Attacks on the Basic cMix Design: On the Necessity of Commitments and Randomized Partial Checking
Journal article, Peer reviewed
Accepted version
View/ Open
Date
2017Metadata
Show full item recordCollections
Abstract
The cMix scheme was proposed by Chaum et al. in 2016 as the first practical set of cryptographic protocols that offer sender-recipient unlinkability at scale. The claim was that the cMix is secure unless all nodes collude. We argue that their assertion does not hold for the basic description of cMix, and we sustain our statement by two different types of attacks: a tagging attack and an insider attack. For each one, we discuss the settings that make the attack feasible, and then possible countermeasures. By this, we highlight the necessity of implementing additional commitments or mechanisms that have only been mentioned as additional features.