Check out the new USENIX Web site. next up previous
Next: Author Based Anonymity Tools Up: Related work Previous: Related work

Connection Based Anonymity Tools

The Anonymizer ( provides connection based anonymity by acting as a proxy for HTTP requests. An individual wishing to retrieve a Web page anonymously simply sends a request for that page to the Anonymizer. The Anonymizer then retrieves the page and sends it back to the individual that requested it. LPWA [9], now known as Proxymate, is an anonymizing proxy that also offers a feature that can automatically generate unique pseudonymous user names (with corresponding passwords) and email addresses that users can send to Web sites. Every time a user returns to a particular Web site, the same pseudonyms are generated. The functionality of the anonymizing proxy is very similar to that of the Anonymizer. Several anonymity tools have been developed around the concept of mix networks [5]. A mix network is a collection of routers, called mixes, that use a layered encryption technique to encode the path communications should take through the network. In addition, mix networks use other techniques such as buffering and message reordering to further obscure the correlation between messages entering and exiting the network. Onion Routing [18] is a system for anonymous and private Internet connections based on mix networks. An Onion Routing user creates a layered data structure called an onion that specifies the encryption algorithms and keys to be used as data is transported to the intended recipient. As the data passes through each onion router along the way, one layer of encryption is removed according to the recipe contained in the onion. The request arrives at the recipient in plain text, with only the IP address of the last onion-router on the path. An HTTP proxy has been developed that allows an individual to use the Onion Router to make anonymous HTTP requests. Crowds [19] is an anonymity system based on the idea that people can be anonymous when they blend into a crowd. As with mix networks, Crowds users need not trust a single third party in order to maintain their anonymity. Crowds users submit their requests through a crowd, a group of Web surfers running the Crowds software. Crowds users forward HTTP requests to a randomly-selected member of their Crowd. Neither the end server nor any of the crowd members can determine where the request originated. The main difference between a mix network and Crowds is in the way paths are determined and packets are encrypted. In mix networks, packets are encrypted according to a pre-determined path before they are submitted to the network; in Crowds, a path is configured as a request traverses the network and each crowd member encrypts the request for the next member on the path. Crowds also utilizes efficient symmetric ciphers and was designed to perform much better than mix-based solutions. The Freedom anonymity system ( provides an anonymous Internet connection that is similar to Onion Routing; however, it is implemented at the IP layer rather than the application level. Freedom supports several protocols including HTTP, SMTP, POP3, USENET and IRC. In addition Freedom allows the creation of pseudonyms that can be used when interacting with Web sites or other network users.
next up previous
Next: Author Based Anonymity Tools Up: Related work Previous: Related work
Avi Rubin