Security Analysis of AN.ON’s Payment Scheme

  • Benedikt Westermann
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5838)


In recent years several payment schemes have emerged for anonymous communication systems such as AN.ON and Tor.

In this paper we briefly present a payment scheme that is deployed and currently used by AN.ON. The main contribution of this paper is a security analysis of the most important cryptographic protocols involved in the payment process. The analysis of the protocols shows that they contain several weaknesses that need to be addressed to provide a fair service. We show how an attacker can use the weaknesses to surf on other’s credits. Finally, we propose a fix for the protocols in order to withstand the encountered attacks.


Security Analysis Authentication Protocol Payment Scheme Message Sequence Chart Payment Process 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Androulaki, E., Raykova, M., Srivatsan, S., Stavrou, A., Bellovin, S.M.: Par: Payment for anonymous routing. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 219–236. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  2. 2.
    Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A system for anonymous and unobservable Internet access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free mix routes and how to overcome them. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 30–45. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Burrows, M., Abadi, M., Needham, R.: A logic of authentication. Technical Report 39, Digital Equipment Corporation Systems Research Center, Palo Alto, Calif. (February 1989) (Revised on February 22, 1990)Google Scholar
  5. 5.
    Burrows, M., Abadi, M., Needham, R.: A logic of authentication, vol. 8, pp. 18–36. ACM, New York (1990)zbMATHGoogle Scholar
  6. 6.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2), 84–88 (1981)CrossRefGoogle Scholar
  7. 7.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (2004)Google Scholar
  8. 8.
    Müller, A.: Entwurf und Implementierung einer Zahlungsfunktion für einen Mix-basierten Anonymisierungsdienst unter Berücksichtigung mehrseitiger Sicherheitsanforderungen. Master’s thesis, TU Dresden, Germany (2002)Google Scholar
  9. 9.
    Pfitzmann, A., Hansen, M.: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management - a consolidated proposal for terminology, v0.31 (February 2008)Google Scholar
  10. 10.
    Wendolsky, R.: A volume-based accounting system for fixed-route mix cascade systems. In: Bamberger Beiträge zur Wirtschaftsinformatik und angewandten Informatik, February 2008, pp. 26–33 (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Benedikt Westermann
    • 1
  1. 1.Center for Quantifiable Quality of ServiceNorwegian University of Science and TechnologyNorway

Personalised recommendations