On collaborative anonymous communications in lossy networks

Authors

  • David Rebollo-Monedero,

    1. Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), Campus Nord, E-08034 Barcelona, Spain
    Search for more papers by this author
  • Jordi Forné,

    Corresponding author
    1. Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), Campus Nord, E-08034 Barcelona, Spain
    • Correspondence: Jordi Forné, Department of Telematics Engineering, Universitat Politécnica de Catalunya (UPC), Campus Nord, Módulo C3, C. Jordi Girona 1-3, E-08034 Barcelona, Spain.

      E-mail: jforne@entel.upc.edu

    Search for more papers by this author
  • Esteve Pallarès,

    1. Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), Campus Nord, E-08034 Barcelona, Spain
    Search for more papers by this author
  • Javier Parra-Arnau,

    1. Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), Campus Nord, E-08034 Barcelona, Spain
    Search for more papers by this author
  • Carolina Tripp,

    1. Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), Campus Nord, E-08034 Barcelona, Spain
    Search for more papers by this author
  • Luis Urquiza,

    1. Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), Campus Nord, E-08034 Barcelona, Spain
    Search for more papers by this author
  • Mónica Aguilar

    1. Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), Campus Nord, E-08034 Barcelona, Spain
    Search for more papers by this author

ABSTRACT

Message encryption does not prevent eavesdroppers from unveiling who is communicating with whom, when, or how frequently, a privacy risk wireless networks are particularly vulnerable to. The Crowds protocol, a well-established anonymous communication system, capitalizes on user collaboration to enforce sender anonymity. This work formulates a mathematical model of a Crowd-like protocol for anonymous communication in a lossy network, establishes quantifiable metrics of anonymity and quality of service (QoS), and theoretically characterizes the trade-off between them. The anonymity metric chosen follows the principle of measuring privacy as an attacker's estimation error. By introducing losses, we extend the applicability of the protocol beyond its original proposal. We quantify the intuition that anonymity comes at the expense of both delay and end-to-end losses. Aside from introducing losses in our model, another main difference with respect to the traditional Crowds is the focus on networks with stringent QoS requirements, for best effort anonymity, and the consequent elimination of the initial forwarding step. Beyond the mathematical solution, we illustrate a systematic methodology in our analysis of the protocol. This methodology includes a series of formal steps, from the establishment of quantifiable metrics all the way to the theoretical study of the privacy QoS trade-off. Copyright © 2013 John Wiley & Sons, Ltd.

Ancillary