Stopping Silent Sneaks: Defending against Malicious Mixes with Topological Engineering

by   Xinshu Ma, et al.

Mixnets are a fundamental type of anonymous communication system and recent academic research has made progress in designing Mixnets that are scalable, have sustainable communication/computation overhead, and/or provable security. We focus our work on stratified Mixnets, a popular design with real-world adoption. The security of many designs rely on the anytrust assumption where at least one server in the user's path must be honest. We identify the critical role Mixnet topological configuration algorithms play for user anonymity, and propose Bow-Tie, a performant topological engineering design for Mixnets that further ensures the anytrust assumption holds realized by introducing guard mixes. To draw actionable conclusions, we perform an analysis of the best realistic and resource-bounded adversarial strategies against each of the studied algorithms, and evaluate security metrics against each best adversarial strategy. Moreover, we highlight the need for a temporal security analysis and develop routesim, a simulator to evaluate the effect of temporal dynamics and user behaviors over the Mixnet. The resulting security notions are complementary to the state-of-the-art entropic definitions. The simulator is designed to help Mixnets developers in assessing the devil in the details resulting from design decisions. Ultimately, our results suggest strong potential improvements to current designs and guidance for shaping Mix networks.


page 1

page 7


Demo – Zelig: Customizable Blockchain Simulator

As blockchain-based systems see wider adoption, it becomes increasingly ...

User Experience Design for E-Voting: How mental models align with security mechanisms

This paper presents a mobile application for vote-casting and vote-verif...

Guarding Serverless Applications with SecLambda

As an emerging application paradigm, serverless computing attracts atten...

Assessing the Security of OPC UA Deployments

To address the increasing security demands of industrial deployments, OP...

A Research Agenda: Dynamic Models to Defend Against Correlated Attacks

In this article I describe a research agenda for securing machine learni...

Tai-e: A Static Analysis Framework for Java by Harnessing the Best Designs of Classics

Static analysis is a mature field with applications to bug detection, se...

Optimizing groups of colluding strong attackers in mobile urban communication networks with evolutionary algorithms

In novel forms of the Social Internet of Things, any mobile user within ...

Please sign up or login with your details

Forgot password? Click here to reset