# On the Trade-Off between Relationship Anonymity and Communication Overhead in Anonymity Networks

## Summary (2 min read)

### Introduction

- Many communication systems, for example modern industrial networks [1], [2], require high availability between a fixed set of nodes on a pairwise basis.
- Due to the often long life-cycles of industrial systems software corruption is a threat, and the complexity of the code-base makes corruption hard to detect.
- Corrupted nodes that are part of the mix network can perform inside attacks to determine the senderreceiver pair for messages that are relayed through them.
- Anonymity networks can provide some level of relationship anonymity against inside attackers (e.g., [5], [6]) by hiding the sender or the receiver from the relay nodes.
- Minstrels has bounded message delivery delay.

### II. SYSTEM MODEL AND METRICS

- The nodes act as sources, destinations and as relay nodes for each others’ messages.
- The underlying communication network is a complete graph.
- The inside attacker is in control of C nodes, and can observe the messages traversing those nodes and the protocol specific information contained in the messages.
- Its goal is to identify the source and the destination of the messages that it observes.
- The authors quantify the relationship anonymity by the probability Prel(s,r) that the attacker assigns to a sender-receiver pair (s,r) for a message.

### III. MINSTRELS SYSTEM DESCRIPTION

- Minstrels, described below, uses nodes as message relays in the same way as Crowds [6] with the difference that the number of nodes visited by a message is bounded.
- The message, or part of it, is encrypted with the receiver’s public key.
- To control the maximum path length (i.e., delay) the sender can initialize the list of visited nodes with a number M ∈ {0, ...,N−1} of the nodes in the system.
- These initialized nodes are considered as visited so that the message can not be relayed to them.
- Fig. 1 shows another case when the list is initialized with the sender and node C, and the message is forwarded to node B. Node B adds itself to the list and decides to which of the remaining nodes (D,E) to forward the message.

### IV. OVERHEAD AND ANONYMITY

- In the following the authors derive expressions for the communication overhead and the anonymity provided against inside attackers for Crowds and for Minstrels.

### A. Communication Overhead

- The authors start with calculating the communication overhead of Crowds and Minstrels.
- The mean number of hops depends on the distribution P(M) and can be expressed as E[K] = N−1 ∑ M=0 P(M)(N−M). (3).

### B. Relationship Anonymity Against Inside Attackers

- The authors consider attackers without any a priori knowledge of the system traffic matrix.
- For a given attacker on the path, P(I|H1+) is the probability that the attacker’s predecessor is the sender.
- Let us now turn to the calculation of the probabilities that the attacker correctly identifies the sender-receiver pair (s,r) used in (7).
- The corresponding probability P(Ωr,Ωs, ||L ||= 0,MC = 0,H1+|S(a),R(b)) is given in Table V.
- The attacker can receive a message with only one node in the list of visited nodes (||L ||= 1), in which case the node in the list is the predecessor.

### V. NUMERICAL RESULTS

- In the following the authors use the analytical models described above to get insight into the overhead-anonymity trade-off.
- Hence, for C = 3 the probability that the attacker can assign to the sender decreases faster than the probability P(H1+) of having an attacker on the path increases.
- Figs. 2, 3, 4, and 5 also show the lower bounds for the probabilities Prel(s,r) for Crowds and for Minstrels.
- P ro ba bi lit y as si gn ed to s − r pa ir (P re l(s ,r )) Crowds Crowds − Lower bound Minstrels Minstrels − Lower bound UA−NPK Asymptote Fig. 5. Relationship anonymity vs. overhead for N = 50, C = 5 bounds converge to an asymptote, which corresponds to the case when there is always an attacker on the path (P(H1+) = 1), and the attacker assigns Prel(s,r) = 1(N−C)(N−C−1) to every possible sender-receiver pair.
- In general, the best possible relationship anonymity might not be provided by the highest allowable overhead.

### VI. CONCLUSIONS AND FUTURE WORK

- In this paper the authors made a first attempt to analyze the tradeoff between relationship anonymity and communication overhead in anonymity networks.
- The authors considered two anonymity networks, Crowds proposed in [6] and Minstrels proposed in this work.
- The authors expressed the relationship anonymity for these networks, and provided simple lower bounds on the probability assigned to a senderreceiver pair.
- While intuition says that increased overhead should lead to improved relationship anonymity, their results show this is not the case in general.
- Instead, anonymity is often easiest to provide at medium levels of overhead, when attackers are still unlikely to be on the path, but the sender-receiver identity is already reasonably well protected.

Did you find this useful? Give us your feedback

##### Citations

37 citations

2 citations

### Cites background from "On the Trade-Off between Relationsh..."

...In this thesis, in Paper E which extends our earlier work [64], we study how anonymity networks could be used to improve the data availability if face of gray hole attacks....

[...]

1 citations

### Cites background from "On the Trade-Off between Relationsh..."

...Minstrels, described in [6], uses nodes as message relays in the same way as Crowds with the difference that the number of nodes visited by a message is bounded....

[...]

...A detailed description of calculating Prel(s,r) can be found in [6]....

[...]

...Second, Minstrels, proposed in [6], which provides bounded message delivery delay by limiting the maximum number of visited nodes for each message, and hides the sender and the receiver among all anonymity network users....

[...]

##### References

3,953 citations

2,815 citations

1,998 citations

### "On the Trade-Off between Relationsh..." refers background or methods in this paper

...We considered two anonymity networks, Crowds proposed in [6] and Minstrels proposed in this work....

[...]

...First, Crowds, proposed in [6], which hides the sender by introducing unbounded message delivery delay (it still exposes the receiver’s identity)....

[...]

..., [5], [6]) by hiding the sender or the receiver from the relay nodes....

[...]

...The expression for P(I|H1+) is given in [6] for the case when there are n possible relays (including the sender)....

[...]

...Minstrels, described below, uses nodes as message relays in the same way as Crowds [6] with the difference that the number of nodes visited by a message is bounded....

[...]

1,215 citations

928 citations

### "On the Trade-Off between Relationsh..." refers background in this paper

...Anonymity networks can provide some level of relationship anonymity against inside attackers (e.g., [ 5 ], [6]) by hiding the sender or the receiver from the relay nodes....

[...]