Anonymity

Introduction
➢ Anonymity is derived from the Greek word meaning "without
a name" or "namelessness".

➢ In informal use, the term typically refers to a person, and

often means that the personal identity, or personally
identifiable information of that person is not known.

➢ The term "anonymous message" typically refers to message

over the network that does not carry any information about
its sender and its intended recipient.
 Introduction
➢ Anonymity means not having a name or other identifying
information associated with one's online activities -
email, phone number, full name, and other identifying
information.

➢ In other words, it is the ability to use the internet

without revealing one's identity.

➢ Anonymity on the Internet applies to any interaction a

user has on the Internet that protects his or her identity
from being shared with another user or with a third
party.
 Introduction
➢ Anonymity is a combination of both

Unidentifiability: Observers cannot identify any

Individual Agent.

Unlinkability: Observers cannot link an agent to a

specific message or action.
 Introduction
➢ Secrecy of-
❑ User’s Personal Information (Name, ID, credit card, etc)
❑ Transaction information (IP address, amount of data
send and received)
❑ Platform Information (OS, Browser, Cookies etc)

From -
o Outsiders
o Merchants
o Issuer
o All parties
 Uses of Anonymity
➢ Privacy-Preserving
❑ Avoid tracking by advertising companies
❑ Voting in election

➢ Security
❑ For commercial transactions (Business/E-Payments)
❑ Covert missions may require anonymous communication
(Military/ Intelligence)

➢ To prevent chilling-effects
❑ It’s easier to voice unpopular or controversial opinions if
you are anonymous
 Abuse of Anonymity

➢ In hostile environments, end-hosts may need hidden their

communications to against being captured.

➢ Illegal activities -
❑ Copyright Infringement
❑ Harassment
❑ Financial Scams
❑ Disclosure of Trade Secrets

➢ Sending Fake Mail

➢ In DoS Attack

For such cases, Law Enforcement Investigators need to

determine Criminals.
 Types of Anonymity
The following are the types of Anonymity:

1. Sender Anonymity

2. Recipient Anonymity

3. Relationship Anonymity
 Tools and Techniques
➢The popular Tools and Techniques are:

• Anonymizing Proxy
• Remailers
• Mix Networks
• Onion Routers
 Anonymizing Proxy
Suppose you are surfing the Web.
➢ You don’t want Web site to know your IP address
➢ Also, you don’t want your ISP to sniff your traffic.
➢ Possible Solution: Use Anonymizing Proxy
 Anonymizing Proxy
➢ An Anonymizer or Anonymizing Proxy is a tool that attempts
to make your internet activity untraceable.

➢ This is a proxy his server computer that acts as an intermediary

and privacy shield between the client computer and the rest of
the internet.

➢ It accesses the Internet on behalf of the user and protects the

user's private information by hiding the identity of the client
computer.
 Anonymizing Proxy
➢ There are many reasons to use an anonymizer, including
minimizing risk, preventing identity theft, and protecting your
search history from being exposed.

➢ With the expansion of targeted marketing on the Internet,

anonymization sites are also being used by people who want to
know objective information.

➢ For example, major news outlets such as CNN target

audiences according to geography, providing different
information to different populations.
 Anonymizing Proxy
➢ Websites such as YouTube take information about the last
video you watched on your computer and suggest
"recommended" videos accordingly, and much of online
targeted marketing shows ads based on your location.

➢ It is done by Anonymizers are used to avoid such targeting and

get a more objective view of information.

➢ Anonymous proxy signatures are useful for building reliable

anonymous systems.

➢ This can be used for anonymous voting and other

authentication processes that value anonymity.
 Protocol-Specific Anonymizers
➢ Anonymizers may be implemented to work only with one
specific protocol.
➢ The advantage is that no additional software is required.

Operations are as follows:

A connection to the anonymization device is established by the
user. Commands to the anonymizer are contained within regular
messages. The anonymizer then connects to the resource
specified in the received command and relays the message
stripped of the command.

➢ An example of a protocol-specific anonymizer is an email

anonymous remailer.
 Protocol-Independent Anonymizers
➢ We can achieve protocol independence by creating a
tunnel to an anonymizer.
➢ There are various technologies to achieve it.
➢ Protocols used by the anonymizer service may
include SOCKS, PPTP, or OpenVPN.
➢ In this case, the intended application must either
support the tunneling protocol or install software
that forces all connections through the tunnel.
➢ For example, web browsers, FTP, and IRC clients
often support SOCKS, unlike Telnet.
 Chaining Proxies
Features:
➢ Proxy Servers are chained, making it more difficult to trace which IPs
visited which servers.
➢ Anyone can contribute a Proxy Server (P2P).
➢ Open-Source, cannot have any backdoors.
 Remailers
➢ It enable users to send e-mail through their server so
that sender can not be traced.

➢ Remove all identifying information from e-mails

before forwarding them to their destination.

➢ Some known examples are:

o www.anonymailer.net
o Cypherpunk
o Mixmaster
 Anonymous Remailers
➢ Anonymous remailers send electronic messages without the
receiver Â’s knowing the sender Â’s identity.

➢ Example, if a cyber criminal wanted to send an anonymous

message to a target, instead of emailing the target directly, the
initiator could send the message to a remailer (an email
server), which strips off the identifying headers and forwards
the contents to the target.

➢ When the target receives the message from the perpetrator,

though he or she can see that it came via a remailer, he or she
cannot determine the actual sender.
Anonymous Remailers
 Mix Networks
➢ The basic functionality of a Mix Network is to provide sender anonymity,
i.e., the identity of the originator of a message is difficult or impossible to
discern for any given message delivered to any given recipient.

➢ A Mix Network can also provide receiver anonymity, i.e., the identity of
the intended recipient of a message is difficult or impossible to discern for
any given message originating from any given sender.

➢ A Mix Network consists of several interconnected stages depending on the

robustness of anonymity required.

➢ Each message is encrypted to each proxy using public-key cryptography.

Mix Networks
Mix Networks
 Mix Networks

Trust one Mix Server: The entire Mix-NET provides Anonymity.

Mix Networks
 Mix Networks

Example of a Mix Cascade consisting of Four Mixes

Mix Networks
 Onion Routing
➢ Onion Routing is a technique for Anonymous
Communication over a Computer Network.

➢ In an onion network, messages are encapsulated in

layers of encryption, analogous to layers of an onion.

➢ The onion router is a Peer-to-Peer (P2P) overlay

network that enables users to browse the internet
anonymously.
 Onion Routing
➢ Onion Routing uses multiple layers of encryption to
conceal both the source and destination of
information sent over the network.

➢ There is a large set of precautionary measures and

best practices to make web browsing safer and more
secure for users.

➢ It is designed so no one can monitor or censor online

communication.
 Onion Routing
➢ Similar to mix system with enhanced performance.
➢ Sender chooses a sequence of routers.
➢ It uses symmetric keys for relaying messages and
asymmetric keys to establish circuits in the system.
➢ Routing info for each link encrypted with router’s
public key.
➢ Each router learns only the identity of the next router.
 Features of Onion Routing
Encryption: Onion Routing encrypts each layer of data, making
it difficult for an attacker to intercept and decode the data.

Anonymity: Onion Routing provides anonymity by masking the

IP address of the sender and the receiver, making it difficult for
an attacker to identify them.

Hidden Services: Onion Routing can also be used to provide

hidden services, which allow websites and other services to be
hosted on the network without revealing their location or IP
address.
 Features of Onion Routing
Relays: Onion Routing uses a series of relays to route data
through the network, with each relay only aware of the previous
and next relays in the chain, adding another layer of anonymity.

Decentralized: Onion Routing is decentralized, with no central

authority or control over the network.

Resistance to Traffic Analysis: Onion Routing makes it difficult

for an attacker to analyze the traffic patterns and identify the
source and destination of the communication.
 Advantages of Onion Routing
Enhanced Security: Onion Routing provides enhanced security by encrypting data
multiple times and routing it through several servers, making it difficult for
attackers to intercept or tamper with the communication.

Anonymity: Onion Routing provides anonymity by masking the IP address of the

sender and the receiver, making it difficult for anyone to identify them.

Decentralized: Onion Routing is decentralized, with no central authority or

control over the network, making it more resilient to attacks.

Improved Network Performance: Onion Routing can improve network

performance by distributing traffic across multiple servers, reducing the load on
any one server and potentially reducing latency.

Cross-Platform Compatibility: Onion Routing is compatible with multiple

operating systems and devices, making it accessible to a wide range of users.
 Disadvantages of Onion Routing
Slow Performance: Onion Routing can result in slow performance due to the
multiple layers of encryption and the need to route data through several servers.

Malicious Use: Onion Routing can be used for malicious purposes, such as to
facilitate illegal activities, making it a target for law enforcement agencies.

Limited Quality of Service: Onion Routing can result in limited quality of service,
with slower connection speeds and reduced network capacity, which may not be
suitable for certain applications such as streaming or online gaming.

Resource Intensive: Onion Routing can be resource-intensive, requiring a large

number of servers to route data, which can result in high bandwidth usage and
increased costs.

Difficult to Debug: Debugging problems in onion routing networks can be difficult

due to the multiple layers of encryption and the decentralized nature of the
network.
Difference b/w Mix Networks & Onion Routing

Properties Mix Networks Onion Routing

Route unpredictability
Security from Mixing at Relays
(No Mixing)

Threat Model Global Adversary Non-Global Adversary

Low-Latency
Performance High-Latency

Example Used in E-mail Used in Web Browsing

Anonymity Forensics
 Conclusion

Anonymous Communication Systems

useful for privacy preservation , but can
be exploited by cybercriminals to
conduct illegal activities.
thank
you