Impact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks

  • Claudia Diaz
  • Steven J. Murdoch
  • Carmela Troncoso
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6205)


Low-latency anonymous communication networks require padding to resist timing analysis attacks, and dependent link padding has been proven to prevent these attacks with minimal overhead. In this paper we consider low-latency anonymity networks that implement dependent link padding, and examine various network topologies. We find that the choice of the topology has an important influence on the padding overhead and the level of anonymity provided, and that Stratified networks offer the best trade-off between them. We show that fully connected network topologies (Free Routes) are impractical when dependent link padding is used, as they suffer from feedback effects that induce disproportionate amounts of padding; and that Cascade topologies have the lowest padding overhead at the cost of poor scalability with respect to anonymity. Furthermore, we propose an variant of dependent link padding that considerably reduces the overhead at no loss in anonymity with respect to external adversaries. Finally, we discuss how Tor, a deployed large-scale anonymity network, would need to be adapted to support dependent link padding.


Network Topology Real Cell Exit Node Middle Node Entry Node 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A system for anonymous and unobservable Internet access. In: Federrath, H. (ed.) PET 2000. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Bohme, R., Danezis, G., Diaz, C., Kopsell, S., Pfitzmann, A.: Mix cascades vs. peer-to-peer: Is one concept superior? In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 243–255. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Danezis, G.: Mix-networks with restricted routes. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 1–17. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a Type III Anonymous Remailer Protocol. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 2–15. IEEE Computer Society, Los Alamitos (2003)Google Scholar
  5. 5.
    Diaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the USENIX Security Symposium, pp. 303–320 (2004)Google Scholar
  7. 7.
    Dingledine, R., Shmatikov, V., Syverson, P.: Synchronous batching: From cascades to free routes. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 186–206. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Goldschlag, D., Reed, M., Syverson, P.: Hiding routing information. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 137–150. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  9. 9.
    Houmansadr, A., Kiyavash, N., Borisov, N.: RAINBOW: A robust and invisible non-blind watermark for network flows. In: Proceedings of the Network and Distributed System Security Symposium (NDSS 2009). The Internet Society (2009)Google Scholar
  10. 10.
    Levine, B.N., Reiter, M., Wang, C., Wright, M.: Timing attacks in low-latency mix systems. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  11. 11.
    Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster Protocol – Version 2. In: IETF Internet Draft (2003)Google Scholar
  12. 12.
    Murdoch, S.J., Zieliński, P.: Sampled traffic analysis by Internet-exchange-level adversaries. In: Borisov, N., Golle, P. (eds.) PETS 2007. LNCS, vol. 4776, pp. 167–183. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Pfitzmann, A., Pfitzmann, B., Waidner, M.: ISDN-MIXes: Untraceable communication with small bandwidth overhead. In: Kommunikation in Verteilten Systemen, Grundlagen, Anwendungen, Betrieb, GI/ITG-Fachtagung, pp. 451–463. Springer, Heidelberg (1991)Google Scholar
  14. 14.
    Reardon, J.: Improving Tor using a TCP-over-DTLS tunnel. Master’s thesis, University of Waterloo (2008)Google Scholar
  15. 15.
    Serjantov, A.: On the Anonymity of Anonymity Systems. PhD thesis, University of Cambridge (2004)Google Scholar
  16. 16.
    Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Shannon, C.: A mathematical theory of communication. The Bell System Technical Journal 27, 379–423 (1948)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Shmatikov, V., Wang, M.-H.: Timing analysis in low-latency mix networks: Attacks and defenses. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 18–33. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Syverson, P.F., Tsudik, G., Reed, M., Landwehr, C.: Towards an analysis of onion routing security. In: Federrath, H. (ed.) PET 2000. LNCS, vol. 2009, pp. 96–114. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Troncoso, C., Danezis, G.: The Bayesian analysis of mix networks. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS 2009), p. 11. ACM, New York (2009)Google Scholar
  21. 21.
    Venkitasubramaniam, P., He, T., Tong, L.: Relay secrecy in wireless networks with eavesdroppers. In: Proceedings of the Allerton Conference on Communication, Control and Computing (2006)Google Scholar
  22. 22.
    Venkitasubramaniam, P., Tong, L.: Anonymous networking with minimum latency in multihop networks. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 18–32. IEEE Computer Society, Los Alamitos (2008)Google Scholar
  23. 23.
    Wang, W., Motani, M., Srinivasan, V.: Dependent link padding algorithms for low latency anonymity systems. In: Proceedings of the ACM Computer and Communications Security Conference (CCS 2008), pp. 323–332. ACM, New York (2008)CrossRefGoogle Scholar
  24. 24.
    Wang, X., Chen, S., Jajodia, S.: Network flow watermarking attack on low-latency anonymous communication systems. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 116–130. IEEE Computer Society, Los Alamitos (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Claudia Diaz
    • 1
  • Steven J. Murdoch
    • 2
  • Carmela Troncoso
    • 1
  1. 1.K.U. Leuven/IBBT, ESAT/SCD-COSICBelgium
  2. 2.Computer LaboratoryUniversity of CambridgeUK

Personalised recommendations