ABSTRACT
We discuss information-theoretic anonymity metrics, that use entropy over the distribution of all possible recipients to quantify anonymity. We identify a common misconception: the entropy of the distribution describing the potentialreceivers does not always decrease given more information.We show the relation of these a-posteriori distributions with the Shannon conditional entropy, which is an average overall possible observations.
- Dakshi Agrawal and Dogan Kesdogan. Measuring anonymity: The disclosure attack. IEEE Security & Privacy, 1(6):27--34, 2003.Google ScholarDigital Library
- David Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84--88, 1981. Google ScholarDigital Library
- Sebastian Clauß. A framework for quantification of linkability within a privacy-enhancing identity management system. In Emerging Trends in Information and Communication Security, pages 191--205. Springer, LNCS 3995, 2006. Google ScholarDigital Library
- Sebastian Clauß and Stefan Schiffner. Structuring anonymity metrics. Proceedings of the ACM Workshop on Digital Identity Management, pages 55--62, 2006. Google ScholarDigital Library
- George Danezis. Statistical disclosure attacks: Traffic conformation in open environments. In Proceedings of Security and Privacy in the Age of Uncertainty, (SEC2003), pages 421--426. Kluwer, 2003.Google ScholarCross Ref
- George Danezis and Andrei Serjantov. Statistical disclosure or intersection attacks on anonymity systems. In Information Hiding, pages 293--308. Springer, LNCS 3200, 2004.Google ScholarDigital Library
- Claudia Diaz, Joris Claessens, Stefaan Seys, and Bart Preneel. Information theory and anonymity. In B. Macq and J.-J. Quisquater, editors, Werkgemeenschap voor Informatie en Communicatietheorie, pages 179--186, 2002.Google Scholar
- Claudia Diaz and Bart Preneel. Reasoning about the anonymity provided by pool mixes that generate dummy traffic. In Information Hiding, pages 309--325. Springer, LNCS 3200, 2004.Google ScholarDigital Library
- Claudia Diaz and Andrei Serjantov. Generalising mixes. In Designing Privacy Enhancing Technologies, Proceedings of PET'03, pages 18--31. Springer-Verlag, LNCS 2760, 2003.Google Scholar
- Claudia Diaz, Stefaan Seys, Joris Claessens, and Bart Preneel. Towards measuring anonymity. In Designing Privacy Enhancing Technologies, Proceedings of PET'02, pages 54--68. Springer-Verlag, LNCS 2482, 2002.Google Scholar
- Dogan Kesdogan and Lexi Pimenidis. The hitting set attack on anonymity protocols. In Information Hiding, pages 326--339. Springer, LNCS 3200, 2004.Google ScholarDigital Library
- Nick Mathewson and Roger Dingledine. Practical traffic analysis: Extending and resisting statistical disclosure. In Privacy Enhancing Technologies, pages 17--34. Springer, LNCS 3424, 2004.Google Scholar
- Andreas Pfitzmann and Marit Hansen. Anonymity, unobservability and pseudonymity - a proposal for terminology. In Designing Privacy Enhancing Technologies, Proceedings of PET'00, pages 1--9. Springer-Verlag, LNCS 2009, 2001. Google ScholarDigital Library
- Alfred Rényi. On measures of entropy and information. Proceedings of the Fourth Berkeley Symposium Mathematical Statistics and Probability, 1:547--561, 1961.Google Scholar
- Andrei Serjantov and George Danezis. Towards an information theoretic metric for anonymity. In Designing Privacy Enhancing Technologies, Proceedings of PET'02, pages 41--53. Springer-Verlag, LNCS 2482, 2002.Google Scholar
- Claude Shannon. A mathematical theory of communication. The Bell System Technical Journal, 27:379--423:623--656, 1948.Google ScholarCross Ref
- Sandra Steinbrecher and Stefan KÄopsell. Modelling unlinkability. In Designing Privacy Enhancing Technologies, Proceedings of PET'03, pages 32--47. Springer-Verlag, LNCS 2760, 2003.Google Scholar
- Gergely Tóth, Zoltán Hornák, and Ferenc Vajda. Measuring anonymity revisited. In Proceedings of the Ninth Nordic Workshop on Secure IT Systems, pages 85--90, 2004.Google Scholar
Index Terms
- Does additional information always reduce anonymity?
Recommendations
Structuring anonymity metrics
DIM '06: Proceedings of the second ACM workshop on Digital identity managementThis paper structures different anonymity metrics. We show that there is no single all-purpose metric for anonymity. We present different models for anonymity metrics on the network layer and on the application layer, and propose a way to merge these ...
Measuring Anonymity by Profiling Probability Distributions
TRUSTCOM '12: Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and CommunicationsWe present a graphical framework containing certain infinite profiles of probability distributions resulting from attacks on anonymity systems. We represent all currently popular anonymity metrics within our framework to show that existing metrics base ...
Efficiency analysis of information theoretic measures in image registration
Efficiency analysis of some information theoretic measures that can be used in image registration as objective functions is carried out. Shannon mutual information, Renyi and Tsallis entropy are examined using synthesized images with correlation ...
Comments