Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [mixnets]

Mix networks are routing protocols that create hard-to-trace communications by using a chain of proxy servers known as mixes which take in messages from multiple senders, shuffle them, and send them back out in random order to the next destination (possibly another mix node). This breaks the link between the source of the request and the destination, making it harder for eavesdroppers to trace end-to-end communications.

Mix networks are routing protocols that create hard-to-trace communications by using a chain of proxy servers known as mixes which take in messages from multiple senders, shuffle them, and send them back out in random order to the next destination (possibly another mix node). This breaks the link between the source of the request and the destination, making it harder for eavesdroppers to trace end-to-end communications.

22 questions
8
votes
1 answer

Single Party Encryption, Multi Party Decryption

I am looking for an adequate protocol for public key decryption, which would allow $n$ parties to jointly decrypt a cipher text. The usage scenario for such a protocol would be a mixnet that wouldn't require the sender to know all mixes in advance.…
Henrick Hellström
  • 10,556
  • 1
  • 32
  • 59
7
votes
2 answers

Difference between mix networks and onion routing

From what I know, the two seems to be the same: Onion routing: Encryption is done in layers. Alice and server1 exchanges keys and she encrypts her message. Then, Alice and server2 exchanges keys and she encrypts again, creating layers of encryption.…
user153882
  • 507
  • 7
  • 18
6
votes
2 answers

Layered encryption in mixnets with post-quantum cryptography

I am trying to implement a mixnet using post-quantum public-key crypto. Each message may be encrypted by up to 10 levels of public keys, shuffled, before the layers of encryption are stripped off one by one. This is traditionally achievable in RSA,…
J. Doe
  • 93
  • 3
6
votes
1 answer

Is there a studied notion of "party independent transfer"?

I've been thinking about the following set-up involving three parties, Alice, Bob and Charlie: Bob and Charlie decide among themselves who is going to receive a bit from Alice (perhaps by a coin toss) Some protocol is then executed in which Alice…
Alex May
  • 161
  • 3
5
votes
2 answers

Current Status of mixnets for voting

I am currently doing some research on universally verifiable mixnets, but it seems to me that there are too few papers about them after 2006 or so and most of them come from the team of Douglas Winkstrom. Is this correct? Can anybody point me to…
Panagiotis Grontas
  • 863
  • 5
  • 15
5
votes
1 answer

How do mix networks work with server downtime?

I am looking for an analysis of practical mix networks with server downtime. For example, if a message is supposed to go from A -> B -> C -> D, what happens if B wants to send the message but C is offline temporarily? This could be a stop-and-go mix…
Some Guy
  • 153
  • 4
4
votes
1 answer

Why is the re-encryption algorithm in Universal Re-encryption for Mixnets more complicated than apparently necessary?

This is the paper. On page 6, the paper describes a variant of El Gamal and a way of re-encrypting ciphertexts. I thought an easier way to do encryption is to output $(m(g^x)^y,g^y)$, and universal re-encryption can be done by…
wlad
  • 1,259
  • 1
  • 13
  • 24
3
votes
0 answers

High-latency anonymous communication minimum delay?

High-latency anonymous communication (e.g. Mixmaster and Mixminion) delay messages for a long time using mixers to anonymous communications. I understand that it has applications for email and p2p but not for good for responsive applications such as…
user153882
  • 507
  • 7
  • 18
3
votes
1 answer

Do random numbers avoid replay attacks in Chaum's mixes?

So I've been visiting a security lecture at my university and they introduced the concept of Chaum's mixes to us and how replay attacks can compromise the anonymity granted by a mixnet. It is explained that by adding a random string to the…
prettybonsai
  • 31
  • 3
2
votes
1 answer

Is Bitmessage a Mix network?

I've read the Bitmessage whitepaper and I found it rather lacking on the details, but it promises anonymous routing. Can it be considered a variation on mix-networks, where each peer acts as a mix-node?
user11477
  • 21
  • 2
2
votes
0 answers

Efficient Zero Knowledge Proof for proving a reencryption shuffling for an arbitrary table

I have a problem where I have a table of various reencryptable/rerandomizable ciphertexts (Paillier, Elgamal, EC Additive Elgamal). Each row on a given table has the same structure, but each column potentially has its own cryptosystem. This…
Zarquan
  • 355
  • 1
  • 10
2
votes
1 answer

Can you derive the public key from a PGP encrypted message without knowing the message content?

I am working on a system to transfer short messages while obfuscating the intended recipient. In essence, it combines many messages encrypted using PGP, and periodically publishes a file containing those messages. The recipients would then download…
Electron-Capture
  • 21
  • 2
1
vote
0 answers

Difference between DCnet and mixnet in terms of forwarding anonymity?

It seems that with both anonymous communication protocols we can achieve some level of forwarding anonymity, however, is one protocol better than the other in this respect? It seems that they both offer the same level of anonymity with different…
John
  • 11
  • 1
1
vote
2 answers

Implementing commitments and challenges for a distributed ElGamal encryption scheme

I am trying to implement a distributed encryption system by having as a main source of information this book (Introduction to Cryptography by Delfs and Knebl) and this Internet article (More Mix than Net by Wood). I generate the following…
dearn44
  • 177
  • 4
1
vote
1 answer

Security proof of mix net

I am writing an exercise in cryptography about anonymous communication. One of the systems I have looked into is the mix net protocol. I want to prove that this is secure. I have seen many different ways of doing this, i.e. using a zero knowledge…
Ashild Damsgard
  • 11
  • 1
1
2