Towards Measuring Anonymity
This paper introduces an information theoretic model that allows to quantify the degree of anonymity provided by schemes for anonymous connections. It considers attackers that obtain probabilistic information about users. The degree is based on the probabilities an attacker, after observing the system, assigns to the different users of the system as being the originators of a message. As a proof of concept, the model is applied to some existing systems. The model is shown to be very useful for evaluating the level of privacy a system provides under various attack scenarios, for measuring the amount of information an attacker gets with a particular attack and for comparing different systems amongst each other.
KeywordsAttack Model Anonymous Communication Honest User Crowd Member External Attacker
Unable to display preview. Download preview PDF.
- 4.T. M. Cover and J. A. Thomas. Elements of Information Theory. John Wiley & Sons, Inc., 1991. ISBN 0-471-06259-6.Google Scholar
- 5.W. Feller. An Introduction to Probability Theory and its Applications. John Wiley & Sons, Inc., Third edition, 1968.Google Scholar
- 8.M. G. Reed, P. F. Syverson and D. Goldschlag. Anonymous Connections and Onion Routing. IEEE Journal on Selected Areas in Communication. Special Issue on Copyright and Privacy Protection, 1998.Google Scholar
- 10.A. Serjantov and G. Danezis. Towards an Information Theoretic Metric for Anonymity. In Hannes Federath (Ed.), Designing Privacy Enhancing Technologies, Lecture Notes in Computer Science, 2002.Google Scholar
- 12.M. Wright, M. Adler, B. Levine and C. Shields. An Analysis of the Degradation of Anonymous Protocols. In Proceedings of Network and Distributed System Security Symposium, February 2002.Google Scholar