual anonymity, unlinkability of sender and receiver, or combinations thereof. As mentioned in Section 1, sender anonymity is ....

....path to forward the requests to its destination. The Freedom Route Creation Protocol allows the sender to randomly choose the path, but the path length is fixed at three intermediate nodes [21] The Freedom client user interface does not allow the user to specify a path containing cycles. Hordes [15] employs multiple jondos similar to those used in the Crowds protocol to anonymously route a packet towards the receiver. It uses multicast services, however, to anonymously route the reply back to the sender instead of using the reverse path of the request. Similar to Crowds, Hordes also allows ....

[Article contains additional citation context not shown here]

C. Shields and B. N. Levine, A Protocol for Anonymous Communication Over the Internet, Proceedings of the 7th ACM Conference on Computer and Communication Security, Athens, Greece, Nov. 1-4, 2000.

....is achieved if an adversary cannot determine the initiator of an action. This can be achieved by making the initiator look like an intermediary: a participant that is merely routing data. This realization allows us to bypass many costly restrictions that common routing protocols for anonymity [2, 10, 9, 14, 4, 13] impose. Anonymity We say that a communication is anonymous with a probability p if the adversary cannot prove with probability greater than p that a node was the initiator or the responder in that communication. Using this de nition, anonymity can be measured by determining the probability that ....

....attack is described that can be used to infer the identity of the initiator. The attack is based upon the idea that an adversary could attempt to correlate multiple transfers over the network and then infer the initiator who would have a higher than average chance of being the sender. Hordes [13] attempts to make this attack more dicult by using multicasts for replies, choosing a di erent path through the network from initiator to responder than the path back from responder to initiator. This probabilistic attack requires not only that the adversary controls nodes that are participating ....

[Article contains additional citation context not shown here]

Clay Shields and Brian Neil Levine. A protocol for anonymous communication over the internet. In ACM Conference on Computer and Communications Security, pages 33-42, 2000.

....to such address leaks because the cluster leaders can identify group members in any network without having to resort to packet sniffing. Ultimately, if it is necessary for an application to protect such IP level information, additional mechanisms, e.g. use of a set of IP anonymizers [8] 18] [20], have to be used in order to obfuscate the IP header information. However, use of such anonymizers will incur additional overheads, such as intra cluster control traffic at the anonymizers. Group members that do not require IP level anonymity can still achieve user level anonymity using the ....

C. Shields and B.N. Levine. A protocol for anonymous communication over the internet. Proceedings of the 7th ACM Conference on Computer and Communications Security, November 2000.

....message. In general, the degree of sender receiver anonymity is measured by the size of the set of people who could have sent received a particular message. There have been a number of systems designed to provide receiver anonymity [2, 5] and a number of systems that provide sender anonymity [8, 9]. In these systems, The first author is with the Department of Computer Science, University of Maryland at College Park. The second and third authors are with the Department of Computer Science and the University of Maryland Institute for Advanced Computer Studies, University of Maryland at ....

....vs. communications efficiency trade off. Also, like in DC net, only a single user may send at any one time in an Xor Tree. Thus, in an Xor Tree, performance degrades due to collisions as the number of users increase. Crowds, Hordes, and Onion Routing Both Crowds [8] and the more recent Hordes [9] provide sender anonymity. The basic idea in both these systems is similar to Onion Routing [6] in which messages between communicating users are routed on an application layer overlay using paths different than the shortest path. The receiver cannot resolve the sender of a particular message ....

Clay Shields and Brian Neil Levine. A protocol for anonymous communication over the Internet. In Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-00), pages 33--42, N.Y., November 1-- 4 2000. ACM Press.

....of MID users requesting anonymous services since with our approach, the protection of Bob s 11 right to individual privacy depends on how anonymous he remains after using a TmpId. Likewise, the degree of anonymity o ered by any anonymizer it is hardly absolute but depends of its number of users [16]. 13 Are conventional services surveillance free After all this long discussion one cannot help asking whether the provision of this rather complicated protocols and expensive technology aimed at protecting our right to individual privacy is justi able; it might happens that Bob is extremely ....

Clay Shields and Brian Neil Levine. A protocol for anonymous communication over the internet. In Sushil Jajodia and Pierangela Samarati, editors, Proceedings of the 7th ACM Conference on Computer and Communications Security, Athens, Greece, November 1-4, 2000. ACM Press.

....of the content rather than the content itself. In any case, since the signature need only be computed once for each version of a file, the burden placed on the server is minimal. Ensuring privacy is much harder. While there exist proposals for enabling anonymous communication between hosts (e.g. [14]) anonymity comes at the cost of performance. This trade off may not be appropriate in a flash crowd situation since performance is the key issue. In fact, clients may not care about privacy during a flash crowd because the content served during such times is, in any case, likely to be of ....

C. Shields and B. N. Levine. "A Protocol for Anonymous Communication Over the Internet", ACM Conference on Computer and Communication Security, November 2000.

....2000] are practical examples of network architectures that apply the mix concept to provide anonymous interactive Internet communication. Another way of ensuring a degree of anonymity whereby the user appears to be no more likely than not to be the initiator of a given transaction is presented in [Shields et al. 2000]. The named solution combines a set of proxies with multicast routing, the result is proven to be both more efficient and more secure than other solutions, specifically onion routing [Syverson et al. 1997] and Crowds [Reiter et al. 1998] Similar architectures for providing anonymity of ....

C. Shields and B. N. Levine. A Protocol for Anonymous Communication Over the Internet. Proceedings of the 7 th ACM Conference on Computer and Communications Security, pages 33-42. November 2000.

No context found.

C. Shields and B. Levine. A Protocol for Anonymous Communication Over the Internet. In Proc. 7th ACM Conference on Computer and Communication Security (ACM CCS 2000.

....are just stored at the wallet s level that is the security point most likely to be attacked. The anonymity feature provided by this protocol is weak but it could be improved by using onion routing or anonymous protocols like Crowds and Hordes. 4 Security mechanisms and controls As discussed in [17], there are three types of anonymous communication that can be achieved: Sender anonymity, receiver anonymity, and unlinkability of server and receiver. We now discuss the technologies that can be used to achieve these di erent levels of anonymity as required by each System. Chaum s mixes. ....

....of improving anonymity of electronic cash protocols. Since the number of packets involved in a digital cash transaction is not large, the performance cost the use of public key encryption imposes is small and could be overlooked by merchants that only deal with a small number of customers. Crowds[16, 17]. Crowds is the name of a randomized routing protocol that has been developed to provide 12 Sender Receiver Mix level 1 Mix level 2 Mix level 3 Mix level 4 Figure 6: Chaum s mix anonymity on the Internet. The main idea of this protocol is to create user groups in which members forward ....

[Article contains additional citation context not shown here]

C. Shields and B.N. Levine. A Protocol for Anonymous Communication Over the Internet. To appear in Proceedings of the ACM Conference on Computer and Communication Security 2000.

....the attack allows malicious users to setup other participants to falsely appear to be the initiator of a connection. 1. Introduction A variety of di erent methods have been proposed to provide anonymous communication over the Internet. Previous protocols include DC Net [4] Crowds [13] Hordes [16], APFS [14] Onion Routing [12, 19] and Web Mixes [1] Each of these works include insightful analysis of attacks and network performance. In their paper on Crowds, Reiter and Rubin describe an attack that allows an attacker to guess the initiator of an anonymous connection. The guess can be made ....

....5. We introduce a new attack that can falsely identify the initiator of a connection in Section 6. Section 7 discusses the merits of these protocols in light of the attack, and Section 8 concludes. 2. Background Previous work on anonymous communication over the Internet has been extensive [4, 12, 13, 16]. A good survey of previous work is presented by Martin [9] There have also been e orts to directly compare or analyze those techniques, or analyze the variety of attacks that may reduce the anonymity of a protocol s user over time [16, 1, 19] Reiter and Rubin [13] have described an attack in ....

[Article contains additional citation context not shown here]

C. Shields and B. Levine. A Protocol for Anonymous Communication Over the Internet. In Proc. 7th ACM Conference on Computer and Communication Security (ACM CCS

....from the U.S. Department of Justice, Oce of Justice Programs. Its contents are solely the responsibility of the authors and do not necessarily represent the ocial views of the Department of Justice. Protocols for maintaining anonymous Internet connections that have been proposed previously [12, 5, 11, 13] have speci cally addressed maintaining the anonymity of the initiator of a connection. However, providing anonymity to a user awaiting connections responder anonymity is also crucial, as responder anonymity would allow privacy for network interactions such as anonymous web servers, anonymous ....

....the anonymity of the initiator and the responder of a connection. Most protocols that are designed for anonymous IP communication organize a group a members that forward messages for each other, trading bandwidth for anonymity. Examples of this type of protocol are Onion Routing [11] Hordes [13], and Crowds[12] The general method of these protocols is that an initiator creates a path through the group, and the last member of the path, called the tail node, contacts the responder. The tail node then forwards the request to the responder and returns the reply back to the initiator. This ....

[Article contains additional citation context not shown here]

C. Shields and B.N. Levine. A Protocol for Anonymous Communication Over the Internet. In Proc. 7th ACM Conference on Computer and Communication Security (ACM CCS 2000), November 2000.

....4. We introduce a new attack that can falsely identify the initiator of a connection in Section 5. Section 6 discusses the merits of these protocols in light of the attack, and Section 7 concludes. 2 Background Previous work on anonymous communication over the Internet has been extensive, e.g. [4, 6, 7, 9]. A good overview of other previous work is presented by Reed et al. [6] There have also been e orts to directly compare or analyze those techniques, or analyze the variety of attacks that may reduce the anonymity of a protocol s user over time [9, 2, 12] Reiter and Rubin [7] have described an ....

.... the Internet has been extensive, e.g. 4, 6, 7, 9] A good overview of other previous work is presented by Reed et al. [6] There have also been e orts to directly compare or analyze those techniques, or analyze the variety of attacks that may reduce the anonymity of a protocol s user over time [9, 2, 12]. Reiter and Rubin [7] have described an attack in the context of Crowds by which suciently powerful attackers can degrade the anonymity of a user. 1 A related attack has been described by Syverson et al. [12] for Onion Routing. These attacks form the basis of our analysis in this paper. ....

[Article contains additional citation context not shown here]

C. Shields and B.N. Levine. A Protocol for Anonymous Communication Over the Internet. In Proc. 7th ACM Conference on Computer and Communication Security (ACM CCS 2000), November 2000.

No context found.

C. Shields and B. N. Levine. A Protocol for Anonymous Communication Over the Internet. Proceedings of the 7th ACM Conference on Computer and Communications Security, Athens, Greece, 2000.

No context found.

C. Shields, B. Levine. A protocol for Anonymous Communication Over the Internet. ACM Conference on Computer and Communication Security, 2000.

No context found.

Clay Shields and Brian Levine. A protocol for anonymous communication over the internet. In Proceedings of the 7th ACM Conference on Computer and Communication Security, Athens, Greece, 2000.

No context found.

Shields, C. and Levine, B. (2000). A Protocol for Anonymous Communication Over the Internet. Seventh ACM Conference on Computer and Communications Security, Athens, Greece.

No context found.

C. Shields and B. N. Levine. A protocol for anonymous communication over the internet. In ACM Conference on Computer and Communications Security (CCS 2000.

No context found.

Clay Shields and Brian Neil Levine. A protocol for anonymous communication over the internet. In Proceedings of the 7th ACM conference on Computer and communications security, pages 33--42. ACM Press, 2000.

No context found.

Clay Shields and Brian Levine. A protocol for anonymous communication over the internet. In Proceedings of the 7th ACM Conference on Computer and Communication Security, Athens, Greece, 2000.

No context found.

C. Shields and B. N. Levine, "A Protocol for Anonymous Communication Over the Internet." in Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-00). N.Y.: ACM Press, Nov. 1--4 2000, pp. 33--42.

No context found.

Clay Shields and Brian Neil Levine. A protocol for anonymous communication over the Internet. In ACM Conference on Computer and Communications Security, pages 33-42, 2000.

No context found.

Clay Shields and Brian Neil Levine. A protocol for anonymous communication over the Internet. In ACM Conference on Computer and Communications Security, pages 33-42, 2000.

No context found.

C. Shields and B. Levine. A protocol for anonymous communication over the internet. In ACM Conference on Computer and Communication Security, Nov. 2000.

No context found.

Clay Shields and Brian Neil Levine. A protocol for anonymous communication over the Internet. In Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-00), pages 33--42, N.Y., November 1-- 4 2000. ACM Press.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC