Browse > Article
http://dx.doi.org/10.3837/tiis.2010.06.011

Attacking and Repairing the Improved ModOnions Protocol-Tagging Approach  

Borisov, Nikita (Department of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign)
Klonowski, Marek (Institute of Mathematics and Computer Science, Wrocław University of Technology)
Kutylowski, Miroslaw (Institute of Mathematics and Computer Science, Wrocław University of Technology)
Lauks-Dutka, Anna (Institute of Mathematics and Computer Science, Wrocław University of Technology)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.4, no.3, 2010 , pp. 380-399 More about this Journal
Abstract
In this paper, we present a new class of attacks against an anonymous communication protocol, originally presented in ACNS 2008. The protocol itself was proposed as an improved version of ModOnions, which exploits universal re-encryption in order to avoid replay attacks. However, ModOnions allowed the detour attack, introduced by Danezis to re-route ModOnions to attackers in such a way that the entire path is revealed. The ACNS 2008 proposal addressed this by using a more complicated key management scheme. The revised protocol is immune to detour attacks. We show, however, that the ModOnion construction is highly malleable and this property can be exploited in order to redirect ModOnions. Our attacks require detailed probing and are less efficient than the detour attack, but they can nevertheless recover the full onion path while avoiding detection and investigation. Motivated by this, we present modifications to the ModOnion protocol that dramatically reduce the malleability of the encryption primitive. It addresses the class of attacks we present and it makes other attacks difficult to formulate.
Keywords
Onion routing; tagged encryption; universal re-encryption; replay attack;
Citations & Related Records

Times Cited By Web Of Science : 0  (Related Records In Web of Science)
Times Cited By SCOPUS : 0
연도 인용수 순위
  • Reference
1 P. Mackenzie, M.K. Reiter and K. Yang, "Alternatives to non-malleability: Definitions, constructions and applications", in Proc. of Theory of Cryptography Conference 2004, LNCS 2951, Springer-Verlag, pp. 171-190, 2004.
2 M. Klonowski, M. Kutylowski and A. Lauks, "Repelling Detour Attack against Onions with Re-Encryption", in Proc. of Applied Cryptography and Network Security Conference 2008, LNCS 5037, Springer-Verlag, pp. 296-308, 2008.
3 N. Borisov, M. Klonowski, M. Kutylowski and A. Lauks-Dutka , "Attacking and Repairing the Improved ModOnions Protocol", in Proc. of ICISC 2009, LNCS, Springer-Verlag, 2009.
4 P. Golle, M. Jakobsson, A. Juels and P.F. Syverson, "Universal Re-encryption for Mixnets", in Proc. of CT-RSA 2004, pp. 163-178, 2004.
5 M. Klonowski, M. Kutylowski, A. Lauks and F. Zagorski, "Universal Re-encryption of Signatures and Controlling Anonymous Information Flow", in Proc. of WARTACRYPT 2004 Conference on Cryptology, Tatra Mountains Mathematical Publications, pp. 179-188, 2006.
6 D. Chaum, "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms", in Communications of the ACM, vol. 24, no. 2, pp. 84-88, 1981.   DOI   ScienceOn
7 G. Danezis, "Breaking Four Mix-Related Schemes Based on Universal Re-encryption", in Proc. of International Security Conference - ISC 2006, LNCS 4176, Springer-Verlag, pp. 46-59, 2006.
8 R. Dingledine, N. Mathewson and P.F. Syverson, "Tor: The Second-Generation Onion Router", in Proc. of USENIX Security Symposium, pp. 303-320, 2004.
9 R. Pries, W. Yu, X. Fu and W. Wei Zhao, "A New Replay Attack Against Anonymous Communication Networks", in Proc. of IEEE International Conference on Communication 2008, pp. 1578-1582, 2008.
10 M. Gomulkiewicz, M. Klonowski and M. Kutylowski, Onions Based on Universal Re-encryption- Anonymous Communication Immune Against Repetitive Attack", in Proc. of WISA 2004, LNCS 3325, Springer-Verlag, pp. 400-410, 2004.
11 G. Danezis, R. Dingledine and N. Mathewson, "Mixminion: design of a type III anonymous remailer protocol", in Proc. of IEEE Symposium on Security and Privacy, pp. 2-15, 2003.