The Lower Bound of Attacks on Anonymity Systems — A Unicity Distance Approach

  • Dogan Kesdogan
  • Lexi Pimenidis
Part of the Advances in Information Security book series (ADIS, volume 23)


During the last years a couple of attacks on generic anonymity protocols emerged, like e.g. the hitting-set attack. These attacks make use of informations gained by passively monitoring anonymizing networks to disclose the communication profile of the users.


Covert Channel Total Break Sybil Attack Anonymous Communication Possibilistic Approach 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    D. Kesdogan, D. Agrawal, and S. Penz: Limits of anonymity in open environments, in Information Hiding workshop (IH 2002), ser. LNCS, F. A. P. Petitcolas, Ed., vol. 2578. Noord-wijkerhout, The Netherlands: Springer-Verlag, 7–9 October 2002, pp. 5369.Google Scholar
  2. 2.
    D. Kesdogan, J. Egner, and R. Bűschkes: Stop-and-go-mixes providing probabilistic anonymity in an open system. Information Hiding 1998, LNCS 1525, Springer-Verlag Berlin 1998, pp. 83–98.Google Scholar
  3. 3.
    G. Danezis: Statistical disclosure attacks, in Security and Privacy in the Age of Uncertainty,(SEC2003), Gritzalis, Vimercati, Samarati, and Katsikas, Eds., IFIP TC11. Athens: Kluwer, May 2003, pp. 421426.Google Scholar
  4. 4.
    S. Steinbrecher, S. Kopsell: Modelling Unlinkability, in Proceedings of Privacy Enhancing Technologies workshop (PET 2003), ser. LNCS, May 2003.Google Scholar
  5. 5.
    N. Mathewson and R. Dingledine: Practical traffic analysis: Extending and resisting statistical disclosure, in Proceedings of Privacy Enhancing Technologies workshop (PET 2004), ser. LNCS, May 2004.Google Scholar
  6. 6.
    I. S. Moskowitz, R. E. Newman, D. P. Crepeau, and A. R. Miller: Covert channels and anonymizing networks, in Workshop on Privacy in the Electronic Society (WPES 2003), Washington, DC, USA, October 2003.Google Scholar
  7. 7.
    I. S. Moskowitz, R. E. Newman, and P. F. Syverson: Quasi-anonymous channels, in Communication, Network, and Information Security (CNIS 2003), New York, USA, 10–12 December 2003.Google Scholar
  8. 8.
    C. Diaz, S. Seys, J. Claessens, and B. Preneel: Towards measuring anonymity. Privacy Enhancing Technologies 2002, LNCS 2482, Springer-Verlag Berlin.Google Scholar
  9. 9.
    D. Hughes and V. Shmatikov: Information hiding, anonymity and privacy: A modular approach. To appear in Journal of Computer Security, 2003.Google Scholar
  10. 10.
    M. Köhntopp and A. Pfitzmann: Anonymity, unobservability, and pseudonymity-a proposal for terminology. Draft v0. 12., June 2001.Google Scholar
  11. 11.
    M.G. Reed, P.F. Syverson, and D. Goldschlag: Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communication, Special Issue on Copyright and Privacy Protection, 1998.Google Scholar
  12. 12.
    A. Pfitzmann: Dienstintegrierende Kommunikationsnetze mit teilnehmerüberprüfbarem Datenschutz. IFB 234, Springer-Verlag, Heidelberg 1990 (in German).Google Scholar
  13. 13.
    M. K. Reiter and A. D. Rubin: Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1(1), November 1998, pp. 66–92.Google Scholar
  14. 14.
    S. Schneider, A. Sidiropoulos: CSP and anonymity. ESORICS 1996, LNCS 1146, Springer-Verlag Berlin 1996, pp. 198–218.Google Scholar
  15. 15.
    A. Serjantov, G. Danezis: Towards an information-theoretic metric for anonymity. Privacy Enhancing Technologies 2002, LNCS 2482, Springer-Verlag Berlin.Google Scholar
  16. 16.
    C. E. Shannon: Communication theory of secrecy systems. The Bell System Technical Journal 28/4 (1949), pp. 656–715.MathSciNetGoogle Scholar
  17. 17.
    V. Shmatikov: Probabilistic analysis of anonymity. Proc. 15th IEEE Computer Security Foundations Workshop (CSFW) 2002, pp 119–128.Google Scholar
  18. 18.
    S. G. Stubblebine, P. F. Syverson, and D. M. Goldschlag: Unlinkable serial transactions: Protocols and applications. ACM Transactions on Information and System Security, Vol. 2, No. 4, Nov. 1999, pp. 354–389.CrossRefGoogle Scholar
  19. 19.
    P. F. Syverson and S. G. Stubblebine: Group principals and the formalization of anonymity. FM’99-Formal Methods, Vol. I, LNCS 1708,, Springer-Verlag 1999 pp. 814–833.CrossRefGoogle Scholar
  20. 20.
    Minos N. Garofalakis, Rajeev Rastogi, and Kyuseak Shim: Sequential pattern mining with regular expression constraints. 1999.Google Scholar
  21. 21.
    Bamshad Mobasher, Namit Jain, Eui-Hong Han, and Jaideep Srivastava. Web mining: Pattern discovery from world wide web transactions. 1996.Google Scholar
  22. 22.
    Lara D. Catledge and James E. Pitkow. Characterizing browsing strategies in the world wide web. 1995.Google Scholar
  23. 23.
    Oliver Berthold, Hannes Federrath, and Stefan Köpsell. Web MIXes: A system for anonymous and unobservable Internet access. In H. Federrath, editor, Proceedings of Designing Privacy Enhancing Technol ogies: Workshop on Design Issues in Anonymity and Unobservability, pages 115–129. SpringerVerlag, LNCS 2009, July 2000.Google Scholar
  24. 24.
    Dogan Kesdogan and Lexi Pimenidis. The Hitting Set Attack on Anonymity Protocols. In Proceedings of Information Hiding, 7th International Workshop. Springer Verlag, 2004.Google Scholar
  25. 25.
    David L. Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM, 24(2):84–88, Feb 1981.Google Scholar
  26. 26.
    B. Pfitzmann and A. Pfitzmann. How to break the direct RSA-implementation of mixes. pages 373–381. Eurocrypt’ 89, LNCS 434. Springer-Verlag, Berlin, 1990.Google Scholar
  27. 27.
    Marc Rennhard and Bernhard Plattner. Introducing MorphMix: Peer-to-Peer based Anonymous Internet Usage with Collusion Detection. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2002), Washington, DC, USA, November 2002.Google Scholar
  28. 28.
    George Danezis. The traffic analysis of continuous-time mixes. In David Martin and Andrei Serjantov, editors, Privacy Enhancing Technologies (PET 2004), May 2004.Google Scholar
  29. 29.
    George Danezis, Roger Dingledine, and Nick Mathewson. Mixminion: Design of a Type III Anonymous Remailer Protocol. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, May 2003.Google Scholar
  30. 30.
    John Douceur. The Sybil Attack. In Proceedings of the 1 st International Peer To Peer Systems Workshop (IPTPS 2002), March 2002.Google Scholar
  31. 31.
    D. E. R. Denning. Cryptography and Data Security. Addison-Wesley Pub (Sd) (June 1, 1982), ISBN: 0201101505.Google Scholar

Copyright information

© Springer Science+Business Media, LLC. 2006

Authors and Affiliations

  • Dogan Kesdogan
    • 1
  • Lexi Pimenidis
    • 1
  1. 1.Computer Science Department Informatik IVAachen University of TechnologyAachenGermany

Personalised recommendations