AnoA: A Framework for Analyzing Anonymous Communication Protocols

Protecting individuals' privacy in online communications has become a challenge of paramount importance. To this end, anonymous communication (AC) protocols such as the widely used Tor network have been designed to provide anonymity to their participating users. While AC protocols have been the subject of several security and anonymity analyses in the last years, there still does not exist a framework for analyzing complex systems such as Tor and their different anonymity properties in a unified manner. In this work we present AnoA: a generic framework for defining, analyzing, and quantifying anonymity properties for AC protocols. AnoA relies on a novel relaxation of the notion of (computational) differential privacy, and thereby enables a unified quantitative analysis of well-established anonymity properties, such as sender anonymity, sender unlinkability, and relationship anonymity. While an anonymity analysis in AnoA can be conducted in a purely information theoretical manner, we show that the protocol's anonymity properties established in AnoA carry over to secure cryptographic instantiations of the protocol. We exemplify the applicability of AnoA for analyzing real-life systems by conducting a thorough analysis of the anonymity properties provided by the Tor network against passive attackers. Our analysis significantly improves on known anonymity results from the literature.

[1]  Vitaly Shmatikov,et al.  Measuring relationship anonymity in mix networks , 2006, WPES '06.

[2]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[3]  Aniket Kate,et al.  (Nothing else) MATor(s): Monitoring the Anonymity of Tor's Path Selection , 2014, IACR Cryptol. ePrint Arch..

[4]  Micah Adler,et al.  Defending anonymous communications against passive logging attacks , 2003, 2003 Symposium on Security and Privacy, 2003..

[5]  Sachin Lodha,et al.  Probabilistic Anonymity , 2007, PinKDD.

[6]  Sarvar Patel,et al.  Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[7]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[8]  Moni Naor,et al.  Our Data, Ourselves: Privacy Via Distributed Noise Generation , 2006, EUROCRYPT.

[9]  Paul F. Syverson,et al.  Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[10]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[11]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[12]  George Danezis,et al.  Sphinx: A Compact and Provably Secure Mix Format , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[13]  Michael Backes,et al.  Cryptographically Sound and Machine-Assisted Verification of Security Protocols , 2003, STACS.

[14]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[15]  Joseph Y. Halpern,et al.  Anonymity and information hiding in multiagent systems , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[16]  Dennis Hofheinz,et al.  Possibility and Impossibility Results for Selective Decommitments , 2011, Journal of Cryptology.

[17]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[18]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[19]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[20]  Vitaly Shmatikov,et al.  Information Hiding, Anonymity and Privacy: a Modular Approach , 2004, J. Comput. Secur..

[21]  Bart Preneel,et al.  Reasoning About the Anonymity Provided by Pool Mixes That Generate Dummy Traffic , 2004, Information Hiding.

[22]  Douglas Wikström,et al.  A Universally Composable Mix-Net , 2004, TCC.

[23]  Bryan Ford,et al.  Dissent: accountable anonymous group messaging , 2010, CCS '10.

[24]  Erik P. de Vink,et al.  A Formalization of Anonymity and Onion Routing , 2004, ESORICS.

[25]  Joan Feigenbaum,et al.  Probabilistic analysis of onion routing in a black-box model , 2012, TSEC.

[26]  Johannes Gehrke,et al.  Crowd-Blending Privacy , 2012, IACR Cryptol. ePrint Arch..

[27]  Vitaly Shmatikov Probabilistic analysis of an anonymity system , 2004, J. Comput. Secur..

[28]  Paul F. Syverson,et al.  Group Principals and the Formalization of Anonymity , 1999, World Congress on Formal Methods.

[29]  Birgit Pfitzmann,et al.  The reactive simulatability (RSIM) framework for asynchronous systems , 2007, Inf. Comput..

[30]  George Danezis,et al.  Denial of service or denial of security? , 2007, CCS '07.

[31]  Amir Herzberg,et al.  On the limits of provable anonymity , 2013, IACR Cryptol. ePrint Arch..

[32]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[33]  Ian Goldberg,et al.  Using Sphinx to Improve Onion Routing Circuit Construction , 2010, Financial Cryptography.

[34]  Daniele Micciancio,et al.  An Indistinguishability-Based Characterization of Anonymous Channels , 2008, Privacy Enhancing Technologies.

[35]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[36]  Roger Dingledine,et al.  Performance Improvements on Tor or, Why Tor is slow and what we're going to do about it , 2009 .

[37]  Joan Feigenbaum,et al.  A Model of Onion Routing with Provable Anonymity , 2007, Financial Cryptography.

[38]  Dennis Hofheinz,et al.  GNUC: A New Universal Composability Framework , 2015, Journal of Cryptology.

[39]  Thomas Engel,et al.  Website fingerprinting in onion routing based anonymization networks , 2011, WPES.

[40]  Carmela Troncoso,et al.  Revisiting a combinatorial approach toward measuring anonymity , 2008, WPES '08.

[41]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[42]  Ana Sokolova,et al.  Information Hiding in Probabilistic Concurrent Systems , 2010, 2010 Seventh International Conference on the Quantitative Evaluation of Systems.

[43]  Claudia Díaz Anonymity Metrics Revisited , 2005, Anonymous Communication and its Applications.

[44]  Aniket Kate,et al.  Secrecy Without Perfect Randomness: Cryptography with (Bounded) Weak Sources , 2015, ACNS.

[45]  Brijesh Joshi,et al.  Touching from a distance: website fingerprinting attacks and defenses , 2012, CCS.

[46]  Douglas S. Reeves,et al.  Inter-Packet Delay Based Correlation for Tracing Encrypted Connections through Stepping Stones , 2002, ESORICS.

[47]  Omer Reingold,et al.  Computational Differential Privacy , 2009, CRYPTO.

[48]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[49]  Ian Goldberg,et al.  Changing of the guards: a framework for understanding and improving entry guard selection in tor , 2012, WPES '12.

[50]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[51]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[52]  Michael Backes,et al.  Your choice MATor(s) : large-scale quantitative anonymity assessment of Tor path selection algorithms against structural attacks , 2015, PETS 2015.

[53]  Jan Camenisch,et al.  A Formal Treatment of Onion Routing , 2005, CRYPTO.

[54]  Johannes Gehrke,et al.  Towards Privacy for Social Networks: A Zero-Knowledge Based Definition of Privacy , 2011, TCC.

[55]  Steve A. Schneider,et al.  CSP and Anonymity , 1996, ESORICS.

[56]  Harsha V. Madhyastha,et al.  LASTor: A Low-Latency AS-Aware Tor Client , 2012, IEEE/ACM Transactions on Networking.

[57]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[58]  Michael Backes,et al.  TUC: Time-Sensitive and Modular Analysis of Anonymous Communication , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[59]  Thomas Ristenpart,et al.  Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail , 2012, 2012 IEEE Symposium on Security and Privacy.

[60]  Yehuda Lindell,et al.  Session-Key Generation Using Human Passwords Only , 2001, Journal of Cryptology.

[61]  Gavin O'Gorman,et al.  Improving stream correlation attacks on anonymous networks , 2009, SAC '09.

[62]  Ian Goldberg,et al.  Provably Secure and Practical Onion Routing , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.