A pseudonymous communications infrastructure for the internet

As more and more of people's everyday activities are being conducted online, there is an ever-increasing threat to personal privacy. Every communicative or commercial transaction you perform online reveals bits of information about you that can be compiled into large dossiers, often without your permission, or even your knowledge. This work presents the design and analysis of a Pseudonymous Communications Infrastructure for the Internet, which we call a Pseudonymous IP Network, or PIP Network. This system allows parties to communicate in real time over the Internet without being forced to reveal their identities, thus forming the basis for communications and electronic commerce systems that respect the privacy of the individual. This work also presents the Nymity Slider, an abstraction that can be useful when talking about how much personally identifying information a given transaction reveals, and when designing privacy-friendly technologies. We discuss why pseudonymity, rather than anonymity, is the goal of this project. Finally, we introduce the primitive of the rendezvous server, which allows a system such as the PIP Network, which protects the privacy of the users of Internet services, to be turned around to protect the privacy of the providers of those services as well.

[1]  R. Anderson The Eternity Service , 1996 .

[2]  Lorrie Faith Cranor,et al.  Publius: A Robust, Tamper-Evident, Censorship-Resistant, and Source-Anonymous Web Publishing System , 2000, USENIX Security Symposium.

[3]  James Bamford,et al.  The Puzzle Palace , 1982 .

[4]  Pankaj Rohatgi,et al.  Can Pseudonymity Really Guarantee Privacy? , 2000, USENIX Security Symposium.

[5]  Michael R. Macedonia Distributed File Sharing: Barbarians at the Gates? , 2000, Computer.

[6]  Bruce Schneier,et al.  Reaction Attacks against several Public-Key Cryptosystems , 1999, ICICS.

[7]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[8]  R. Perlman,et al.  An overview of PKI trust models , 1999, IEEE Netw..

[9]  Ari Juels,et al.  $evwu Dfw , 1998 .

[10]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[11]  C. Stoll The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage , 1990 .

[12]  David A. Wagner,et al.  Privacy-enhancing technologies for the Internet , 1997, Proceedings IEEE COMPCON 97. Digest of Papers.

[13]  Eric A. Brewer,et al.  Cluster-based scalable network services , 1997, SOSP.

[14]  Eric A. Brewer,et al.  System Design Issues for Internet Middleware Services: Deductions from a Large Client Trace , 1997, USENIX Symposium on Internet Technologies and Systems.

[15]  Paul Francis,et al.  The IP Network Address Translator (NAT) , 1994, RFC.

[16]  Frederick Mortimer Atkinson The Associated Press , 1913 .

[17]  P. S. Tasker,et al.  DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA , 1985 .

[18]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[19]  Derek R. Atkins,et al.  Scaling the Web of Trust: Combining Kerberos and PGP to Provide Large Scale Authentication , 1995, USENIX Winter.

[20]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[21]  L. Jean Camp,et al.  Trust and Risk in Internet Commerce , 2000 .

[22]  Stephen Deering,et al.  Internet Protocol Version 6(IPv6) , 1998 .

[23]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[24]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[25]  Mike St. Johns Identification Protocol , 1993, RFC.

[26]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[27]  Andreas Pfitzmann,et al.  Networks Without User Observability: Design Options , 1985, EUROCRYPT.

[28]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[29]  L. Jean Camp,et al.  Token and Notational Money in Electronic Commerce , 1995, USENIX Workshop on Electronic Commerce.

[30]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[31]  Chris Kostick IP Masquerading with Linux: How to enable and configure IP masquerading with Linux , 1996 .

[32]  Brian Kantor,et al.  Network News Transfer Protocol , 1986, RFC.

[33]  Juha Heinänen,et al.  Multiprotocol Encapsulation over ATM Adaptation Layer 5 , 1993, RFC.

[34]  Bennet S. Yee,et al.  Anonymous Atomic Transactions , 1996 .

[35]  Ronald L. Rivest,et al.  SDSI - A Simple Distributed Security Infrastructure , 1996 .

[36]  Bill Cheswick,et al.  Firewalls and internet security - repelling the wily hacker , 2003, Addison-Wesley professional computing series.

[37]  Stephen E. Deering,et al.  Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.

[38]  W. V. Eck Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk? , 1996 .

[39]  Gene Tsudik,et al.  Mixing E-mail with Babel , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.