## A reputation system to increase MIX-net reliability (2001)

### Cached

### Download Links

- [freehaven.net]
- [www.ovmj.org]
- [www.freehaven.net]
- [www.freehaven.net]
- [freehaven.net]
- [freehaven.net]
- DBLP

### Other Repositories/Bibliography

Venue: | Information Hiding (IH 2001 |

Citations: | 50 - 12 self |

### BibTeX

@INPROCEEDINGS{Dingledine01areputation,

author = {Roger Dingledine and Michael J. Freedman and David Hopwood and David Molnar},

title = {A reputation system to increase MIX-net reliability},

booktitle = {Information Hiding (IH 2001},

year = {2001},

pages = {126--141},

publisher = {Springer-Verlag, LNCS}

}

### OpenURL

### Abstract

Abstract. We describe a design for a reputation system that increases the reliability and thus efficiency of remailer services. Our reputation system uses a MIX-net in which MIXes give receipts for intermediate messages. Together with a set of witnesses, these receipts allow senders to verify the correctness of each MIX and prove misbehavior to the witnesses. We suggest a simple model and metric for evaluating the reliability of a MIX-net, and show that our reputation system improves over randomly picking MIX paths while maintaining anonymity. 1

### Citations

1208 | Untraceable Electronic Mail, Return Addresses and Digital Pseudonyms
- Chaum
- 1981
(Show Context)
Citation Context ... model. Finally, we close in Section 8 with a discussion of possible directions for future research. 2 Related Work 2.1 MIX-nets Chaum introduced the concept of a MIX-net for anonymous communications =-=[3]-=-. A MIX-net consists of a series of servers, called MIXes, each of which is associated with a public key. Each MIX receives encrypted messages. These messages are then decrypted, batched, their order ... |

455 | Relations among notions of security for public-key encryption schemes
- Bellare, Desai, et al.
- 1998
(Show Context)
Citation Context ...Algorithms We require two public key schemes: a public-key encryption scheme, which should be semantically secure under adaptive chosen ciphertext attack (equivalent to IND-CCA2 in the definitions of =-=[2]-=-) 1 , and a publickey signature scheme, which should be existentially unforgeable under adaptive chosen message attack. The encryption scheme is modelled as a key pair generation algorithm GE, a rando... |

161 | Mixing E-mail with BABEL
- Gulcu, Tsudik
- 1996
(Show Context)
Citation Context ...], or “Type II” remailers, which added message padding, message pools, and other MIX features lacking in the cypherpunk remailers. At about the same time, Gulcu and Tsudik introduced the Babel system =-=[7]-=-, which also created a practical remailer design (although one that never saw widespread use). Producing properly formatted remailer messages by hand is a difficult and error-prone task. The program P... |

89 | Stop-and-go MIXes: Providing probabilistic anonymity in an open system
- Kesdogan, Egner, et al.
- 1998
(Show Context)
Citation Context ...ssive adversary gives negliglible advantage over guessing in linking messages with their senders and receivers. Work on MIX-nets is ongoing. Current research directions include “stop-and-go” MIX-nets =-=[10]-=-, distributed “flash MIXes” [9] and their weaknesses [4, 16], and hybrid MIXes [17]. Previous work primarily investigates a notion of the robustness of MIX-nets in the context of a distributed MIX sys... |

66 | Flash mixing
- Jakobsson
- 1998
(Show Context)
Citation Context ...eral approaches to the problem of unreliability are possible. One approach is to write more reliable software [20]. Another approach is to build MIX protocols that give provable robustness guarantees =-=[4, 9, 16]-=-. Our approach is to build a reputation system to track MIX reliability, and to modify the MIX protocol to support this system. Because users choose paths based on the published scores for each MIX, t... |

34 | A length-invariant hybrid mix
- Ohkubo, Abe
- 2000
(Show Context)
Citation Context ...their senders and receivers. Work on MIX-nets is ongoing. Current research directions include “stop-and-go” MIX-nets [10], distributed “flash MIXes” [9] and their weaknesses [4, 16], and hybrid MIXes =-=[17]-=-. Previous work primarily investigates a notion of the robustness of MIX-nets in the context of a distributed MIX system [9]. A MIX is considered robust if it survives the failure of any k of n partic... |

28 | Attack for flash MIX
- Mitomo, Kurosawa
- 2000
(Show Context)
Citation Context ...eral approaches to the problem of unreliability are possible. One approach is to write more reliable software [20]. Another approach is to build MIX protocols that give provable robustness guarantees =-=[4, 9, 16]-=-. Our approach is to build a reputation system to track MIX reliability, and to modify the MIX protocol to support this system. Because users choose paths based on the published scores for each MIX, t... |

26 |
Randomized rounding
- Raghavanand, Thompson
- 1987
(Show Context)
Citation Context ...may lag behind current network state. We turn to approximation algorithms to solve such multicommodity UFP in practically efficient polynomial time. A classic technique, Raghavan’s rounding algorithm =-=[18]-=-, may be used for this general class of flow problems, provided that maximum demands are logarithmically smaller than the minimum capacity of a path. For client-selected MIX paths, the users themselve... |

19 |
Universally verifiable MIX with verification work independent of the number of MIX servers
- Abe
(Show Context)
Citation Context ...ut the efficacy of this fix remains to be evaluated. A different approach was taken by Desmedt and Kurosawa [4], but their technique requires many participating servers. Other work, such as Abe’s MIX =-=[1]-=-, provides universal verifiability in which any observer can determine after the fact whether a MIX cheated or not, but the protocol is still computationally expensive. Our notion of reliability diffe... |

16 |
Advogato Trust Metric
- Levien
- 2003
(Show Context)
Citation Context ...crease confidence in positive ratings One approach to making positive ratings more reliable (and thus more meaningful) is to build a graph based on rater credibility such as that employed by Advogato =-=[11]-=-. Similar to the PGP web of trust, this technique builds a directed graph where edge weights represent trust that one vertex places in the other; in our case, each vertex would be a MIX. Calculating m... |

5 |
Press release
- Helsingius
- 1995
(Show Context)
Citation Context ...ns of MIXes were produced by the cypherpunks mailing list. These “Type I” anonymous remailers were inspired both by theoretical work on MIXes and by the problems surrounding the anon.penet.fi service =-=[8]-=-. Hughes wrote the first cypherpunks anonymous remailer [13]; Finney followed closely with a collection of scripts which used Phil Zimmerman’s PGP to encrypt and decrypt remailed messages. While these... |

3 |
Description of Levien's pinging service
- May
(Show Context)
Citation Context ...for other parties to duplicate their actions, thus gaining confidence that they are behaving honestly. 5 Reputation Systems Reputations have been suggested as a means of improving MIX-net reliability =-=[12, 14]-=-. To date, discussions of reputation systems in the context of MIX-nets have been vague. We now specify what we mean by a reputation system in the context of a MIX-net, and investigate a specific desi... |

3 | Universally veri MIX with veri work independent of the number of MIX servers - Abe - 1998 |

2 |
Description of early remailer history. E-mail archived at www.inet-one.com/cypherpunks/dir.1996.08.29-1996.09.04/msg00431.html
- May
(Show Context)
Citation Context ...These “Type I” anonymous remailers were inspired both by theoretical work on MIXes and by the problems surrounding the anon.penet.fi service [8]. Hughes wrote the first cypherpunks anonymous remailer =-=[13]-=-; Finney followed closely with a collection of scripts which used Phil Zimmerman’s PGP to encrypt and decrypt remailed messages. While these “Type I” remailers did not include crucial MIX features, su... |

2 | Selective denial of service attacks. vuln.html - RProcess |

1 |
Bashinski et al. The NymIP effort
- John
(Show Context)
Citation Context ...ow optimization viewpoint. – Can we achieve some further measure of reliability (or resource management) through the use of electronic cash or similar accountability measures? Indeed, the NymIP group =-=[5]-=- has a long list of similar improvements that need to be further analyzed and developed. – Can we make a reputation system that is both efficient and universally verifiable? Currently, only Alice can ... |

1 |
Selective denial of service attacks. 09 DoS remail vuln.html
- RProcess
(Show Context)
Citation Context ...nd their traffic patterns, which in turn reduces the anonymity these networks provide. Several approaches to the problem of unreliability are possible. One approach is to write more reliable software =-=[20]-=-. Another approach is to build MIX protocols that give provable robustness guarantees [4, 9, 16]. Our approach is to build a reputation system to track MIX reliability, and to modify the MIX protocol ... |