The pynchon gate: a secure method of pseudonymous mail retrieval

We describe the Pynchon Gate, a practical pseudonymous message retrieval system. Our design uses a simple distributed-trust private information retrieval protocol to prevent adversaries from linking recipients to their pseudonyms, even when some of the infrastructure has been compromised. This approach resists global traffic analysis significantly better than existing deployed pseudonymous email solutions, at the cost of additional bandwidth. We examine security concerns raised by our model, and propose solutions.

[1]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[2]  Mark R. Horton Standard for interchange of USENET messages , 1983, RFC.

[3]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[4]  Odhiambo-orlale From a trickle to a flood. , 1989, The IDRC reports.

[5]  David A. Cooper,et al.  Preserving privacy in a network of mobile computers , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[6]  Daniel Bleichenbacher,et al.  Generating EIGamal Signatures Without Knowing the Secret Key , 1996, EUROCRYPT.

[7]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[8]  Jon Callas,et al.  OpenPGP Message Format , 1998, RFC.

[9]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[10]  David Mazières,et al.  The design, implementation and operation of an email pseudonym server , 1998, CCS '98.

[11]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[12]  T. Dierks,et al.  The TLS protocol , 1999 .

[13]  Mark Day,et al.  Instant Messaging / Presence Protocol Requirements , 2000, RFC.

[14]  Roger Dingledine,et al.  The Free Haven Project: Distributed Anonymous Storage Service , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[15]  Ian Goldberg,et al.  A pseudonymous communications infrastructure for the internet , 2000 .

[16]  Andreas Pfitzmann,et al.  The Disadvantages of Free MIX Routes and how to Overcome Them , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[17]  Hannes Federrath,et al.  Web MIXes: A System for Anonymous and Unobservable Internet Access , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[18]  Stefan Köpsell,et al.  Efficiency Improvements of the Private Message Service , 2001, Information Hiding.

[19]  Yuval Ishai,et al.  Breaking the O(n/sup 1/(2k-1)/) barrier for information-theoretic Private Information Retrieval , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[20]  Len Sassaman The Promise of Privacy , 2002, LISA.

[21]  Ian Goldberg,et al.  Privacy-Enhancing Technologies for the Internet, II: Five Years Later , 2002, Privacy Enhancing Technologies.

[22]  Roger Dingledine,et al.  From a Trickle to a Flood: Active Attacks on Several Mix Types , 2002, Information Hiding.

[23]  Markus Jakobsson,et al.  Reusable anonymous return channels , 2003, WPES '03.

[24]  G Danezis,et al.  Statistical disclosure attacks: Traffic confirmation in open environments , 2003 .

[25]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[26]  B. Cohen,et al.  Incentives Build Robustness in Bit-Torrent , 2003 .

[27]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[28]  Roger Dingledine,et al.  On the Economics of Anonymity , 2003, Financial Cryptography.

[29]  A. Juels,et al.  Universal Re-encryption for Mixnets , 2004, CT-RSA.

[30]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[31]  Claudia Díaz,et al.  Comparison Between Two Practical Mix Designs , 2004, ESORICS.

[32]  George Danezis,et al.  Minx: a simple and efficient anonymous packet format , 2004, WPES '04.

[33]  U Moeller,et al.  Mixmaster Protocol Version 2 , 2004 .

[34]  G. Danezis Better anonymous communications , 2004 .

[35]  Nick Mathewson,et al.  Practical Traffic Analysis: Extending and Resisting Statistical Disclosure , 2004, Privacy Enhancing Technologies.

[36]  George Danezis,et al.  The Traffic Analysis of Continuous-Time Mixes , 2004, Privacy Enhancing Technologies.

[37]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).