Skip to main content
SpringerLink
Log in

Attacks on the Basic cMix Design: On the Necessity of Commitments and Randomized Partial Checking

  • Conference paper
  • First Online:
Paradigms in Cryptology – Mycrypt 2016. Malicious and Exploratory Cryptology (Mycrypt 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10311))

Included in the following conference series:

  • 619 Accesses

Abstract

The cMix scheme was proposed by Chaum et al. in 2016 as the first practical set of cryptographic protocols that offer sender-recipient unlinkability at scale. The claim was that the cMix is secure unless all nodes collude. We argue that their assertion does not hold for the basic description of cMix, and we sustain our statement by two different types of attacks: a tagging attack and an insider attack. For each one, we discuss the settings that make the attack feasible, and then possible countermeasures. By this, we highlight the necessity of implementing additional commitments or mechanisms that have only been mentioned as additional features.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Chaum, D., Das, D., Javani, F., Kate, A., Krasnova, A., de Ruiter, J., Sherman, A.T.: cMix: anonymization by high-performance scalable mixing. Cryptology ePrint Archive, Report 2016/008 (2016). http://eprint.iacr.org/, version 20160530:183553 from 30 May 2016

  2. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)

    Article  Google Scholar 

  3. Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 137–150. Springer, Heidelberg (1996). doi:10.1007/3-540-61996-8_37

    Chapter  Google Scholar 

  4. Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free MIX routes and how to overcome them. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 30–45. Springer, Heidelberg (2001). doi:10.1007/3-540-44702-4_3

    Chapter  Google Scholar 

  5. Danezis, G., Diaz, C., Troncoso, C.: Two-sided statistical disclosure attack. In: Borisov, N., Golle, P. (eds.) PET 2007. LNCS, vol. 4776, pp. 30–44. Springer, Heidelberg (2007). doi:10.1007/978-3-540-75551-7_3

    Chapter  Google Scholar 

  6. Danezis, G., Serjantov, A.: Statistical disclosure or intersection attacks on anonymity systems. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, pp. 293–308. Springer, Heidelberg (2004). doi:10.1007/978-3-540-30114-1_21

    Chapter  Google Scholar 

  7. Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003). doi:10.1007/978-3-540-39650-5_7

    Chapter  Google Scholar 

  8. Danezis, G.: The traffic analysis of continuous-time mixes. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 35–50. Springer, Heidelberg (2005). doi:10.1007/11423409_3

    Chapter  Google Scholar 

  9. Raymond, J.-F.: Traffic analysis: protocols, attacks, design issues, and open problems. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 10–29. Springer, Heidelberg (2001). doi:10.1007/3-540-44702-4_2

    Chapter  Google Scholar 

  10. Syverson, P.F., Goldschlag, D.M., Reed, M.G.: Anonymous connections and onion routing. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy, SP 1997, Washington, DC, USA, pp. 44–54. IEEE Computer Society (1997)

    Google Scholar 

  11. Berthold, O., Langos, H.: Dummy traffic against long term intersection attacks. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 110–128. Springer, Heidelberg (2003). doi:10.1007/3-540-36467-6_9

    Chapter  Google Scholar 

  12. Brassard, G., Chaum, D., Crépeau, C.: Minimum disclosure proofs of knowledge. J. Comput. Syst. Sci. 37(2), 156–189 (1988)

    Article  MathSciNet  MATH  Google Scholar 

  13. de Ruiter, J.: Personal communication in e-mail from 28 July 2016

    Google Scholar 

  14. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985). doi:10.1007/3-540-39568-7_2

    Chapter  Google Scholar 

  15. Benaloh, J.: Simple verifiable elections. In: Proceedings of the USENIX/Accurate Electronic Voting Technology Workshop. 2006 on Electronic Voting Technology Workshop, EVT 2006, Berkeley, CA, USA, p. 5. USENIX Association (2006)

    Google Scholar 

  16. Jakobsson, M., Juels, A., Rivest, R.L.: Making mix nets robust for electronic voting by randomized partial checking. In: Proceedings of the 11th USENIX Security Symposium, Berkeley, CA, USA, pp. 339–353. USENIX Association (2002)

    Google Scholar 

  17. Khazaei, S., Wikström, D.: Randomized partial checking revisited. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 115–128. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36095-4_8

    Chapter  Google Scholar 

  18. Küsters, R., Truderung, T., Vogt, A.: Formal analysis of Chaumian mix nets with randomized partial checking. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy, SP 2014, Washington, DC, USA, pp. 343–358. IEEE Computer Society (2014)

    Google Scholar 

  19. Chaum, D., Das, D., Javani, F., Kate, A., Krasnova, A., de Ruiter, J., Sherman, A.T.: A response to... (2016)

    Google Scholar 

Download references

Acknowledgements

Herman Galteland is funded by Nasjonal sikkerhetsmyndighet (NSM), www.nsm.stat.no.

Author information

Authors and Affiliations

  1. Department of Mathematical Sciences, NTNU, Norwegian University of Science and Technology, Trondheim, Norway

    Herman Galteland

  2. Department of Information Security and Communication Technology, NTNU, Norwegian University of Science and Technology, Trondheim, Norway

    Stig F. Mjølsnes & Ruxandra F. Olimid

Authors
  1. Herman Galteland
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stig F. Mjølsnes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ruxandra F. Olimid
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Herman Galteland .

Editor information

Editors and Affiliations

  1. Multimedia University, MMU, Cyberjaya, Malaysia

    Raphaël C.-W. Phan

  2. Snapchat and Columbia University, New York, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Galteland, H., Mjølsnes, S.F., Olimid, R.F. (2017). Attacks on the Basic cMix Design: On the Necessity of Commitments and Randomized Partial Checking. In: Phan, RW., Yung, M. (eds) Paradigms in Cryptology – Mycrypt 2016. Malicious and Exploratory Cryptology. Mycrypt 2016. Lecture Notes in Computer Science(), vol 10311. Springer, Cham. https://doi.org/10.1007/978-3-319-61273-7_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-61273-7_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-61272-0

  • Online ISBN: 978-3-319-61273-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation