Abstract - Security Symposium - 2000
Can Pseudonymity Really Guarantee Privacy?
Josyula R. Rao and Pankaj Rohatgi, IBM T.J. Watson Research Center
One of the core challenges facing the Internet today is the problem of
ensuring privacy for its users. It is believed that mechanisms such as
anonymity and pseudonymity are essential building blocks in
formulating solutions to address these challenges and considerable
effort has been devoted towards realizing these primitives in practice.
The focus of this effort, however, has mostly been on hiding explicit
identity information (such as source addresses) by employing a
combination of anonymizing proxies, cryptographic techniques to
distribute trust among them and traffic shaping techniques to
defeat traffic analysis. We claim that such approaches ignore a
significant amount of identifying information about the source that
leaks from the contents of web traffic itself. In this paper, we
demonstrate the significance and value of such information by showing
how techniques from linguistics and stylometry can use this
information to compromise pseudonymity in several important
settings. We discuss the severity of this problem and suggest possible
- View the full text of this paper in
HTML form, and
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.