Denial of service or denial of security?
Proceedings of the 14th ACM conference on Computer and communications security, 2007•dl.acm.org
We consider the effect attackers who disrupt anonymous communications have on the
security of traditional high-and low-latency anonymous communication systems, as well as
on the Hydra-Onion and Cashmere systems that aim to offer reliable mixing, and Salsa, a
peer-to-peer anonymous communication network. We show that denial of service (DoS)
lowers anonymity as messages need to get retransmitted to be delivered, presenting more
opportunities for attack. We uncover a fundamental limit on the security of mix networks …
security of traditional high-and low-latency anonymous communication systems, as well as
on the Hydra-Onion and Cashmere systems that aim to offer reliable mixing, and Salsa, a
peer-to-peer anonymous communication network. We show that denial of service (DoS)
lowers anonymity as messages need to get retransmitted to be delivered, presenting more
opportunities for attack. We uncover a fundamental limit on the security of mix networks …
We consider the effect attackers who disrupt anonymous communications have on the security of traditional high- and low-latency anonymous communication systems, as well as on the Hydra-Onion and Cashmere systems that aim to offer reliable mixing, and Salsa, a peer-to-peer anonymous communication network. We show that denial of service (DoS) lowers anonymity as messages need to get retransmitted to be delivered, presenting more opportunities for attack. We uncover a fundamental limit on the security of mix networks, showing that they cannot tolerate a majority of nodes being malicious. Cashmere, Hydra-Onion, and Salsa security is also badly affected by DoS attackers. Our results are backed by probabilistic modeling and extensive simulations and are of direct applicability to deployed anonymity systems.
ACM Digital Library