Hostname: page-component-77c89778f8-gvh9x Total loading time: 0 Render date: 2024-07-16T16:25:23.019Z Has data issue: false hasContentIssue false
  • English
  • Français

An analysis of trust in anonymity networks in the presence of adaptive attackers

Published online by Cambridge University Press:  21 November 2014

SARDAOUNA HAMADOU ,
VLADIMIRO SASSONE  and
MU YANG
SARDAOUNA HAMADOU
Affiliation:
INRIA, LIX, Ecole Polytechnique, Paris, France Email: sardaouna.hamadou@gmail.com
VLADIMIRO SASSONE
Affiliation:
Cybersecurity Centre, University of Southampton, Southampton, U.K. Email: vs@ecs.soton.ac.uk
MU YANG
Affiliation:
ECS, University of Southampton, Southampton, U.K. Email: my1g09@ecs.soton.ac.uk
Get access Rights & Permissions [Opens in a new window]

Abstract

Anonymity is a security property of paramount importance, as we move steadily towards a wired, online community. Its import touches upon subjects as different as eGovernance, eBusiness and eLeisure, as well as personal freedom of speech in authoritarian societies. Trust metrics are used in anonymity networks to support and enhance reliability in the absence of verifiable identities, and a variety of security attacks currently focus on degrading a user's trustworthiness in the eyes of the other users.

Type
Special Issue: Quantitative Information Flow
Information
Mathematical Structures in Computer Science , Volume 25 , Issue 2: Quantitative Information Flow , February 2015 , pp. 429 - 456
Copyright
Copyright © Cambridge University Press 2014 

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Abe, M. (1998) Universally verifiable mix-net with verification work independent of the number of mix-servers. In: Advances in Cryptology, EUROCRYPT. Lecture Notes on Computer Science 1403 437447.Google Scholar
Back, A., Möller, U. and Stiglic, A. (2001) Traffic analysis attacks and trade-offs in anonymity providing systems. In: Moskowitz, I. S. (ed.) Information Hiding. Springer Lecture Notes in Computer Science 2137 245257.Google Scholar
Backes, M., Lorenz, S., Maffei, M. and Pecina, K. (2010) Anonymous webs of trust. In: 10th Privacy Enhancing Technologies Symposium, PETS 2010. Lecture Notes in Computer Science 6205 130148.Google Scholar
Borisov, N., Danezis, G., Mittal, P. and Tabriz, P. (2007) Denial of service or denial of security? In: Ning, P., di Vimercati, S. D. C. and Syverson, P. F. (eds.) ACM Conference on Computer and Communications Security, ACM 92102.Google Scholar
Camenisch, J. and Lysyanskaya, A. (2005) A formal treatment of onion routing. In: Shoup, V. (ed.) CRYPTO. Springer Lecture Notes in Computer Science 3621 169187.Google Scholar
Chatzikokolakis, K. and Palamidessi, C. (2006) Probable innocence revisited. Theoretical Computer Science 367 (1-2)123138.Google Scholar
Chaum, D. (1981) Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24 (2)8488.Google Scholar
Damiani, E., di Vimercati, S. D. C., Paraboschi, S., Pesenti, M., Samarati, P. and Zara, S. (2003) Fuzzy logic techniques for reputation management in anonymous peer-to-peer systems. In: Wagenknecht, M. and Hampel, R. (eds.) Proceedings of the 3rd Conference of the European Society for Fuzzy Logic and Technology 4348.Google Scholar
Damiani, E., di Vimercati, S. D. C., Paraboschi, S., Samarati, P. and Violante, F. (2002) A reputation-based approach for choosing reliable resources in peer-to-peer networks. In: Atluri, V. (ed.) ACM Conference on Computer and Communications Security, ACM 207216.Google Scholar
Dingledine, R., Freedman, M. J., Hopwood, D. and Molnar, D. (2001) A reputation system to increase mix-net reliability. In: Moskowitz, I. S. (ed.) Information Hiding. Springer Lecture Notes in Computer Science 2137 126141.Google Scholar
Dingledine, R., Mathewson, N. and Syverson, P. F. (2004) Tor: The second-generation onion router. In: USENIX Security Symposium, USENIX 303320.Google Scholar
Dingledine, R. and Syverson, P. F. (2002) Reliable MIX cascade networks through reputation. In: Blaze, M. (ed.) Financial Cryptography. Springer Lecture Notes in Computer Science 2357 253268.Google Scholar
ElSalamouny, E., Krukow, K. T. and Sassone, V. (2009a) An analysis of the exponential decay principle in probabilistic trust models. Theoretical Computer Science 410 (41)40674084.CrossRefGoogle Scholar
ElSalamouny, E., Sassone, V. and Nielsen, M. (2009b) HMM-based trust model. In: Degano, P. and Guttman, J. D. (eds.) Formal Aspects in Security and Trust. Springer Lecture Notes in Computer Science 5983 2135.Google Scholar
Evans, N. S., Dingledine, R. and Grothoff, C. (2009) A practical congestion attack on Tor using long paths. In: Proceedings of the 18th USENIX Security Symposium 3350.Google Scholar
Feigenbaum, J., Johnson, A. and Syverson, P. (2007) Probabilistic analysis of onion routing in a black-box model. In: Proceedings of the 2007 ACM workshop on Privacy in Electronic Society, WPES'07, ACM, New York, NY, USA, 110.Google Scholar
Freedman, M. J. and Morris, R. (2002) Tarzan: A peer-to-peer anonymizing network layer. In: Atluri, V. (ed.) ACM Conference on Computer and Communications Security, ACM 193206.Google Scholar
Halpern, J. Y. and O'Neill, K. R. (2005) Anonymity and information hiding in multiagent systems. Journal of Computer Security 13 (3)483512.Google Scholar
Hamadou, S., Palamidessi, C., Sassone, V. and ElSalamouny, E. (2009) Probable innocence in the presence of independent knowledge. In: Degano, P. and Guttman, J. D. (eds.) Formal Aspects in Security and Trust, FAST 2009. Springer Lecture Notes in Computer Science 5983 141156.Google Scholar
Hamadou, S., Sassone, V. and Palamidessi, C. (2010) Reconciling belief and vulnerability in information flow. In: IEEE Symposium on Security and Privacy, IEEE Computer Society 7992.Google Scholar
Hopper, N., Vasserman, E. Y. and Chan-Tin, E. (2010) How much anonymity does network latency leak? ACM Transactions on Information and System Security 13 (2)128.Google Scholar
Jakobsson, M. (1999) Flash mixing. In: Annual ACM Symposium on Principles of Distributed Computing, PODC 99 8389.Google Scholar
Johnson, A. and Syverson, P. F. (2009) More anonymous onion routing through trust. In: CSF IEEE Computer Society 312.Google Scholar
Johnson, A., Syverson, P. F., Dingledine, R. and Mathewson, N. (2011) Trust-based anonymous communication: Adversary models and routing algorithms. In: Chen, Y., Danezis, G. and Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, ACM 175186.Google Scholar
Krukow, K., Nielsen, M. and Sassone, V. (2008) A logical framework for history-based access control and reputation systems. Journal of Computer Security 16 (1)63101.Google Scholar
McLachlan, J. and Hopper, N. (2008) Don't clog the queue! Circuit clogging and mitigation in P2P anonymity schemes. In: Tsudik, G. (ed) Financial Cryptography. Springer Lecture Notes in Computer Science 5143 3146.Google Scholar
McLachlan, J., Tran, A., Hopper, N. and Kim, Y. (2009) Scalable onion routing with Torsk. In: Al-Shaer, E., Jha, S. and Keromytis, A. D. (eds.) ACM Conference on Computer and Communications Security, ACM 590599.Google Scholar
Murdoch, S. J. and Danezis, G. (2005) Low-cost traffic analysis of Tor. In: IEEE Symposium on Security and Privacy, IEEE Computer Society 183195.Google Scholar
Nambiar, A. and Wright, M. (2006) Salsa: A structured approach to large-scale anonymity. In: Juels, A., Wright, R. N. and di Vimercati, S. D. C. (eds.) ACM Conference on Computer and Communications Security, ACM 1726.Google Scholar
Neff, C. A. (2001) A verifiable secret shuffle and its application to e-voting. In: ACM Conference on Computer and Communications Security, 116125.Google Scholar
Ohkubo, M. and Abe, M. (2000) A length-invariant hybrid mix. In: Okamoto, T. (ed), ASIACRYPT, Springer Lecture Notes in Computer Science 1976 178191.Google Scholar
Pappas, V., Athanasopoulos, E., Ioannidis, S. and Markatos, E.P. (2008) Compromising anonymity using packet spinning. In: Wu, T.-C., Lei, C.-L., Rijmen, V. and Lee, D.-T. (eds.) ISC. Springer Lecture Notes in Computer Science 5222 161174.Google Scholar
Reiter, M. K. and Rubin, A. D. (1998) Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1 (1)6692.Google Scholar
Rennhard, M. and Plattner, B. (2002) Introducing MorphMix: Peer-to-peer based anonymous internet usage with collusion detection. In: Jajodia, S. and Samarati, P. (eds.) Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society, WPES, ACM 91102.Google Scholar
Sassone, V., ElSalamouny, E. and Hamadou, S. (2010a) Trust in crowds: Probabilistic behaviour in anonymity protocols. In: Symposium on Trustworthy Global Computing, TGC 2010. Springer Lecture Notes on Computer Science 6084 88102.Google Scholar
Sassone, V., Hamadou, S. and Yang, M. (2010b) Trust in anonymity networks. In: Gastin, P. and Laroussinie, F. (eds.) CONCUR. Springer Lecture Notes in Computer Science 6269 4870.Google Scholar
Singh, A. and Liu, L. (2003) Trustme: Anonymous management of trust relationships in decentralized P2P systems. In: Shahmehri, N., Graham, R. L. and Caronni, G. (eds.) Peer-to-Peer Computing, IEEE Computer Society 142149.Google Scholar
Smith, G. (2009) On the foundations of quantitative information flow. In: de Alfaro, L. (ed.) FOSSACS. Springer Lecture Notes in Computer Science 5504 288302.Google Scholar
Syverson, P., Tsudik, G., Reed, M. and Landwehr, C. (2001) Towards an analysis of onion routing security. In: International Workshop on Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Unobservability, Springer-Verlag, New York, Inc.96114.Google Scholar
Syverson, P. F., Goldschlag, D. M. and Reed, M. G. (1997) Anonymous connections and onion routing. In: IEEE Symposium on Security and Privacy, IEEE Computer Society 4454.Google Scholar
Wang, X., Chen, S. and Jajodia, S. (2007) Network flow watermarking attack on low-latency anonymous communication systems. In: IEEE Symposium on Security and Privacy, IEEE Computer Society 116130.Google Scholar
Wang, Y. and Vassileva, J. (2003) Trust and reputation model in peer-to-peer networks. In: Shahmehri, N., Graham, R. L. and Caronni, G. (eds.) Peer-to-Peer Computing, IEEE Computer Society.Google Scholar
Wiangsripanawan, R., Susilo, W. and Safavi-Naini, R. (2007) Design principles for low latency anonymous network systems secure against timing attacks. In: Brankovic, L., Coddington, P. D., Roddick, J. F., Steketee, C., Warren, J. R. and Wendelborn, A. L. (eds.) Proceedings 15th Australasian Information Security Workshop (Privacy Enhancing Technologies), AISW 2007. Conferences in Research and Practice in Information Technology 68183191. Australian Computer Society.Google Scholar