The Free Haven Project: Distributed Anonymous Storage Service

We present a design for a system of anonymous storage which resists the attempts of powerful adversaries to find or destroy any stored data. We enumerate distinct notions of anonymity for each party in the system, and suggest a way to classify anonymous systems based on the kinds of anonymity provided. Our design ensures the availability of each document for a publisher-specified lifetime. A reputation system provides server accountability by limiting the damage caused from misbehaving servers. We identify attacks and defenses against anonymous storage services, and close with a list of problems which are currently unsolved.

[1]  R. Anderson The Eternity Service , 1996 .

[2]  Lorrie Faith Cranor,et al.  Publius: A Robust, Tamper-Evident, Censorship-Resistant, and Source-Anonymous Web Publishing System , 2000, USENIX Security Symposium.

[3]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[4]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[5]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[6]  Gene Tsudik,et al.  Mixing E-mail with Babel , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[7]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[8]  Hannes Federrath,et al.  Anonymity and Unobservability in the Internet , 1999 .

[9]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[10]  Markus Jakobsson,et al.  A Practical Mix , 1998, EUROCRYPT.

[11]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[12]  Brian T. Sniffen Trust Economies in The Free Haven Project , 2000 .

[13]  David A. Wagner,et al.  Privacy-enhancing technologies for the Internet , 1997, Proceedings IEEE COMPCON 97. Digest of Papers.

[14]  Masayuki Abe,et al.  Universally Verifiable Mix-net with Verification Work Indendent of the Number of Mix-servers , 1998, EUROCRYPT.

[15]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[16]  Paul F. Syverson,et al.  Group Principals and the Formalization of Anonymity , 1999, World Congress on Formal Methods.

[17]  M. Stadler Publicly Veriiable Secret Sharing , 1996 .

[18]  David Mazières,et al.  The design, implementation and operation of an email pseudonym server , 1998, CCS '98.

[19]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[20]  Markus Jakobsson,et al.  Flash mixing , 1999, PODC '99.

[21]  Birgit Pfitzmann,et al.  ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead , 1991, Kommunikation in Verteilten Systemen.

[22]  Dogan Kesdogan,et al.  Stop-and-Go-MIXes Providing Probabilistic Anonymity in an Open System , 1998, Information Hiding.

[23]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[24]  Daniel R. Simon,et al.  Cryptographic defense against traffic analysis , 1993, STOC.

[25]  Andrew V. Goldberg,et al.  A prototype implementation of archival Intermemory , 1999, DL '99.

[26]  Oded Goldreich,et al.  Modern Cryptography, Probabilistic Proofs and Pseudorandomness , 1998, Algorithms and Combinatorics.

[27]  Ari Juels,et al.  Client puzzles: A cryptographic defense against connection depletion , 1999 .

[28]  Michael J. Freedman Design and Analysis of an Anonymous Communications Channel for the Free Haven Project , 2000 .

[29]  Hannes Federrath,et al.  Project “anonymity and unobservability in the Internet” , 2000, CFP '00.