DOCSLIB.ORG

Low-Latency Mix Networks for Anonymous Communication

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Low-Latency Mix Networks for Anonymous Communication Low-latency mix networks for anonymous communication Ania M. Piotrowska A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy of University College London. Department of Computer Science University College London 2020 2 3 I, Ania M. Piotrowska, confirm that the work presented in this thesis is my own. Where information has been derived from other sources, I confirm that this has been indicated in the work. To George Abstract Every modern online application relies on the network layer to transfer information, which exposes the metadata associated with digital communication. These distinc- tive characteristics encapsulate equally meaningful information as the content of the communication itself and allow eavesdroppers to uniquely identify users and their activities. Hence, by exposing the IP addresses and by analyzing patterns of the network traffic, a malicious entity can deanonymize most online communications. While content confidentiality has made significant progress over the years, existing solutions for anonymous communication which protect the network metadata still have severe limitations, including centralization, limited security, poor scalability, and high-latency. As the importance of online privacy increases, the need to build low-latency communication systems with strong security guarantees becomes nec- essary. Therefore, in this thesis, we address the problem of building multi-purpose anonymous networks that protect communication privacy. To this end, we design a novel mix network Loopix, which guarantees commu- nication unlinkability and supports applications with various latency and bandwidth constraints. Loopix offers better security properties than any existing solution for anonymous communications while at the same time being scalable and low-latency. Furthermore, we also explore the problem of active attacks and malicious infrastruc- ture nodes, and propose a Miranda mechanism which allows to efficiently mitigate them. In the second part of this thesis, we show that mix networks may be used as a building block in the design of a private notification system, which enables fast and low-cost online notifications. Moreover, its privacy properties benefit from an increasing number of users, meaning that the system can scale to millions of clients at a lower cost than any alternative solution. Impact statement The results presented in this thesis make significant steps towards the design and study of anonymous communication systems. More specifically, this dissertation introduces novel designs for anonymous communication networks, techniques to evaluate their privacy properties, as well as mechanisms to enhance them. More- over, the presented research has set in motion the development of open-source soft- ware and the deployment of a privacy infrastructure that allows users to control their information about their online activities. We have designed Loopix (Chapter 3), a novel design of a low-latency anony- mous communication system based on mix networks, which offers stronger security properties than the existing tools. Our design ensures metadata privacy even in the presence of powerful adversaries, yet, thanks to its scalability and performance fea- tures, is suitable for many real-time applications. Following the publication of this work in USENIX Security ’17, PANORAMIX adopted Loopix as its core infrastruc- ture design for an anonymous low-latency messaging system, the Katzenpost free software project.1 Along with the project partners and developers, we released the open access specifications of the Katzenpost design and it’s open-source implemen- tation.2,3 Furthermore, we showed how Loopix can be used to add network-level privacy for privacy focussed cryptocurrencies like Zcash in [1], which was later also added to Katzenpost [2]. We have also designed, in collaboration with the Bar-Ilan University and the University of Connecticut, the Miranda mechanism (Chapter 4), inspired during the development of Loopix, which aims to tackle a common problem in anony- mous communications systems, i.e. how to detect and exclude malicious infrastruc- ture mixes. Miranda allows the system users to detect and isolate active malicious mixes in an efficient and scalable way, without the need for computationally expen- sive cryptographic techniques. Our work introduces also interesting ideas for more 1PANORAMIX European project was a joined initiative of leading academic centres and indus- trial partners, whose aim was to develop an infrastructure for secure communications based on mix networks (https://panoramix.me/). 2https://katzenpost.mixnetworks.org/docs/specs.html 3https://github.com/katzenpost/ iv Impact statement efficient detection of corrupted nodes using community detection techniques, and opens practical research questions that are likely to lead to further improvements. The result of our work was presented in USENIX Security ’19. The last technical chapter of this work introduces AnNotify (Chapter 5), a novel private notification system, which scales to millions of users at a low band- width and performance cost. Therefore, AnNotify can be used as an alternative to traditional PIR or privacy-preserving presence systems like DP5. This work was a result of collaboration with Bar-Ilan University and was presented in WPES ’17. The work presented in this thesis and development of Katzenpost is now fur- ther adopted and continued by the Nym Technologies company.4 As part of Nym Technologies team, I have a chance to apply my academic and industrial experience by contributing to both research and development of the decentralized and incen- tivized privacy-enhancing infrastructure. 4https://nymtech.net/ Acknowledgements This PhD has been a truly life-changing experience and it would not have been possible to do without the support and guidance that I received from many people. First of all, I would like to thank my supervisor George Danezis for his time and guidance over the past years, and all of his advice. I am especially thankful for always encouraging me to explore new challenges, even those outside my comfort zone, and for teaching me to be an independent professional. I would also like to extend my gratitude to Sarah Meiklejohn and Steven Mur- doch, for their guidance and advice which helped me to significantly improve my research, and to my viva examiners, Emiliano De Cristofaro and Paul Syverson, for their precious feedback on my dissertation. I want to also thank my previous teachers, in particular, Marek Klonowski and Michal Morayne, for giving me the opportunity to join great research projects, having confidence in me, sharing research knowledge and for encouraging me to pursue the PhD path. Throughout my PhD years, I was very fortunate to work with amazing re- searchers and industrial partners. In particular, I would like to thank those who have spent some of their valuable time collaborating with me: Tariq Elahi, Jamie Hayes, Sebastian Meiser, Hemi Leibowitz, Amir Herzberg and Nethanel Gelernter. Thank you also to Google DeepMind and Chainalysis, who gave me an oppor- tunity to join top-notch teams as an intern. Those internships taught me many new interesting topics and allowed me to gain a lot of experience. Thank you to every- one with whom I had an opportunity to work there for making it such an amazing experience. In particular, I would like to thank Ben Laurie for his guidance and always having time for fascinating research conversations. I would also like to express my gratitude to a wonderful group of colleagues from the InfoSec group, who had influenced my research and made my everyday work at UCL so pleasant. Thank you also to all my friends in London and beyond, for their friendship, kind words, the time we have spent together and beautiful mem- ories. This PhD journey would never happen without Asia, who always has been vi Acknowledgements a role model for me. Thank you for your love, friendship and encouragement. I would also like to express my gratitude to my parents and my family, for their support and enthusiasm. Especially to my aunt Iwonka for her love, kindness and support. Thank you to my Grandma Halinka and Wanda, who never knew about this adventure but were with me every step along the way. I would never study Computer Science if not amazing men in my family - My Grandpas Mietek and Stanislaw, and my uncles Gienek, Zdzisiek, Irek and Maciek. Their passionate stories about history, science and travels encouraged me to follow my dreams. Thank you for believing in me, I hope I made you all proud. A big thank you also to Mrs Christina and Mr Andreas, for such loving wel- come in their family, and always being so supportive and enthusiastic about my endeavours. Last but not least, I would like to thank my George, for his love, support, motivation, teaching me to never give up and for making me every day a better person. This thesis, and my entire hard work, is dedicated to him. Contents Abstract i Impact statment iv Acknowledgements vi Contents vii List of Figures and Tables xii 1 Introduction 1 1.1 Motivation . 1 1.2 Goals . 4 1.3 Contributions . 5 1.4 Organisation of the thesis . 7 2 Background and related works 9 2.1 Technical defnitions and measures . 9 2.1.1 Information entropy . 9 2.1.2 Differential privacy . 10 2.1.3 Bloom filters . 10 2.1.4 Poisson and Exponential distribution . 11 2.1.5 Memoryless property . 12 2.2 Anonymity . 12 2.2.1 Traffic Analysis and Active Attacks . 13 2.3 Anonymous communication systems . 15 2.3.1 Early designs for decentralized anonymous communication systems . 15 2.3.2 Modern mix networks and DC-Nets designs . 24 2.3.3 Other decentralized anonymity systems . 30 2.4 Conclusion . 31 vii viii Contents I Anonymous communication systems resistant to traffic anal- ysis and active attacks 33 3 The Loopix Anonymity System 35 3.1 Introduction . 35 3.2 The system high-level overview . 36 3.3 System model and security goals .
Load more

Recommended publications
  • UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations
    UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations Title A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Permalink https://escholarship.org/uc/item/6w76f8x7 Author Swift, Kathy Publication Date 2017 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA Santa Barbara A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in Education by Kathleen Anne Swift Committee in charge: Professor Richard Duran, Chair Professor Diana Arya Professor William Robinson September 2017 The dissertation of Kathleen Anne Swift is approved. ................................................................................................................................ Diana Arya ................................................................................................................................ William Robinson ................................................................................................................................ Richard Duran, Committee Chair June 2017 A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Copyright © 2017 by Kathleen Anne Swift iii ACKNOWLEDGEMENTS I would like to thank the members of my committee for their advice and patience as I worked on gathering and analyzing the copious amounts of research necessary to
    [Show full text]
  • People Are Either Too Fake Or Too Real'': Opportunities And
    Behavior in Online Communities CHI 2017, May 6–11, 2017, Denver, CO, USA “People Are Either Too Fake or Too Real”: Opportunities and Challenges in Tie-Based Anonymity Xiao Ma Nazanin Andalibi Louise Barkhuus Jacobs Institute, Cornell Tech College of Computing and The IT University of New York, NY, USA Informatics, Drexel University Copenhagen [email protected] Philadelphia, PA, USA Copenhagen, Denmark [email protected] [email protected] Mor Naaman Jacobs Institute, Cornell Tech New York, NY, USA [email protected] ABSTRACT affected social interactions and dynamics in offline and on- In recent years, several mobile applications allowed individ- line environments [11, 27]. Anonymity allows people to feel uals to anonymously share information with friends and con- less constrained by the expectations of their everyday iden- tacts, without any persistent identity marker. The functions of tities [3, 25], which in turn allows more candid and honest these “tie-based” anonymity services may be notably differ- self-expressions [1, 43]. Anonymity also leads users to dis- ent than other social media services. We use semi-structured close more information [52], which may result in positive interviews to qualitatively examine motivations, practices and emotional outcomes for the person disclosing [45]. On the perceptions in two tie-based anonymity apps: Secret (now de- other hand, the lack of attribution and responsibility in anony- funct, in the US) and Mimi (in China). Among the findings, mous environments can encourage malicious behaviors such we show that: (1) while users are more comfortable in self- as trolling [33] and cyberbullying [5, 6, 34]. It is no wonder disclosure, they still have specific practices and strategies to that society in general, and HCI researchers in particular, have avoid or allow identification; (2) attempts for de-identification been fascinated with the topic of anonymity.
    [Show full text]
  • Low-Cost Traffic Analysis Of
    Low-Cost Traffic Analysis of Tor Steven J. Murdoch and George Danezis University of Cambridge, Computer Laboratory 15 JJ Thomson Avenue, Cambridge CB3 0FD United Kingdom {Steven.Murdoch,George.Danezis}@cl.cam.ac.uk Abstract Other systems, based on the idea of a mix, were de- veloped to carry low latency traffic. ISDN mixes [33] Tor is the second generation Onion Router, supporting propose a design that allows phone conversations to be the anonymous transport of TCP streams over the Inter- anonymised, and web-mixes [6] follow the same design pat- net. Its low latency makes it very suitable for common terns to anonymise web traffic. A service based on these tasks, such as web browsing, but insecure against traffic- ideas, the Java Anon Proxy (JAP)1 has been implemented analysis attacks by a global passive adversary. We present and is running at the University of Dresden. These ap- new traffic-analysis techniques that allow adversaries with proaches work in a synchronous fashion, which is not well only a partial view of the network to infer which nodes are adapted for the asynchronous nature of widely deployed being used to relay the anonymous streams and therefore TCP/IP networks [8]. greatly reduce the anonymity provided by Tor. Furthermore, The Onion Routing project has been working on stream- we show that otherwise unrelated streams can be linked level, low-latency, high-bandwidth anonymous communi- back to the same initiator. Our attack is feasible for the cations [35]. Their latest design and implementation, adversary anticipated by the Tor designers. Our theoreti- Tor [18], has many attractive features, including forward se- cal attacks are backed up by experiments performed on the curity and support for anonymous servers.
    [Show full text]
  • Consensgx: Scaling Anonymous Communications Networks With
    Proceedings on Privacy Enhancing Technologies ; 2019 (3):331–349 Sajin Sasy* and Ian Goldberg* ConsenSGX: Scaling Anonymous Communications Networks with Trusted Execution Environments Abstract: Anonymous communications networks enable 1 Introduction individuals to maintain their privacy online. The most popular such network is Tor, with about two million Privacy is an integral right of every individual in daily users; however, Tor is reaching limits of its scala- society [72]. With almost every day-to-day interaction bility. One of the main scalability bottlenecks of Tor and shifting towards using the internet as a medium, it similar network designs originates from the requirement becomes essential to ensure that we can maintain the of distributing a global view of the servers in the network privacy of our actions online. Furthermore, in light to all network clients. This requirement is in place to of nation-state surveillance and censorship, it is all avoid epistemic attacks, in which adversaries who know the more important that we enable individuals and which parts of the network certain clients do and do not organizations to communicate online without revealing know about can rule in or out those clients from being their identities. There are a number of tools aiming to responsible for particular network traffic. provide such private communication, the most popular In this work, we introduce a novel solution to this of which is the Tor network [21]. scalability problem by leveraging oblivious RAM con- Tor is used by millions of people every day to structions and trusted execution environments in order protect their privacy online [70].
    [Show full text]
  • Doswell, Stephen (2016) Measurement and Management of the Impact of Mobility on Low-Latency Anonymity Networks
    Citation: Doswell, Stephen (2016) Measurement and management of the impact of mobility on low-latency anonymity networks. Doctoral thesis, Northumbria University. This version was downloaded from Northumbria Research Link: http://nrl.northumbria.ac.uk/30242/ Northumbria University has developed Northumbria Research Link (NRL) to enable users to access the University’s research output. Copyright © and moral rights for items on NRL are retained by the individual author(s) and/or other copyright owners. Single copies of full items can be reproduced, displayed or performed, and given to third parties in any format or medium for personal research or study, educational, or not-for-profit purposes without prior permission or charge, provided the authors, title and full bibliographic details are given, as well as a hyperlink and/or URL to the original metadata page. The content must not be changed in any way. Full items must not be sold commercially in any format or medium without formal permission of the copyright holder. The full policy is available online: http://nrl.northumbria.ac.uk/policies.html MEASUREMENT AND MANAGEMENT OF THE IMPACT OF MOBILITY ON LOW-LATENCY ANONYMITY NETWORKS S.DOSWELL Ph.D 2016 Measurement and management of the impact of mobility on low-latency anonymity networks Stephen Doswell A thesis submitted in partial fulfilment of the requirements of the University of Northumbria at Newcastle for the degree of Doctor of Philosophy Research undertaken in the Department of Computer Science and Digital Technologies, Faculty of Engineering and Environment October 2016 Declaration I declare that the work contained in this thesis has not been submitted for any other award and that it is all my own work.
    [Show full text]
  • Threat Modeling and Circumvention of Internet Censorship by David Fifield
    Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers. I hope to change the perception that the circumvention problem is a cat-and-mouse game that affords only incremental and temporary advancements.
    [Show full text]
  • Trolls Under the Bridge: Anonymous Online Comments and Gatekeeping in the Digital Realm
    TROLLS UNDER THE BRIDGE: ANONYMOUS ONLINE COMMENTS AND GATEKEEPING IN THE DIGITAL REALM _______________________________________ A thesis presented to the faculty of the graduate school at the University of Missouri-Columbia ___________________________________________________________ in partial fulfillment of the requirements for the degree, master of arts ______________________________________________ by NOELLE M. STEELE Ryan J. Thomas, Thesis Supervisor DECEMBER 2013 The undersigned, appointed by the dean of the graduate school, have examined the thesis entitled TROLLS UNDER THE BRIDGE: ANONYMOUS ONLINE COMMENTS AND GATEKEEPING IN THE DIGITAL REALM presented by Noelle M. Steele, a candidate for the degree of master of arts, and hereby certify that, in their opinion, it is worthy of acceptance. __________________________________________ Dr. Ryan J. Thomas __________________________________________ Dr. Tim Vos ___________________________________________ Professor Joy Mayer ____________________________________________ Dr. Christina Wells ACKNOWLEDGEMENTS A special thank you to Sarah Smith-Frigerio for her unending encouragement, faithful guidance and witty responses that kept matters light when they might otherwise have been stressful. Many a graduate student would have lost their way without her prompt attention to every issue that cropped up and tireless dedication to resolving the problem. Endless thanks to my thesis chair, Dr. Ryan J. Thomas, for his attention to detail and refusal to allow me to settle for anything less than the most polished piece of work I could possibly produce. I owe the completion of this research to his persistence and enthusiasm for the project. And to the remainder of my thesis committee – Drs. Tim Vos and Christina Wells and Professor Joy Mayer – thank you for believing in my rough research idea and challenging me to refine it from the very beginning.
    [Show full text]
  • The Community Industry: an Analysis of Reddit and /R/Socialism
    THE COMMUNITY INDUSTRY: AN ANALYSIS OF REDDIT AND /R/SOCIALISM Richard Babb A Dissertation Submitted to the Graduate College of Bowling Green State University in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY May 2021 Committee: Radhika Gajjala, Advisor Samuel T McAbee, Graduate Faculty Representative Lara Lengel Yanqin Lu © 2021 Richard Babb All Rights Reserved iii ABSTRACT Radhika Gajjala, Advisor Social media is an increasingly important space for community formation and interactions. Coinciding with the rise of social media has been an increasing interest in leftist ideologies once outside the mainstream. This analysis seeks to understand the social media site Reddit.com’s enabling and constraining features on the community /r/socialism. Using the communicative theory of identity and Marxist media theory not only to look at Reddit and /r/socialism’s relationship, but five key functions of a media: capital-economic, media sales and media market function, commodity circulation, domination, and the audience. Employing a mixed-methods approach enabled various data to be analyzed and relationally understood. Qualitative content analysis was used to examine user’s salient topics and their uses for the community. Survey methods were deployed to the community to gather demographic data on the /r/socialism community and user opinions on the group’s relationship with Reddit. Finally, secondary documents were analyzed to provide greater context to the other findings. Findings from the content analysis of salient subjects showed a preference for contemporary capitalist critique, socialist quotations, and class issues. However, topics impacting women and other minority groups were light to nonexistent.
    [Show full text]
  • Social Network Based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K
    1 STor: Social Network based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K. C. Chang Department of Computing, The Hong Kong Polytechnic University, Hunghom, Hong Kong cspzhouroc,csxluo,csachen,csrchang @comp.polyu.edu.hk f g Abstract—Anonymity networks hide user identities with the help of relayed anonymity routers. However, the state-of-the-art anonymity networks do not provide an effective trust model. As a result, users cannot circumvent malicious or vulnerable routers, thus making them susceptible to malicious router based attacks (e.g., correlation attacks). In this paper, we propose a novel social network based trust model to help anonymity networks circumvent malicious routers and obtain secure anonymity. In particular, we design an input independent fuzzy model to determine trust relationships between friends based on qualitative and quantitative social attributes, both of which can be readily obtained from existing social networks. Moreover, we design an algorithm for propagating trust over an anonymity network. We integrate these two elements in STor, a novel social network based Tor. We have implemented STor by modifying the Tor’s source code and conducted experiments on PlanetLab to evaluate the effectiveness of STor. Both simulation and PlanetLab experiment results have demonstrated that STor can achieve secure anonymity by establishing trust-based circuits in a distributed way. Although the design of STor is based on Tor network, the social network based trust model can be adopted by other anonymity networks. Index Terms—Social Network, Anonymous Communication, Tor, Fuzzy Model F 1 INTRODUCTION alone can be easily bypassed by an attacker.
    [Show full text]
  • Asphalion: Trustworthy Shielding Against Byzantine Faults
    Asphalion: Trustworthy Shielding Against Byzantine Faults IVANA VUKOTIC, SnT, University of Luxembourg VINCENT RAHLI, University of Birmingham PAULO ESTEVES-VERÍSSIMO, SnT, University of Luxembourg Byzantine fault-tolerant state-machine replication (BFT-SMR) is a technique for hardening systems to tolerate arbitrary faults. Although robust, BFT-SMR protocols are very costly in terms of the number of required replicas (3f + 1 to tolerate f faults) and of exchanged messages. However, with “hybrid” architectures, where “normal” components trust some “special” components to provide properties in a trustworthy manner, the cost of using BFT can be dramatically reduced. Unfortunately, even though such hybridization techniques decrease the message/time/space complexity of BFT protocols, they also increase their structural complexity. Therefore, we introduce Asphalion, the first theorem prover-based framework for verifying implementations of hybrid systems and protocols. It relies on three novel languages: (1) HyLoE: a Hybrid Logic of Events to reason about hybrid fault models; (2) MoC: a Monadic Component language to implement systems as collections of interacting hybrid components; and (3) LoCK: a sound Logic Of events-based Calculus of Knowledge to reason about both homogeneous and hybrid systems at a high-level of abstraction (thereby allowing reusing proofs, and capturing the high-level logic of distributed systems). In addition, Asphalion supports compositional reasoning, e.g., through mechanisms to lift properties about trusted-trustworthy components, to the level of the distributed systems they are integrated in. As a case study, we have verified crucial safety properties (e.g., agreement) of several implementations of hybrid protocols. CCS Concepts: • Theory of computation → Logic and verification.
    [Show full text]
  • Sok: a Consensus Taxonomy in the Blockchain Era*
    SoK: A Consensus Taxonomy in the Blockchain Era* Juan A. Garay Aggelos Kiayias† Texas A&M University University of Edinburgh & IOHK [email protected] [email protected] Sunday 8th December, 2019 Abstract Consensus is arguably one of the most fundamental problems in distributed computing, playing also an important role in the area of cryptographic protocols as the enabler of a secure broadcast functionality. While the problem has a long and rich history and has been analyzed from many dif- ferent perspectives, recently, with the advent of blockchain protocols like Bitcoin, it has experienced renewed interest from a much wider community of researchers and has seen its application expand to various novel settings. One of the main issues in consensus research is the many different variants of the problem that exist as well as the various ways the problem behaves when different setup, computational assump- tions and network models are considered. In this work we perform a systematization of knowledge in the landscape of consensus research in the Byzantine failure model starting with the original formu- lation in the early 1980s up to the present blockchain-based new class of consensus protocols. Our work is a roadmap for studying the consensus problem under its many guises, classifying the way it operates in the various settings and highlighting the exciting new applications that have emerged in the blockchain era. 1 Introduction The consensus problem—reaching agreement distributedly in the presence of faults—has been exten- sively studied in the literature starting with the seminal work of Shostak, Pease and Lamport [PSL80, LSP82].
    [Show full text]
  • El Gamal Mix-Nets and Implementation of a Verifier
    KTH Royal Institute of Technology School of Computer Science and Communication El Gamal Mix-Nets and Implementation of a Verifier SA104X Degree Project in Engineering Physics Erik Larsson ([email protected]) Carl Svensson ([email protected]) Supervisor: Douglas Wikstr¨om Abstract A mix-net is a cryptographic protocol based on public key cryptography which enables untraceable communication through a collection of nodes. One important application is electronic voting where it enables the construction of systems which satisfies many voting security requirements, including veri- fiability of correct execution. Verificatum is an implementation of a mix-net by Douglas Wikstr¨om. This report concerns the implementation of a verifier and evaluation of the implementation manual for the Verificatum mix-net. The purpose of the document is to enable third parties to convince themselves that the mix- net has behaved correctly without revealing any secret information. This implementation is a simple version of the verifier using the document and some test vectors generated by the mix-net. The document contains all information but there are still some possibilities for further clarification in order to make it comprehensible to a larger audience. Contents 1 Introduction 2 1.1 Verificatum . 2 1.2 Goals and Scope . 3 2 Background 3 2.1 El Gamal Cryptography . 3 2.1.1 Definition . 4 2.1.2 Security . 4 2.1.3 Properties . 5 2.2 Cryptographic Primitives . 6 2.2.1 Hash functions . 6 2.2.2 Pseudo Random Generators . 6 2.2.3 Random Oracles . 7 2.3 Mix Networks . 7 2.3.1 Overview . 7 2.3.2 El Gamal Mix-Nets .
    [Show full text]