Abstract

This work investigates the fundamental constraints of anonymous communication (AC) protocols. We analyze the relationship between bandwidth overhead, latency overhead, and sender anonymity or recipient anonymity against the global passive (network-level) adversary. We confirm the trilemma that an AC protocol can only achieve two out of the following three properties: strong anonymity (i.e., anonymity up to a negligible chance), low bandwidth overhead, and low latency overhead. We further study anonymity against a stronger global passive adversary that can additionally passively compromise some of the AC protocol nodes. For a given number of compromised nodes, we derive necessary constraints between bandwidth and latency overhead whose violation make it impossible for an AC protocol to achieve strong anonymity. We analyze prominent AC protocols from the literature and depict to which extent those satisfy our necessary constraints. Our fundamental necessary constraints offer a guideline not only for improving existing AC systems but also for designing novel AC protocols with non-traditional bandwidth and latency overhead choices.

Highlights

  • Millions of users from all over the world employ anonymous communication networks, such as Tor [1], to protect their privacy over the Internet

  • “Can we prove that strong anonymity cannot be achieved without introducing large latency or bandwidth overhead? When we wish to introduce the latency and bandwidth overheads simultaneously, do we know the overhead range values that still fall short at providing stronger anonymity?”

  • We show in Lemma 2 that the protocols have a bandwidth overhead of β and a latency overhead of

Read more

Summary

INTRODUCTION

Millions of users from all over the world employ anonymous communication networks, such as Tor [1], to protect their privacy over the Internet. We derive upper bounds on anonymity as functions of bandwidth overhead and latency overhead, against two prominent adversary classes: global passive network-level adversaries and strictly stronger adversaries that (passively) compromise some protocol parties (e.g., relays in case of Tor). These bounds constitute necessary constraints for anonymity. Designers of new AC protocols can use our necessary constraints as guidelines for avoiding bad trade-off between latency and bandwidth-overhead

Formalization and Adversary Model
Brief Overview of the Proof Technique
Scenarios and Lower Bounds
Interpretation and Interesting Cases
Related Work
AnoA-Style Anonymity Definition
User Distributions
A PROTOCOL MODEL FOR AC PROTOCOLS
Protocol Model
Expressing Protocols
Construction of a Concrete Adversary
Protocol Invariants
Ideal Protocol
SYNCHRONIZED USERS WITH NON-COMPROMISING ADVERSARIES
Lower Bound on Adversarial Advantage
Impossibility for Strong Anonymity
SYNCHRONIZED USERS WITH PARTIALLY COMPROMISING ADVERSARIES
UNSYNCHRONIZED USERS WITH NON-COMPROMISING ADVERSARIES
VIII. UNSYNCHRONIZED USERS WITH PARTIALLY COMPROMISING ADVERSARIES
RECIPIENT ANONYMITY
IMPLICATIONS
CONCLUSION AND FUTURE WORK
Expressing Protocols in the petri net model
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call