Results 1 - 10
of
60
Anonymity and Information Hiding in Multiagent Systems
, 2003
"... We provide a framework for reasoning about information-hiding requirements in multiagent systems and for reasoning about anonymity in particular. Our framework employs the modal logic of knowledge within the context of the runs and systems framework, much in the spirit of our earlier work on secrecy ..."
Abstract
-
Cited by 97 (2 self)
- Add to MetaCart
We provide a framework for reasoning about information-hiding requirements in multiagent systems and for reasoning about anonymity in particular. Our framework employs the modal logic of knowledge within the context of the runs and systems framework, much in the spirit of our earlier work on secrecy [9]. We give several definitions of anonymity with respect to agents, actions, and observers in multiagent systems, and we relate our definitions of anonymity to other definitions of information hiding, such as secrecy. We also give probabilistic definitions of anonymity that are able to quantify an observer's uncertainty about the state of the system. Finally, we relate our definitions of anonymity to other formalizations of anonymity and information hiding, including definitions of anonymity in the process algebra CSP and definitions of information hiding using function views.
Weak probabilistic anonymity
- INRIA FUTURS AND LIX
, 2005
"... Anonymity means that the identity of the user performing a certain action is maintained secret. The protocols for ensuring anonymity often use random mechanisms which can be described probabilistically. In this paper we propose a notion of weak probabilistic anonymity, where weak refers to the fact ..."
Abstract
-
Cited by 49 (11 self)
- Add to MetaCart
(Show Context)
Anonymity means that the identity of the user performing a certain action is maintained secret. The protocols for ensuring anonymity often use random mechanisms which can be described probabilistically. In this paper we propose a notion of weak probabilistic anonymity, where weak refers to the fact that some amount of probabilistic information may be revealed by the protocol. This information can be used by an observer to infer the likeliness that the action has been performed by a certain user. The aim of this work is to study the degree of anonymity that the protocol can still ensure, despite the leakage of information. We illustrate our ideas by using the example of the dining cryptographers with biased coins. We consider both the cases of nondeterministic and probabilistic users. Correspondingly, we propose two notions of weak anonymity and we investigate their respective dependencies on the biased factor of the coins.
On the Anonymity of Anonymity Systems
, 2004
"... Anonymity on the Internet is a property commonly identified with privacy of electronic communications. A number of different systems exist which claim to provide anonymous email and web browsing, but their effectiveness has hardly been evaluated in practice. In this thesis we focus on the anonymity ..."
Abstract
-
Cited by 23 (2 self)
- Add to MetaCart
Anonymity on the Internet is a property commonly identified with privacy of electronic communications. A number of different systems exist which claim to provide anonymous email and web browsing, but their effectiveness has hardly been evaluated in practice. In this thesis we focus on the anonymity properties of such systems. First, we show how the anonymity of anonymity systems can be quantified, pointing out flaws with existing metrics and proposing our own. In the process we distinguish the anonymity of a message and that of an anonymity system. Secondly, we focus on the properties of building blocks of mix-based (email) anonymity systems, evaluating their resistance to powerful blending attacks, their delay, their anonymity under normal conditions and other properties. This leads us to methods of computing anonymity for a particular class of mixes – timed mixes – and a new binomial mix. Next, we look at the anonymity of a message going through an entire anonymity system based on a mix network architecture. We construct a semantics of a network with threshold mixes, define the information observable by an attacker, and give a
Probabilistic Analysis of Onion Routing in a Black-box Model
- in Proc. of WPES 2007
"... We perform a probabilistic analysis of onion routing. The analysis is presented in a black-box model of anonymous communication that abstracts the essential properties of onion routing in the presence of an active adversary that controls a portion of the network and knows all a priori distributions ..."
Abstract
-
Cited by 20 (7 self)
- Add to MetaCart
(Show Context)
We perform a probabilistic analysis of onion routing. The analysis is presented in a black-box model of anonymous communication that abstracts the essential properties of onion routing in the presence of an active adversary that controls a portion of the network and knows all a priori distributions on user choices of destination. Our results quantify how much the adversary can gain in identifying users by exploit-ing knowledge of their probabilistic behavior. In particular, we show that a user u’s anonymity is worst either when the other users always choose the destination u is least likely to visit or when the other users always choose the destination u chooses. This worst-case anonymity with an adversary that controls a fraction b of the routers is comparable to the best-case anonymity against an adversary that controls a fraction√ b.
Measuring anonymity with relative entropy
- In Proceedings of the 4th International Workshop on Formal Aspects in Security and Trust, volume 4691 of LNCS
, 2007
"... Abstract. Anonymity is the property of maintaining secret the identity of users performing a certain action. Anonymity protocols often use random mechanisms which can be described probabilistically. In this paper, we propose a probabilistic process calculus to describe protocols for ensuring anonymi ..."
Abstract
-
Cited by 20 (2 self)
- Add to MetaCart
(Show Context)
Abstract. Anonymity is the property of maintaining secret the identity of users performing a certain action. Anonymity protocols often use random mechanisms which can be described probabilistically. In this paper, we propose a probabilistic process calculus to describe protocols for ensuring anonymity, and we use the notion of relative entropy from information theory to measure the degree of anonymity these protocols can guarantee. Furthermore, we prove that the operators in the probabilistic process calculus are non-expansive, with respect to this measuring method. We illustrate our approach by using the example of the Dining Cryptographers Problem. 1
Towards modeling wireless location privacy
- In Proceedings of PET
, 2005
"... Abstract. The lack of a formal model in wireless location privacy protection research makes it difficult to evaluate new location privacy protection proposals, and difficult to utilize existing research results in anonymous communication into this new problem. In this paper, we analyze a wireless lo ..."
Abstract
-
Cited by 19 (3 self)
- Add to MetaCart
Abstract. The lack of a formal model in wireless location privacy protection research makes it difficult to evaluate new location privacy protection proposals, and difficult to utilize existing research results in anonymous communication into this new problem. In this paper, we analyze a wireless location privacy protection system (W LP 2 S), and generalize it to a MIX based formal model, which includes a MIX, a set of MIX’s user, and a intruder of MIX. In addition, we also use information theory approach to define anonymity and measures of this model, and describe the characteristics of observation process in W LP 2 S in detail. Two benefits arise from our model. Firstly, it provides a means of evaluating the privacy level of proposed location privacy protection protocols. We use the measures of proposed formal model to study the performance of our novel silent period technique. Simulation results reveal the role of many parameters-such as users ’ mobility pattern and intruders ’ tracking accuracy- on users ’ privacy level. The results shed more light on improving our defense protocol. Secondly, our approach provides a link between existing defense and attack protocols in MIX research and the new location privacy protection problem. By utilizing the formal model, we conducted preliminary studies in identifying potential attacks, and improve the performance of existing defense protocol. This study results an extension of existing defense protocols. Those simulation and analytical results demonstrates the promising potential of our model. 1
Epistemic Logic for the Applied Pi Calculus ⋆
"... Abstract. We propose an epistemic logic for the applied pi calculus, which is a variant of the pi calculus with extensions for modeling cryptographic protocols. In such a calculus, the security guarantees are usually stated as equivalences. While process calculi provide a natural means to describe t ..."
Abstract
-
Cited by 18 (0 self)
- Add to MetaCart
(Show Context)
Abstract. We propose an epistemic logic for the applied pi calculus, which is a variant of the pi calculus with extensions for modeling cryptographic protocols. In such a calculus, the security guarantees are usually stated as equivalences. While process calculi provide a natural means to describe the protocols themselves, epistemic logics are often better suited for expressing certain security properties such as secrecy and anonymity. We intend to bridge the gap between these two approaches: using the set of traces generated by a process as models, we define a logic which has constructs for reasoning about both intruder’s epistemic knowledge and the set of messages in possession of the intruder. As an example we consider two formalizations of privacy in electronic voting and study the relationship between them. 1
A framework for automatically checking anonymity with mcrl
- In Proceedings TGC’06, LNCS
, 2007
"... Abstract. We present a powerful and flexible method for automatically checking anonymity in a possibilistic general-purpose process algebraic verification toolset. We propose new definitions of a choice anonymity degree and a player anonymity degree, to quantify the precision with which an intruder ..."
Abstract
-
Cited by 15 (8 self)
- Add to MetaCart
(Show Context)
Abstract. We present a powerful and flexible method for automatically checking anonymity in a possibilistic general-purpose process algebraic verification toolset. We propose new definitions of a choice anonymity degree and a player anonymity degree, to quantify the precision with which an intruder is able to single out the true originator of a given event or to associate the right event to a given protocol participant. We show how these measures of anonymity can be automatically calculated from a protocol specification in µCRL, by using a combination of dedicated tools and existing state-of-the-art µCRLtools. To illustrate the flexibility of our method we test the Dining Cryptographers problem and the FOO 92 voting protocol. Our definitions of anonymity provide an accurate picture of the different ways that anonymity can break down, due for instance to coallitions of inside intruders. Our calculations can be performed on a cluster of machines, allowing us to check protocols for large numbers of participants. 1
Indistinguishability-based Characterization of Anonymous Channels
- IN PROC. OF PRIVACY ENHANCING TECHNOLOGIES WORKSHOP – PET ’ 08, VOLUME 5??? OF LNCS
, 2008
"... We revisit the problem of anonymous communication, in which users wish to send messages to each other without revealing their identities. We propose a novel framework to organize and compare anonymity definitions. In this framework, we present simple and practical definitions for anonymous channels ..."
Abstract
-
Cited by 13 (0 self)
- Add to MetaCart
(Show Context)
We revisit the problem of anonymous communication, in which users wish to send messages to each other without revealing their identities. We propose a novel framework to organize and compare anonymity definitions. In this framework, we present simple and practical definitions for anonymous channels in the context of computational indistinguishability. The notions seem to capture the intuitive properties of several types of anonymous channels (Pfitzmann and Köhntopp 2001) (eg. sender anonymity and unlinkability). We justify these notions by showing they naturally capture practical scenarios where information is unavoidably leaked in the system. Then, we compare the notions and we show they form a natural hierarchy for which we exhibit non-trivial implications. In particular, we show how to implement stronger notions from weaker ones using cryptography and dummy traffic – in a provably optimal way. With these tools, we revisit the security of previous anonymous channels protocols, in particular constructions based on broadcast networks (Blaze et al. 2003), anonymous broadcast (Chaum 1981), and mix networks (Groth 2003, Nguyen et al. 2004). Our results give generic, optimal constructions to
Operational and Epistemic Approaches to Protocol Analysis: Bridging the Gap
"... Abstract. Operational models of (security) protocols, on one hand, are readable and conveniently match their implementation (at a certain abstraction level). Epistemic models, on the other hand, are appropriate for specifying knowledge-related properties such as anonymity or secrecy. These two appro ..."
Abstract
-
Cited by 13 (5 self)
- Add to MetaCart
(Show Context)
Abstract. Operational models of (security) protocols, on one hand, are readable and conveniently match their implementation (at a certain abstraction level). Epistemic models, on the other hand, are appropriate for specifying knowledge-related properties such as anonymity or secrecy. These two approaches to specification and verification have so far developed in parallel and one has either to define ad hoc correctness criteria for the operational model or use complicated epistemic models to specify the operational behavior. We work towards bridging this gap by proposing a combined framework which allows for modeling the behavior of a protocol in a process language with an operational semantics and supports reasoning about properties expressed in a rich logic which combines temporal and epistemic operators. 1