Abstract
This paper introduces weaknesses of two robust Mix-nets proposed in [10] and [7]. First, we show that [10] can lose anonymity in the presence of a malicious user even though all servers are honest. Second, we show that [7] can lose anonymity through the collaboration of a malicious user and the first server. The user can identify the plaintext sent from the targeted user by invoking two mix sessions at the risk of the colluding server receiving an accusation. We also point out that in a certain case, anonymity is violated solely by the user without colluding to any server. Practical repairs are provided for both schemes. Since such flaws are due to their weak security definitions, we present a stronger security definition by regarding a Mix-net as a batch decryption algorithm of a CCA secure public-key encryption scheme. © 2003 Springer-Verlag Berlin Heidelberg.
Cite
CITATION STYLE
Abe, M., & Imai, H. (2003). Flaws in some robust optimistic mix-nets. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2727 LNCS, pp. 39–50). https://doi.org/10.1007/3-540-45067-X_4
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
