You are here

Malice versus AN.ON: Possible Risks of Missing Replay and Integrity Protection

TitleMalice versus AN.ON: Possible Risks of Missing Replay and Integrity Protection
Publication TypeConference Paper
Year of Publication2011
AuthorsWestermann, B, Kesdogan, D
Conference NameFC'11 - Proceedings of Financial Cryptography and Data Security
Date Published02/2011
Conference LocationSt. Lucia
KeywordsAN.ON, anonymity network, integrity protection, replay protection
Abstract

In this paper we investigate the impact of missing replay protection as well as missing integrity protection concerning a local attacker in AN.ON. AN.ON is a low latency anonymity network mostly used to anonymize web traffic. We demonstrate that both protection mechanisms are important by presenting two attacks that become feasible as soon as the mechanisms are missing. We mount both attacks on the AN.ON network which neither implements replay protection nor integrity protection yet.

AttachmentSize
PDF icon FC'11 - Malice versus AN.ON_.pdf1016.47 KB