Anonymous Symmetric-Key Communication

We study anonymity of probabilistic encryption (pE) and probabilistic authenticated encryption (pAE). We start by providing concise game-based security definitions capturing anonymity for both pE and pAE, and then show that the commonly used notion of indistinguishability from random ciphertexts (IND$) indeed implies the anonymity notions for both pE and pAE. This is in contrast to a recent work of Chan and Rogaway (Asiacrypt 2019), where it is shown that IND$-secure nonce-based authenticated encryption can only achieve anonymity if a sophisticated transformation is applied. Moreover, we also show that the Encrypt-then-MAC paradigm is anonymity-preserving, in the sense that if both the underlying probabilistic MAC (pMAC) and pE schemes are anonymous, then also the resulting pAE scheme is. Finally, we provide a composable treatment of anonymity using the constructive cryptography framework of Maurer and Renner (ICS 2011). We introduce adequate abstractions modeling various kinds of anonymous communication channels for many senders and one receiver in the presence of an active man-in-the-middle adversary. Then we show that the game-based notions indeed are anonymity-preserving, in the sense that they imply constructions between such anonymous channels, thus generating authenticity and/or confidentiality as expected, but crucially retaining anonymity if present

HORNET: High-speed Onion Routing at the Network Layer

We present HORNET, a system that enables high-speed end-to-end anonymous channels by leveraging next generation network architectures. HORNET is designed as a low-latency onion routing system that operates at the network layer thus enabling a wide range of applications. Our system uses only symmetric cryptography for data forwarding yet requires no per-flow state on intermediate nodes. This design enables HORNET nodes to process anonymous traffic at over 93 Gb/s. HORNET can also scale as required, adding minimal processing overhead per additional anonymous channel. We discuss design and implementation details, as well as a performance and security evaluation.Comment: 14 pages, 5 figure

A-MAKE: an efficient, anonymous and accountable authentication framework for WMNs

In this paper, we propose a framework, named as A-MAKE, which efficiently provides security, privacy, and accountability for communications in wireless mesh networks. More specifically, the framework provides an anonymous mutual authentication protocol whereby legitimate users can connect to network from anywhere without being identified or tracked. No single party (e.g., network operator) can violate the privacy of a user, which is provided in our framework in the strongest sense. Our framework utilizes group signatures, where the private key and the credentials of the users are generated through a secure three-party protocol. User accountability is implemented via user revocation protocol that can be executed by two semitrusted authorities, one of which is the network operator. The assumptions about the trust level of the network operator are relaxed. Our framework makes use of much more efficient signature generation and verification algorithms in terms of computation complexity than their counterparts in literature, where signature size is comparable to the shortest signatures proposed for similar purposes so far

AnonPri: A Secure Anonymous Private Authentication Protocol for RFID Systems

Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users\u27 privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique is to perform group-based authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This novel authentication scheme ensures privacy of the tags. However, the level of privacy provided by the scheme decreases as more and more tags are compromised. To address this issue, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mentioned group based scheme and achieves better efficiency (in terms of providing privacy) than the approaches that prompt the reader to perform an exhaustive search. Our protocol guarantees that the adversary cannot link the tag responses even if she can learn the identifier of the tags. Our evaluation results demonstrates that the level of privacy provided by AnonPri is higher than that of the group based authentication technique

AnonPri: A Secure Anonymous Private Authentication Protocol for RFID Systems

Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users\u27 privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique is to perform group-based authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This novel authentication scheme ensures privacy of the tags. However, the level of privacy provided by the scheme decreases as more and more tags are compromised. To address this issue, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mentioned group based scheme and achieves better efficiency (in terms of providing privacy) than the approaches that prompt the reader to perform an exhaustive search. Our protocol guarantees that the adversary cannot link the tag responses even if she can learn the identifier of the tags. Our evaluation results demonstrates that the level of privacy provided by AnonPri is higher than that of the group based authentication technique

Introducing Accountability to Anonymity Networks

Many anonymous communication (AC) networks rely on routing traffic through proxy nodes to obfuscate the originator of the traffic. Without an accountability mechanism, exit proxy nodes risk sanctions by law enforcement if users commit illegal actions through the AC network. We present BackRef, a generic mechanism for AC networks that provides practical repudiation for the proxy nodes by tracing back the selected outbound traffic to the predecessor node (but not in the forward direction) through a cryptographically verifiable chain. It also provides an option for full (or partial) traceability back to the entry node or even to the corresponding user when all intermediate nodes are cooperating. Moreover, to maintain a good balance between anonymity and accountability, the protocol incorporates whitelist directories at exit proxy nodes. BackRef offers improved deployability over the related work, and introduces a novel concept of pseudonymous signatures that may be of independent interest. We exemplify the utility of BackRef by integrating it into the onion routing (OR) protocol, and examine its deployability by considering several system-level aspects. We also present the security definitions for the BackRef system (namely, anonymity, backward traceability, no forward traceability, and no false accusation) and conduct a formal security analysis of the OR protocol with BackRef using ProVerif, an automated cryptographic protocol verifier, establishing the aforementioned security properties against a strong adversarial model