close
Skip to main content

Advertisement

Springer Nature Link
Log in
Menu
Find a journal Publish with us Track your research
Search
Saved research
Cart
  1. Home
  2. Computer Security – ESORICS 2006
  3. Conference paper

Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses

  • Conference paper
  • pp 18–33
  • Cite this conference paper
Save conference paper
View saved research
Computer Security – ESORICS 2006 (ESORICS 2006)
Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses
  • Vitaly Shmatikov19 &
  • Ming-Hsiu Wang19 

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4189))

Included in the following conference series:

  • European Symposium on Research in Computer Security
  • 2317 Accesses

  • 196 Citations

  • 6 Altmetric

Abstract

Mix networks are a popular mechanism for anonymous Internet communications. By routing IP traffic through an overlay chain of mixes, they aim to hide the relationship between its origin and destination. Using a realistic model of interactive Internet traffic, we study the problem of defending low-latency mix networks against attacks based on correlating inter-packet intervals on two or more links of the mix chain. We investigate several attack models, including an active attack which involves adversarial modification of packet flows in order to “fingerprint” them, and analyze the tradeoffs between the amount of cover traffic, extra latency, and anonymity properties of the mix network. We demonstrate that previously proposed defenses are either ineffective, or impose a prohibitively large latency and/or bandwidth overhead on communicating applications. We propose a new defense based on adaptive padding.

This work was partially supported by NSF grants CNS-0509033 and IIS-0534198.

Download to read the full chapter text

Chapter PDF

Similar content being viewed by others

LARMix $$\mathbf {++}$$ : Latency-Aware Routing in Mix Networks with Free Routes Topology

Chapter © 2025

PARSAN-Mix: Packet-Aware Routing and Shuffling with Additional Noise for Latency Optimization in Mix Networks

Chapter © 2025

Optimizing Anonymity and Performance in a Mix Network

Chapter © 2022

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.
  • Computer Communication Networks
  • Computer Networks
  • Dynamic Networks
  • Mobile and Network Security
  • Network Models
  • Stochastic Networks
  • Software-Defined Networking Architectures and Techniques

References

  1. Back, A., Goldberg, I., Shostack, A.: Freedom Systems 2.1 security issues and analysis (May 2001), http://www.freehaven.net/anonbib/cache/freedom21-security.pdf

  2. Back, A., Möller, U., Stiglic, A.: Traffic analysis attacks and trade-offs in anonymity providing systems. In: Moskowitz, I.S. (ed.) IH 2001. LNCS, vol. 2137, pp. 245–257. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  3. Berthold, O., Federrath, H., Köpsell, S.: Web mIXes: A system for anonymous and unobservable internet access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  4. Berthold, O., Langos, H.: Dummy traffic against long term intersection attacks. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 110–128. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  5. Boucher, P., Shostack, A., Goldberg, I.: Freedom Systems 2.0 architecture (December 2000), http://www.freehaven.net/anonbib/cache/freedom2-arch.pdf

  6. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–88 (1981)

    Article  Google Scholar 

  7. Danezis, G.: Statistical disclosure attacks. In: Proc. Security and Privacy in the Age of Uncertainty. IFIP Conference Proceedings, vol. 250, pp. 421–426 (2003)

    Google Scholar 

  8. Danezis, G.: The traffic analysis of continuous-time mixes. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 35–50. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Danezis, G., Dingledine, R., Mathewson, N.: Mixmixion: Design of a type III anonymous remailer protocol. In: Proc. IEEE Symposium on Security and Privacy, pp. 2–15 (2003)

    Google Scholar 

  10. Danezis, G., Serjantov, A.: Statistical disclosure or intersection attacks on anonymity systems. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, pp. 293–308. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  11. Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proc. 13th USENIX Security Symposium, pp. 303–320 (2004)

    Google Scholar 

  12. Dingledine, R., Mathewson, N., Syverson, P.: Challenges in deploying low-latency anonymity. NRL CHACS Report 5540-265 (2005)

    Google Scholar 

  13. Freedman, M., Morris, R.: Tarzan: A peer-to-peer anonymizing network layer. In: Proc. 9th ACM Conference on Computer and Communications Security, pp. 193–206 (2002)

    Google Scholar 

  14. Fu, X., Graham, B., Bettati, R., Zhao, W.: On effectiveness of link padding for statistical traffic analysis attacks. In: Proc. 23rd IEEE Conference on Distributed Computing Systems, pp. 340–349 (2003)

    Google Scholar 

  15. Fu, X., Graham, B., Bettati, R., Zhao, W., Xuan, D.: Analytical and empirical analysis of countermeasures to traffic analysis attacks. In: Proc. 32nd International Conference on Parallel Processing, pp. 483–492 (2003)

    Google Scholar 

  16. Internet Traffic Archive. Two hours of wide-area TCP traffic (January 1994), http://ita.ee.lbl.gov/html/contrib/LBL-TCP-3.html

  17. Levine, B.N., Reiter, M.K., Wang, C.-X., Wright, M.: Timing attacks in low-latency mix systems. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  18. Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster protocol version 2 (July 2003), http://www.abditum.com/mixmaster-spec.txt

  19. Murdoch, S., Danezis, G.: Low-cost traffic analysis of T or. In: Proc. IEEE Symposium on Security and Privacy, pp. 183–195 (2005)

    Google Scholar 

  20. National Laboratory for Applied Network Research. Auckland-VIII data set (December 2003), http://pma.nlanr.net/Special/auck8.html

  21. National Laboratory for Applied Network Research. PMA special traces archive (2005), http://pma.nlanr.net/Special/

  22. Newman-Wolfe, R., Venkatraman, B.: High level prevention of traffic analysis. In: Proc. IEEE/ACM 7th Annual Computer Security Applications Conference, pp. 102–109 (1991)

    Google Scholar 

  23. Øverlier, L., Syverson, P.: Locating hidden servers. In: Proc. IEEE Symposium on Security and Privacy (2006)

    Google Scholar 

  24. Rennhard, M., Rafaeli, S., Mathy, L., Plattner, B., Hutchison, D.: Analysis of an anonymity network for Web browsing. In: Proc. IEEE WETICE, pp. 49–54 (2002)

    Google Scholar 

  25. Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  26. Shmatikov, V.: Probabilistic analysis of an anonymity system. J. Computer Security 12(3-4), 355–377 (2004)

    Google Scholar 

  27. Syverson, P., Goldschlag, D., Reed, M.: Anonymous connections and onion routing. In: Proc. IEEE Symposium on Security and Privacy, pp. 44–54 (1997)

    Google Scholar 

  28. Syverson, P.F., Tsudik, G., Reed, M., Landwehr, C.: Towards an analysis of onion routing security. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 96–114. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  29. Timmerman, B.: A security model for dynamic adaptable traffic masking. In: Proc. New Security Paradigms Workshop, pp. 107–116 (1997)

    Google Scholar 

  30. Timmerman, B.: Secure adaptive traffic masking. In: Proc. New Security Paradigms Workshop, pp. 13–24 (1999)

    Google Scholar 

  31. Venkatraman, B., Newman-Wolfe, R.: Performance analysis of a method for high level prevention of traffic analysis using measurements from a campus network. In: Proc. IEEE/ACM 10th Annual Computer Security Applications Conference, pp. 288–297 (1994)

    Google Scholar 

  32. Wright, M., Adler, M., Levine, B., Shields, C.: An analysis of the degradation of anonymous protocols. In: Proc. ISOC Network and Distributed System Security Symposium (2002)

    Google Scholar 

  33. Zhu, Y., Fu, X., Graham, B., Bettati, R., Zhao, W.: On flow correlation attacks and countermeasures in mix networks. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 207–225. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The University of Texas at Austin,  

    Vitaly Shmatikov & Ming-Hsiu Wang

Authors
  1. Vitaly Shmatikov
    View author publications

    Search author on:PubMed Google Scholar

  2. Ming-Hsiu Wang
    View author publications

    Search author on:PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute for Security in Distributed Applications, Hamburg University of Technology, 21071, Hamburg, Germany

    Dieter Gollmann

  2. TU Hamburg-Harburg, Harburger Schlossstr. 20, 21079, Hamburg-Harburg, Germany

    Jan Meier

  3. Department of Computer Science and Engineering, Chalmers University of Technology, 412 96, Göteborg, Sweden

    Andrei Sabelfeld

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shmatikov, V., Wang, MH. (2006). Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds) Computer Security – ESORICS 2006. ESORICS 2006. Lecture Notes in Computer Science, vol 4189. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11863908_2

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/11863908_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44601-9

  • Online ISBN: 978-3-540-44605-7

  • eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Keywords

  • Crossover Rate
  • Active Attack
  • Consecutive Packet
  • Packet Stream
  • Packet Count

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Publish with us

Policies and ethics

Search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Footer Navigation

Discover content

  • Journals A-Z
  • Books A-Z
  • Subjects A-Z

Publish with us

  • Journal finder
  • Publish your research
  • Language editing
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our brands

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Discover

Corporate Navigation

  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Legal notice
  • Cancel contracts here

104.23.197.171

Not affiliated

Springer Nature

© 2026 Springer Nature