Statistical Disclosure or Intersection Attacks on Anonymity Systems

  • George Danezis
  • Andrei Serjantov
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3200)


In this paper we look at the information an attacker can extract using a statistical disclosure attack. We provide analytical results about the anonymity of users when they repeatedly send messages through a threshold mix following the model of Kesdogan, Agrawal and Penz [7] and through a pool mix. We then present a statistical disclosure attack that can be used to attack models of anonymous communication networks based on pool mixes. Careful approximations make the attack computationally efficient. Such models are potentially better suited to derive results that could apply to the security of real anonymous communication networks.


Statistical Disclosure Covert Channel Anonymous Communication Careful Approximation Abstract Threshold 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, D., Kesdogan, D., Penz, S.: Probabilistic Treatment of MIXes to Hamper Traffic Analysis. In: Proceedings of the 2003 IEEE Symposium on Security and Privacy (May 2003)Google Scholar
  2. 2.
    Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free MIX routes and how to overcome them. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 30–45. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2) (February 1981)Google Scholar
  4. 4.
    Danezis, G.: Mix-networks with restricted routes. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Danezis, G.: Statistical disclosure attacks. In: Samarati, K.G., Vimercati (eds.) Proceedings of Security and Privacy in the Age of Uncertainty (SEC2003), Athens, May 2003. IFIP TC11, pp. 421–426. Kluwer, Dordrecht (2003)Google Scholar
  6. 6.
    Diaz, C., Serjantov, A.: Generalising mixes. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Kesdogan, D., Agrawal, D., Penz, S.: Limits of anonymity in open environments. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, Springer, Heidelberg (2003)Google Scholar
  8. 8.
    Kesdogan, D., Egner, J., Büschkes, R.: Stop-and-go MIXes: Providing probabilistic anonymity in an open system. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Moskowitz, I.S., Newman, R.E., Crepeau, D.P., Miller, A.R.: Covert channels and anonymizing networks. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2003), Washington, DC, USA (October 2003)Google Scholar
  10. 10.
    Reed, M.G., Syverson, P.F., Goldschlag, D.M.: Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communication Special Issue on Copyright and Privacy Protection (1998)Google Scholar
  11. 11.
    Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Serjantov, A., Dingledine, R., Syverson, P.: From a trickle to a flood: Active attacks on several mix types. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. 13.
    Serjantov, A., Newman, R.E.: On the anonymity of timed pool mixes. In: Proceedings of the Workshop on Privacy and Anonymity Issues in Networked and Distributed Systems, Athens, Greece, May 2003, pp. 427–434. Kluwer, Dordrecht (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • George Danezis
    • 1
  • Andrei Serjantov
    • 1
  1. 1.Computer Laboratory, William Gates BuildingUniversity of CambridgeCambridgeUnited Kingdom

Personalised recommendations