The cMix scheme was proposed by Chaum et al. in 2016 as the first practical set of cryptographic protocols that offer sender-recipient unlinkability at scale. The claim was that the cMix is secure unless all nodes collude. We argue that their assertion does not hold for the basic description of cMix, and we sustain our statement by two different types of attacks: a tagging attack and an insider attack. For each one, we discuss the settings that make the attack feasible, and then possible countermeasures. By this, we highlight the necessity of implementing additional commitments or mechanisms that have only been mentioned as additional features.
CITATION STYLE
Galteland, H., Mjølsnes, S. F., & Olimid, R. F. (2017). Attacks on the basic cmix design: On the necessity of commitments and randomized partial checking. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10311 LNCS, pp. 463–473). Springer Verlag. https://doi.org/10.1007/978-3-319-61273-7_22
Mendeley helps you to discover research relevant for your work.