Attacks on the Basic cMix Design: On the Necessity of Commitments and Randomized Partial Checking
Journal article, Peer reviewed
Accepted version
Åpne
Permanent lenke
http://hdl.handle.net/11250/2451080Utgivelsesdato
2017Metadata
Vis full innførselSamlinger
Sammendrag
The cMix scheme was proposed by Chaum et al. in 2016 as the first practical set of cryptographic protocols that offer sender-recipient unlinkability at scale. The claim was that the cMix is secure unless all nodes collude. We argue that their assertion does not hold for the basic description of cMix, and we sustain our statement by two different types of attacks: a tagging attack and an insider attack. For each one, we discuss the settings that make the attack feasible, and then possible countermeasures. By this, we highlight the necessity of implementing additional commitments or mechanisms that have only been mentioned as additional features.