ABSTRACT
We describe a new method for protecting the anonymity of message receivers in an untrusted network. Surprisingly, existing methods fail to provide the required level of anonymity for receivers (although those methods do protect sender anonymity). Our method relies on the use of multicast, along with a novel cryptographic primitive that we call an Incomparable Public Key cryptosystem, which allows a receiver to efficiently create many anonymous "identities" for itself without divulging that these separate "identities" actually refer to the same receiver, and without increasing the receiver's workload as the number of identities increases. We describe the details of our method, along with a prototype implementation.
- Mihir Bellare, Alexandra Boldyreva, Anand Desai, and D. Pointcheval. Key-privacy in public-key encryption. Lecture Notes in Computer Science, 2248, 2001.]] Google ScholarDigital Library
- Mihir Bellare and Chanathip Namprempre. Authenticated Encryption: Relations among notions and analysis of the generic composition paradigm. Advances in Cryptology - Asiacrypt 2000 Proceedings, Lecture Notes in Computer Science, 1976, 2000.]] Google ScholarDigital Library
- Jon Callas, Lutz Donnerhacke, Hal Finney, and Rodney Thayer. RFC 2440: OpenPGP message format, November 1998. Status: PROPOSED STANDARD.]] Google ScholarDigital Library
- David Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Proceedings of Communications of the ACM, 24(2):245--253, 1981.]] Google ScholarDigital Library
- David Chaum. The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of Cryptology 1(1), pages 65--75, 1988.]] Google ScholarDigital Library
- Wei Dai. Crypto++ 4.0 benchmarks. http://www.eskimo.com/~weidai/benchmarks.html.]]Google Scholar
- George Danezis, Roger Dingledine, David Hopwood, and Nick Mathewson. Mixminion: Design of a type III anonymous remailer protocol, 2002. http://mixminion.net.]]Google Scholar
- Tahir ElGamal. A public-key cryptosystem and a signature scheme based on discrete logarithms. Advances in Cryptology Proceedings of CRYPTO 84, pages 10--18, 1985.]] Google ScholarDigital Library
- David Goldschlag, Michael Reed, and Paul Syverson. Onion routing for anonymous and private internet connections. Communications of the ACM (USA), 42(2):39--41, 1999.]] Google ScholarDigital Library
- Philippe Golle, Markus Jakobsson, Ari Juels, and Paul Syverson. Universal Re-encryption for Mixnets, 2003. http://crypto.stanford.edu/~pgolle/papers/univrenc.html.]]Google Scholar
- Hugo Krawczyk. SKEME: A versatile secure key exchange mechanism for the Internet. In Symposium on Network and Distributed Systems Security, pages 114--127, 1996.]] Google ScholarDigital Library
- David Mazieres and M. Frans Kaashoek. The design, implementation and operation of an email pseudonym server. Proceedings of the 5th ACM Conference on Computer and Communications Security, pages 27--36, 1998.]] Google ScholarDigital Library
- Moni Naor and Moti Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In Proceedings of the 22nd Annual Symposium on Theory of Computing, 1990.]] Google ScholarDigital Library
- Andreas Pfitzmann and Michael Waidner. Networks without user observability. Lecture Notes in Computer Science, 219:245--253, 1986.]]Google ScholarCross Ref
- Charles Rackoff and Daniel Simon. Non-interactive zeroknowledge proof of knowledge and chosen ciphertext attack. Advances in Cryptlogy CRYPTO '91, Lecture Notes in Computer Science, 576, 1991.]] Google ScholarDigital Library
- Josyula R. Rao and Pankaj Rohatgi. Can pseudonymity really guarantee privacy? In Proceedings of the Ninth USENIX Security Symposium, pages 85--96. USENIX, August 2000.]] Google ScholarDigital Library
- Michael K. Reiter and Aviel D. Rubin. Crowds: anonymity for Web transactions. ACM Transactions on Information and System Security, 1(1):66--92, 1998.]] Google ScholarDigital Library
- Rob Sherwood, Bobby Bhattacharjee, and Aravind Srinivasan. P5: A protocol for scalable anonymous communication. In IEEE Symposium on Security and Privacy, 2002.]] Google ScholarDigital Library
- Clay Shields and Brian Levine. A protocol for anonymous communication over the internet. In Proceedings of the 7th ACM Conference on Computer and Communication Security, Athens, Greece, 2000.]] Google ScholarDigital Library
- Paul Syverson, David Goldschlag, and Michael Reed. Anonymous connections and onion routing. In IEEE Symposium on Security and Privacy, pages 44--54, Oakland, California, 4--7 1997.]] Google ScholarDigital Library
- The GNU Privacy Guard. http://www.gnupg.org.]]Google Scholar
Index Terms
- Receiver anonymity via incomparable public keys
Recommendations
An efficient incomparable public key encryption scheme
Public keys are closely related to the identity of recipients in public key encryption setting. In privacy-sensitive applications of public key encryption, it is desirable to hide the relation between the public key and the identity of the recipient. ...
Public key cryptography based privacy preserving multi-context RFID infrastructure
In this paper, we propose a novel radio frequency identification (RFID) infrastructure enabling multi-purpose RFID tags realized by the use of privacy preserving public key cryptography (PKC) architecture. The infrastructure ensures that the access ...
Privacy-preserving multireceiver ID-based encryption with provable security
Multireceiver identity ID based encryption and ID-based broadcast encryption allow a sender to use the public identities of multiple receivers to encrypt messages so that only the selected receivers or a privileged set of users can decrypt the messages. ...
Comments