M2: Multicasting Mixes for Efficient and Anonymous Communication

We present a technique to achieve anonymous multicasting in mix networks to deliver content from producers to consumers. Employing multicast allows content producers to send (and mixes to forward) information to multiple consumers without repeating work for each individual consumer. In our approach, consumers register interest for content by creating paths in the mix network to the content’s producers. When possible, these paths are merged in the network so that paths destined for the same producer share a common path suffix to the producer. When a producer sends content, the content travels this common suffix toward its consumers (in the reverse direction) and "branches" into multiple messages when necessary. We detail the design of this technique and then analyze the unlinkability of our approach against a global, passive adversary who controls both the producer and some mixes. We show that there is a subtle degradation of unlinkability that arises from multicast. We discuss techniques to tune our design to mitigate this degradation while retaining the benefits of multicast.

[1]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[2]  David Mazières,et al.  The design, implementation and operation of an email pseudonym server , 1998, CCS '98.

[3]  Brian Neil Levine,et al.  A protocol for anonymous communication over the Internet , 2000, CCS.

[4]  Albert-László Barabási,et al.  Statistical mechanics of complex networks , 2001, ArXiv.

[5]  Alan M. Frieze,et al.  Random graphs , 2006, SODA '06.

[6]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[7]  Svante Janson,et al.  Random graphs , 2000, ZOR Methods Model. Oper. Res..

[8]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[9]  Svante Janson,et al.  Random graphs , 2000, Wiley-Interscience series in discrete mathematics and optimization.

[10]  Nathalie Weiler Secure anonymous group infrastructure for common and future Internet applications , 2001, Seventeenth Annual Computer Security Applications Conference.

[11]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[12]  Yossi Matias,et al.  How to Make Personalized Web Browising Simple, Secure, and Anonymous , 1997, Financial Cryptography.

[13]  Andreas Pfitzmann,et al.  Networks without user observability , 1987, Comput. Secur..

[14]  Tony Ballardie,et al.  Scalable Multicast Key Distribution , 1996, RFC.

[15]  Gene Tsudik,et al.  Mixing E-mail with Babel , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[16]  Christian Grosch,et al.  Framework for anonymity in IP-multicast environments , 2000, Globecom '00 - IEEE. Global Telecommunications Conference. Conference Record (Cat. No.00CH37137).

[17]  Andreas Pfitzmann,et al.  The Disadvantages of Free MIX Routes and how to Overcome Them , 2000, Workshop on Design Issues in Anonymity and Unobservability.