The Disadvantages of Free MIX Routes and
How to Overcome Them
Oliver Berthold
1
, Andreas Pfitzmann
1
, and Ronny Standtke
2
1
Dresden University of Technology, Germany
{
ob2,pfitza
}
@inf.tu-dresden.de
2
Secunet, Dresden
[email protected]
Abstract.
There are different methods to build an anonymity service
using MIXes. A substantial decision for doing so is the method of choos-
ing the MIX route. In this paper we compare two special configurations:
a fixed MIX route used by all participants and a network of freely usable
MIXes where each participant chooses his own route. The advantages
and disadvantages in respect to the freedom of choice are presented and
examined. We’ll show that some additional attacks are possible in net-
works with freely chosen MIX routes. After describing these attacks, we
estimate their impact on the achievable degree of anonymity. Finally, we
evaluate the relevance of the described attacks with respect to existing
systems like e.g. Mixmaster, Crowds, and Freedom.
1
Introduction
The concept of MIXes was developed in 1981 by David Chaum [3], in order to
enable unobservable communication between users of the internet. A single MIX
does nothing else than hiding the correlation between incoming and outgoing
messages within a large group of messages.
If participants exclusively use such a MIX for sending messages to each other,
their communication relations will be unobservable - even though if the attacker
does control all the network connections. Without additional information not
even the receiver gets to know the identity of the message’s sender.
When using only one MIX, one has to rely upon its security completely.
Therefore usually several MIXes are used in a chain. Now, any single MIX does
not have all the information which is needed to reveal communication relations.
At worst, a MIX may only know either sender or receiver.
According to the attacker model for MIXes, the communication relations
have to be kept secret even in case that all but one MIX cooperate with an
attacker who taps all lines (called
global attacker
). But a sufficient number of
reliable participants is necessary: A single participant can not be anonymous if
all or most of the other participants are controlled by the attacker. All possible
attacks on a MIX network are to be examined with regard to that attacker
model.
H. Federrath (Ed.): Anonymity 2000, LNCS 2009, pp. 30–45, 2001.
c
Springer-Verlag Berlin Heidelberg 2001
This
preview
has intentionally blurred sections.
Sign up to view the full version.
The Disadvantages of Free MIX Routes
31
There are different possibilities to organise the co-operation of several MIXes.
Generally, all MIXes exist independently from each other in the internet. When
anybody wants to use a certain MIX, he simply sends his message to it, respec-
tively, he has another MIX send his message to it. This kind of co-operation is
further called a
MIX network
.

This is the end of the preview.
Sign up
to
access the rest of the document.
- Fall '08
- Staff
- Attack!, attack, mix network
-
Click to edit the document details