Repelling Detour Attack Against Onions with Re-encryption

  • Marek Klonowski
  • Mirosław Kutyłowski
  • Anna Lauks
Conference paper

DOI: 10.1007/978-3-540-68914-0_18

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5037)
Cite this paper as:
Klonowski M., Kutyłowski M., Lauks A. (2008) Repelling Detour Attack Against Onions with Re-encryption. In: Bellovin S.M., Gennaro R., Keromytis A., Yung M. (eds) Applied Cryptography and Network Security. ACNS 2008. Lecture Notes in Computer Science, vol 5037. Springer, Berlin, Heidelberg

Abstract

This paper is devoted to ModOnions – an anonymous communication protocol, for which a message is encoded as a set of onions and sent through intermediate nodes so that each node knows only its predecessor and its successor on the routing path. Moreover, encoding details enable universal re-encryption: each node re-encrypts the message so that no observer can link together the ciphertexts before and after re-encryption and re-encryption can be performed without any public key. ModOnions were supposed to offer many additional features over classical onion protocols, such as resilience against replay attack. However, during ISC’2006 George Danezis presented a detour attack against this construction. It enables to redefine the routing path by inserting intermediate corrupt nodes between each two nodes of the original routing path. In this way anonymity becomes completely broken. We show that after slight changes in the protocol the attack does not work anymore. The patch proposed can also be seen as a general method of enforcing who is the final addressee of a message encrypted with the ElGamal scheme and multiple public keys.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Marek Klonowski
    • 1
  • Mirosław Kutyłowski
    • 1
  • Anna Lauks
    • 1
  1. 1.Institute of Mathematics and Computer ScienceWrocław University of Technology 

Personalised recommendations