Non-expanding Transaction Specific Pseudonymization for IP Traffic Monitoring

  • Lasse Øverlier
  • Tønnes Brekne
  • André Årnes
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3810)


This paper presents a scheme for transaction pseudonymization of IP address data in a distributed passive monitoring infrastructure. The approach provides high resistance against traffic analysis and injection attacks, and it provides a technique for gradual release of data through a key management scheme. The scheme is non-expanding, and it should be suitable for hardware implementations for high-bandwidth monitoring systems.


Initialization Vector Stream Cipher Covert Channel Injection Attack Partial Disclosure 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Pfitzmann, A., Koehntopp, M.: Anonymity, unobservability, and pseudonymity – a proposal for terminology. In: Workshop on Design Issues in Anonymity and Unobservability (2000)Google Scholar
  2. 2.
    Brekne, T., Årnes, A., Øslebø, A.: Anonymization of ip traffic monitoring data: Attacks on two prefix-preserving anonymization schemes and some proposed remedies. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 179–196. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Brekne, T., Årnes, A.: Circumventing ip-address pseudonymization in o(n 2) time. In: Proceedings of IASTED Communication and Computer Networks, CCN 2005 (2005)Google Scholar
  4. 4.
    Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, p. 93. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Menezes, A.J., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)CrossRefGoogle Scholar
  6. 6.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4 (1981)Google Scholar
  7. 7.
    Chaum, D.: The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of Cryptology 1, 65–75 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Raymond, J.F.: Traffic analysis: Protocols, attacks, design issues, and open problems. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, p. 10. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Biskup, J., Flegel, U.: On pseudonymization of audit data for intrusion detection. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, p. 161. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Sobirey, M., Fischer-Hübner, S., Rannenberg, K.: Pseudonymous audit for privacy enhanced intrusion detection. In: SEC, pp. 151–163 (1997)Google Scholar
  11. 11.
    Xu, J., Fan, J., Ammar, M., Moon, S.B.: On the design and performance of prefix-preserving ip traffic trace anonymization. In: Proceedings of the ACM SIGCOMM Internet Measurement Workshop 2001 (2001)Google Scholar
  12. 12.
    Xu, J., Fan, J., Ammar, M., Moon, S.B.: Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In: ICNP 2002 (2002)Google Scholar
  13. 13.
    Ramaswamy, R., Weng, N., Wolf, T.: An IXA-basednetwork measurement node. In: Proc. of Intel IXA University Summit (2004)Google Scholar
  14. 14.
    Pang, R., Paxson, V.: A high-level programming environment for packet trace anonymization and transformation. In: SIGCOMM 2003: Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications, pp. 339–351. ACM Press, New York (2003)CrossRefGoogle Scholar
  15. 15.
    Stadler, M.: Cryptographic Protocols for Revocable Privacy. PhD thesis (1996)Google Scholar
  16. 16.
    Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, p. 184. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  17. 17.
    Persiano, G., Visconti, I.: An efficient and usable multi-show non-transferable anonymous credential system. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 196–211. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  18. 18.
    Schneier, B.: Applied Cryptography. John Wiley & Sons, Inc., Chichester (1996)Google Scholar
  19. 19.
    Diffie, W., Hellman, M.E.: Privacy and authentication: An introduction to cryptography. Proceedings of the IEEE 67, 297–427 (1979)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Lasse Øverlier
    • 1
    • 2
  • Tønnes Brekne
    • 3
  • André Årnes
    • 3
  1. 1.Norwegian Defence Research EstablishmentKjellerNorway
  2. 2.Gjøvik University CollegeGjøvikNorway
  3. 3.Centre for Quantifiable Quality of Service in Communication SystemsNorwegian University of Science and TechnologyTrondheimNorway

Personalised recommendations