Paper 2017/1000
No right to remain silent: Isolating Malicious Mixes
Hemi Leibowitz, Ania Piotrowska, George Danezis, and Amir Herzberg
Abstract
Mix networks are a key technology to achieve network anonymity and private messaging, voting and database lookups. However, simple mix network designs are vulnerable to malicious mixes, which may drop or delay packets to facilitate traffic analysis attacks. Mix networks with provable robustness address this drawback through complex and expensive proofs of correct shuffling but come at a great cost and make limiting or unrealistic systems assumptions. We present Miranda, an efficient mix-net design, which mitigates active attacks by malicious mixes. Miranda uses both the detection of corrupt mixes, as well as detection of faults related to a pair of mixes, without detection of the faulty one among the two. Each active attack - including dropping packets - leads to reduced connectivity for corrupt mixes and reduces their ability to attack, and, eventually, to detection of corrupt mixes. We show, through experiments, the effectiveness of Miranda, by demonstrating how malicious mixes are detected and that attacks are neutralized early.
Note: This version also contains appendixes.
Metadata
- Available format(s)
-
PDF
- Publication info
- Published elsewhere. Minor revision. To appear in Usenix security 2019
- Keywords
- Anonymitymix networksbyzantine attacks
- Contact author(s)
- leibo hemi @ gmail com
- History
- 2019-08-14: last of 3 revisions
- 2017-10-11: received
- See all versions
- Short URL
- https://ia.cr/2017/1000
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2017/1000,
author = {Hemi Leibowitz and Ania Piotrowska and George Danezis and Amir Herzberg},
title = {No right to remain silent: Isolating Malicious Mixes},
howpublished = {Cryptology ePrint Archive, Paper 2017/1000},
year = {2017},
note = {\url{https://eprint.iacr.org/2017/1000}},
url = {https://eprint.iacr.org/2017/1000}
}
