Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity

Опубликовано 7 сентября 2016, 17:02

It is often mistakenly thought that Availability is, as a security property, orthogonal to Confidentiality. Yet in the case of anonymity system, that try to hide the senders and receivers of messages, this is not the case. In this talk we present the effect attackers that disrupt anonymous communications have on the security of traditional mix systems, as well as on the Hydra-Onion and Cashmere systems that aim to offer reliable mixing. We show that denial of service (DoS) lowers anonymity as messages need to get retransmitted to be delivered, uncovering a fundamental limit on the security of all mix systems; Cashmere (a peer-to-peer system) and Hydra-Onion are also badly affected by DoS attackers. We also show that reliable mixing systems may be introducing additional vulnerabilities and illustrate this with two novel attacks. Our results are backed by probabilistic modelling and extensive simulations and are of direct applicability to deployed anonymity systems.