Attacking and repairing the improved modonions protocol

Nikita Borisov, Marek Klonowski, Mirosław Kutyłowski, Anna Lauks-Dutka

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, we present a new class of attacks against an anonymous communication protocol, originally presented in ACNS 2008. The protocol itself was proposed as an improved version of ModOnions, which uses universal re-encryption in order to avoid replay attacks. However, ModOnions allowed the detour attack, introduced by Danezis to re-route ModOnions to attackers in such a way that the entire path is revealed. The ACNS 2008 proposal addressed this by using a more complicated key management scheme. The revised protocol is immune to detour attacks. We show, however, that the ModOnion construction is highly malleable and this property can be exploited in order to redirect ModOnions. Our attacks require detailed probing and are less efficient than the detour attack, but they can nevertheless recover the full onion path while avoiding detection and investigation. Motivated by this, we present a new modification to the ModOnion protocol that dramatically reduces the malleability of the encryption primitive. It addresses the class of attacks we present and it makes other attacks difficult to formulate.

Original languageEnglish (US)
Title of host publicationInformation Security and Cryptology - ICISC 2009 - 12th International Conference, Revised Selected Papers
Pages258-273
Number of pages16
DOIs
StatePublished - Jul 20 2010
Event12th International Conference on Information Security and Cryptology, ICISC 2009 - Seoul, Korea, Republic of
Duration: Dec 2 2009Dec 4 2009

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5984 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other12th International Conference on Information Security and Cryptology, ICISC 2009
CountryKorea, Republic of
CitySeoul
Period12/2/0912/4/09

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Attacking and repairing the improved modonions protocol'. Together they form a unique fingerprint.

  • Cite this

    Borisov, N., Klonowski, M., Kutyłowski, M., & Lauks-Dutka, A. (2010). Attacking and repairing the improved modonions protocol. In Information Security and Cryptology - ICISC 2009 - 12th International Conference, Revised Selected Papers (pp. 258-273). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5984 LNCS). https://doi.org/10.1007/978-3-642-14423-3_18