A Fresh Look at the Generalised Mix Framework
- 1.1k Downloads
Anonymity systems designed to handle anonymous email have been implemented with a variety of different mixes. Although many of their properties have been analysed in previous work, some are still not well understood and many results are still missing.
In this paper we reexamine the generalised mix framework and the binomial mix of . We show that under some parameterizations the binomial mix has undesirable properties. More specifically, for any constant parameterization of the binomial mix, there is a minimum number of messages beyond which it acts as a timed mix. In this case the number of messages inside it is no longer hidden from the adversary and the mix is vulnerable to easy active attack. We suggest ways to avoid this in the generalised mix framework. Secondly, we show that the binomial distribution used in the framework produces distribution of pool sizes with low variance and show how to improve on this.
Finally, we present a technique from queueing theory which allows us to analyse this property for a class of mixes assuming Poisson message arrivals.
KeywordsBinomial Distribution Pool Size Stochastic Volatility Modeling Stochastic Volatility Undesirable Property
Unable to display preview. Download preview PDF.
- 1.Barndorff-Nielsen, O.E., Shepard, N.: Non-gaussian OU based models and some of their uses in financial economics and modelling by Levy processes for financial econometrics. Economics Papers 1999-w9/2000-w3, Economics Group, Nuffield College, University of Oxford (2000)Google Scholar
- 2.Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2) (February 1981)Google Scholar
- 3.Cooper, R.: Introduction to Queueing Theory. North-Holland, New York (1981)Google Scholar
- 4.Díaz, C.: Anonymity and Privacy in Electronic Services. PhD thesis, Katholieke Universiteit Leuven, Leuven, Belgium (December 2005)Google Scholar
- 5.Díaz, C., Preneel, B.: Reasoning about the anonymity provided by pool mixes that generate dummy traffic. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, Springer, Heidelberg (2004)Google Scholar
- 6.Díaz, C., Sassaman, L., Dewitte, E.: Comparison between two practical mix designs. In: Samarati, P., Ryan, P.Y A, Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, Springer, Heidelberg (2004)Google Scholar
- 7.Díaz, C., Serjantov, A.: Generalising mixes. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, Springer, Heidelberg (2003)Google Scholar
- 8.James, L.F.: Laws and likelihoods for Ornstein Uhlenbeck-Gamma and other BNS OU stochastic volatilty models with extensions (2006), http://www.citebase.org/abstract?id=oai:arXiv.org:math/0604086
- 10.O’Connor, L.: On blending attacks for mixes with memory. In: Barni, M., Herrera-Joancomartí, J., Katzenbeisser, S., Pérez-González, F. (eds.) IH 2005. LNCS, vol. 3727, Springer, Heidelberg (2005)Google Scholar
- 11.Serjantov, A.: On the Anonymity of Anonymity Systems. PhD thesis, University of Cambridge (June 2004)Google Scholar