Deterring voluntary trace disclosure in re-encryption mix-networks

Q Engineering
Xiaofeng Wang, P. Golle, M. Jakobsson, Alex Tsow
{"title":"Deterring voluntary trace disclosure in re-encryption mix-networks","authors":"Xiaofeng Wang, P. Golle, M. Jakobsson, Alex Tsow","doi":"10.1145/1698750.1698758","DOIUrl":null,"url":null,"abstract":"Mix-networks, a family of anonymous messaging protocols, have been engineered to withstand a wide range of theoretical internal and external adversaries. An undetectable insider threat—voluntary partial trace disclosures by server administrators—remains a troubling source of vulnerability. An administrator's cooperation could be the resulting coercion, bribery, or a simple change of interests. While eliminating this insider threat is impossible, it is feasible to deter such unauthorized disclosures by bundling them with additional penalties. We abstract these costs with collateral keys, which grant access to customizable resources. This article introduces the notion of trace-deterring mix-networks, which encode collateral keys for every server-node into every end-to-end message trace. The network reveals no keying material when the input-to-output transitions of individual servers remain secret. Two permutation strategies for encoding key information into traces, mix-and-flip and all-or-nothing, are presented. We analyze their trade-offs with respect to computational efficiency, anonymity sets, and colluding message senders. Our techniques have sufficiently low overhead for deployment in large-scale elections, thereby providing a sort of publicly verifiable privacy guarantee.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"7 1","pages":"18:1-18:24"},"PeriodicalIF":0.0000,"publicationDate":"2010-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Information and System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1698750.1698758","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q","JCRName":"Engineering","Score":null,"Total":0}
引用次数: 1

Abstract

Mix-networks, a family of anonymous messaging protocols, have been engineered to withstand a wide range of theoretical internal and external adversaries. An undetectable insider threat—voluntary partial trace disclosures by server administrators—remains a troubling source of vulnerability. An administrator's cooperation could be the resulting coercion, bribery, or a simple change of interests. While eliminating this insider threat is impossible, it is feasible to deter such unauthorized disclosures by bundling them with additional penalties. We abstract these costs with collateral keys, which grant access to customizable resources. This article introduces the notion of trace-deterring mix-networks, which encode collateral keys for every server-node into every end-to-end message trace. The network reveals no keying material when the input-to-output transitions of individual servers remain secret. Two permutation strategies for encoding key information into traces, mix-and-flip and all-or-nothing, are presented. We analyze their trade-offs with respect to computational efficiency, anonymity sets, and colluding message senders. Our techniques have sufficiently low overhead for deployment in large-scale elections, thereby providing a sort of publicly verifiable privacy guarantee.
阻止重新加密混合网络中的自愿跟踪披露
混合网络(Mix-networks)是一系列匿名消息传递协议,其设计可以抵御理论上广泛的内部和外部攻击。无法检测到的内部威胁——服务器管理员自愿披露部分跟踪信息——仍然是一个令人不安的漏洞来源。管理员的合作可能是胁迫、贿赂或简单的利益变化所导致的。虽然消除这种内部威胁是不可能的,但通过附加处罚来阻止这种未经授权的披露是可行的。我们用附属键抽象这些成本,附属键授予对可定制资源的访问权。本文介绍了跟踪阻止混合网络的概念,它将每个服务器节点的附带密钥编码到每个端到端消息跟踪中。当单个服务器的输入到输出转换仍然保密时,网络不会泄露任何密钥材料。提出了将关键信息编码成轨迹的两种排列策略:混合-翻转和全或无。我们分析了它们在计算效率、匿名集和串通消息发送方方面的权衡。我们的技术具有足够低的开销,可以部署在大规模选举中,从而提供了一种可公开验证的隐私保证。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
ACM Transactions on Information and System Security
ACM Transactions on Information and System Security 工程技术-计算机:信息系统
CiteScore
4.50
自引率
0.00%
发文量
0
审稿时长
3.3 months
期刊介绍: ISSEC is a scholarly, scientific journal that publishes original research papers in all areas of information and system security, including technologies, systems, applications, and policies.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信